Skip to content

Refactor dependencies for 'core-only' installation #1539

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
ryanleary wants to merge 2 commits into from
Closed

Refactor dependencies for 'core-only' installation #1539

ryanleary wants to merge 2 commits into from

Conversation

@ryanleary
Copy link

@ryanleary ryanleary commented Dec 19, 2025

Add Minimal Dependency Installation Support

What

Enables pip install garak to install only core dependencies for plugin discovery and config validation. Full dependencies for running scans require pip install garak[full].

Why

Users who only need to list probes or validate configs shouldn't need to install torch, transformers, and 40+ other heavy packages.

Changes

  • pyproject.toml: Core deps (colorama, pyyaml, xdg-base-dirs, jinja2) as base; heavy deps moved to [full] extra
  • Lazy imports: Deferred nltk, langdetect, requests, httpx, aiohttp to avoid import-time failures
  • garak/discovery.py (new): Lightweight API for list_probes(), validate_config(), etc.
  • CLI guards: Helpful error when attempting scans without full install

Testing

# 1. Minimal install - discovery works
python -m venv test_env && source test_env/bin/activate
pip install .
python -c "from garak.discovery import list_probes; print(len(list_probes()), 'probes')"

# 2. Scan attempt shows helpful error
python -m garak --target_type test --target_name Test
# Expected: ImportError with "pip install garak[full]" hint

# 3. Full install - scans work
pip install ".[full]"
python -m garak --target_type test --target_name Test --probes test.Blank

# 4. Existing tests pass
pip install ".[full,tests]" && pytest tests/

Breaking Change

pip install garak now installs minimal deps. Use pip install garak[full] for previous behavior.

@ryanleary
Enhance dependency management and lazy loading in garak
992a79d 
- Added core dependencies for minimal installation in `pyproject.toml` and `requirements.txt`.
- Introduced lazy loading for the NLTK module to optimize initialization.
- Implemented checks for full installation requirements in plugin loading and CLI commands.
- Updated README to clarify installation options for full and minimal setups.
@ryanleary
Refactor NLTK module import for lazy loading
920dfac 
- Implemented a lazy loading mechanism for the NLTK module to improve performance.
- Updated the `_initialize_words` function to utilize the new lazy loading approach.
- Moved the import of `langdetect` to the `is_meaning_string` function to reduce initial load time.
@github-actions
Copy link
Contributor

github-actions bot commented Dec 19, 2025

DCO Assistant Lite bot:
Thank you for your submission, we really appreciate it. Like many open-source projects, we ask that you sign our Developer Certificate of Origin before we can accept your contribution. You can sign the DCO by just posting a Pull Request Comment same as the below format.

I have read the DCO Document and I hereby sign the DCO

You can retrigger this bot by commenting recheck in this Pull Request

@ryanleary
Copy link
Author

ryanleary commented Dec 19, 2025

@parkanzky @leondz fyi

@jmartin-tech
Copy link
Collaborator

jmartin-tech commented Dec 19, 2025

There is already a different path for this #1475.

@github-actions github-actions bot locked and limited conversation to collaborators Dec 19, 2025
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@ryanleary @jmartin-tech