Ml ops

[samingbar]

What was changed

I added two ML Ops examples. One is simpler, and demonstrates how to create a durable training job. The other demonstrates a more realistic and complex hyperparamater optimization algorithm, showing how Temporal can be used to save GPU costs, build reproducible research, and reduce the manual overhead of babysitting runs.

Why?

The world simply needs to know about this. Temproal for ML Ops cannot remain a secret any longer. Today is the day everything starts to change

Checklist

??

1. Closes

2. How was this tested:
   What is our typical testing bar? Hyperparameter optimization has been tested over dozens of runs using six different small language models and three different sample datasets. The durable training package has undergone less extensive testing, but is a component of the HPO system.

3. Any docs updates needed?
   I don't think so, but guides are included in the docs folder with both samples

[CLAassistant]

Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you all sign our Contributor License Agreement before we can accept your contribution.
0 out of 2 committers have signed the CLA.

❌ “Sam
❌ rross

---

“Sam seems not to be a GitHub user. You need a GitHub account to be able to sign the CLA. If you have already a GitHub account, please add the email address used for this commit to your account.
_{You have signed the CLA already but the status is still pending? Let us recheck it.}

[cdavisafc]

Hi @samingbar. Thanks for this PR!

A few requests to start please:

• this PR inadvertently includes the Google Gemini recipe that @rross already has a PR on, can you please remove that from this PR?
• This PR also adds some file into the agents directory, in particular, a resources subdirectory. I don't think that belongs there?
• And you you please rebase on main? We merged a bunch of PRs early this week and would love not to have to do the rebase as a part of the review/merge.

Those cleanups will make it easier to review and we'll then continue it. Thanks.

[samingbar]

Hey Cornelia, Let me double check, I did this between flights at the airport. It’s possible I made a mistake. Best, Sam

…

On Sat, Jan 24, 2026 at 12:01 AM Cornelia Davis ***@***.***> wrote: ***@***.**** requested changes on this pull request. Hi @samingbar <https://github.com/samingbar>. Thanks for this PR! A few requests to start please: - this PR inadvertently includes the Google Gemini recipe that @rross <https://github.com/rross> already has a PR on, can you please remove that from this PR? - This PR also adds some file into the agents directory, in particular, a resources subdirectory. I don't think that belongs there? - And you you please rebase on main? We merged a bunch of PRs early this week and would love not to have to do the rebase as a part of the review/merge. Those cleanups will make it easier to review and we'll then continue it. Thanks. — Reply to this email directly, view it on GitHub <#39 (review)>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/BXXZJGRQUOOUMIXIWD4QYWT4IIZTNAVCNFSM6AAAAACSTYIMYSVHI2DSMVQWIX3LMV43YUDVNRWFEZLROVSXG5CSMV3GSZLXHMZTMOJXHE3DINZSGM> . You are receiving this because you were mentioned.Message ID: ***@***.***>

-- ENDLESS OPPORTUNITY: A PIT STOP TO YOUR FUTURE | Get your ticket today! <https://replay.temporal.io>

[semgrep-managed-scans]

High severity and reachable issue identified in your code:
Line 106 has a vulnerable usage of protobuf, introducing a high severity vulnerability.

ℹ️ Why this is reachable

A reachable issue is a real security risk because your project actually executes the vulnerable code. This issue is reachable because your code uses a certain version of protobuf.
Affected versions of protobuf are vulnerable to Uncontrolled Recursion. A denial-of-service vulnerability in the Python protobuf library's JSON parser allows deeply nested google.protobuf.Any messages to bypass the configured max_recursion_depth in json_format.ParseDict. Because the internal Any-handling logic does not update the recursion counter, an attacker supplying a JSON payload with repeatedly nested Any messages can exhaust Python's recursion stack (raising RecursionError) instead of a controlled ParseError, potentially crashing or disrupting services that parse untrusted JSON.

References: GHSA, CVE

To resolve this comment:
Upgrade this dependency to at least version 6.33.5 at foundations/claim_check_pattern_python/uv.lock.

💬 Ignore this finding

To ignore this, reply with:

• /fp <comment> for false positive
• /ar <comment> for acceptable risk
• /other <comment> for all other reasons

_{You can view more details on this finding in the Semgrep AppSec Platform here.}