Merge branch 'master' into mlx

Author: fchollet

.github/workflows/actions.yml

@@ -49,6 +49,7 @@ jobs:
         run: |
           pip install -r requirements.txt --progress-bar off --upgrade
           pip uninstall -y keras keras-nightly
+          pip install tf_keras==2.16.0rc0 --progress-bar off --upgrade
           pip install -e "." --progress-bar off --upgrade
       - name: Test applications with pytest
         if: ${{ steps.filter.outputs.applications == 'true' }}
@@ -62,11 +63,13 @@ jobs:
           env_vars: PYTHON,KERAS_HOME
           flags: keras.applications,keras.applications-${{ matrix.backend }}
           files: apps-coverage.xml
+          token: ${{ secrets.CODECOV_TOKEN }}
           fail_ci_if_error: false
       - name: Test integrations
         if: ${{ matrix.backend != 'numpy'}}
         run: |
           python integration_tests/import_test.py
+          python integration_tests/numerical_test.py
       - name: Test TF-specific integrations
         if: ${{ matrix.backend == 'tensorflow'}}
         run: |
@@ -85,6 +88,7 @@ jobs:
           env_vars: PYTHON,KERAS_HOME
           flags: keras,keras-${{ matrix.backend }}
           files: core-coverage.xml
+          token: ${{ secrets.CODECOV_TOKEN }}
           fail_ci_if_error: false
 
   format:

.github/workflows/labeler.yaml

@@ -0,0 +1,42 @@
+# Copyright 2024 Google LLC. All Rights Reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+
+# This workflow automatically identifies issues and pull requests (PRs) and add the 
+# appropriate label as per defined rules.
+# First Labeler workflow: It searches for the keyword "Gemma" (case-insensitive) in both the title 
+# and description of the issue/PR. If a match is found, the workflow adds the label 'Gemma' to the issue/PR.
+
+name: 'Labeler'
+on:
+  issues:
+    types: [edited,opened]
+  pull_request_target:
+    types: [opened, edited]
+
+permissions:
+  contents: read
+  issues: write
+  pull-requests: write
+
+jobs:
+  welcome:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/github-script@v7
+        with:
+          script: |
+            const script = require('./\.github/workflows/scripts/labeler.js')
+            script({github, context})

.github/workflows/scorecard.yml

@@ -56,6 +56,6 @@ jobs:
 
       # Upload the results to GitHub's code scanning dashboard.
       - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@e8893c57a1f3a2b659b6b55564fdfdbbd2982911 # v3.24.0
+        uses: github/codeql-action/upload-sarif@1b1aada464948af03b950897e5eb522f92603cc2 # v3.24.9
         with:
           sarif_file: results.sarif

.github/workflows/scripts/labeler.js

@@ -0,0 +1,49 @@
+/*
+Copyright 2024 Google LLC. All Rights Reserved.
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+     http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+*/
+
+
+/**
+ * Invoked from labeler.yaml file to add
+ * label 'Gemma' to the issue and PR for which have gemma keyword present.
+ * @param {!Object.<string,!Object>} github contains pre defined functions.
+ *  context Information about the workflow run.
+ */
+
+module.exports = async ({ github, context }) => {
+    const issue_title = context.payload.issue ?  context.payload.issue.title : context.payload.pull_request.title
+    const issue_discription = context.payload.issue ? context.payload.issue.body : context.payload.pull_request.body
+    const issue_number = context.payload.issue ? context.payload.issue.number : context.payload.pull_request.number
+    const keyword_label =  {
+         gemma:'Gemma'
+    }
+    const labelsToAdd = []
+    console.log(issue_title,issue_discription,issue_number)
+    
+    for(const [keyword, label] of Object.entries(keyword_label)){
+     if(issue_title.toLowerCase().indexOf(keyword) !=-1 || issue_discription.toLowerCase().indexOf(keyword) !=-1 ){
+        console.log(`'${keyword}'keyword is present inside the title or description. Pushing label '${label}' to row.`)
+        labelsToAdd.push(label)
+    }
+   }
+   if(labelsToAdd.length > 0){
+    console.log(`Adding labels ${labelsToAdd} to the issue '#${issue_number}'.`)
+     github.rest.issues.addLabels({
+        owner: context.repo.owner,
+        repo: context.repo.repo,
+        issue_number: context.issue.number,
+        labels: labelsToAdd
+     })
+   }
+};

.kokoro/github/ubuntu/gpu/build.sh

@@ -26,7 +26,7 @@ pip install -U psutil
 if [ "$KERAS_BACKEND" == "tensorflow" ]
 then
    echo "TensorFlow backend detected."
-   pip install -r requirements-tensorflow-cuda.txt --progress-bar off
+   pip install -r requirements-tensorflow-cuda.txt --progress-bar off --timeout 1000
    pip uninstall -y keras keras-nightly
    echo "Check that TensorFlow uses GPU"
    python3 -c 'import tensorflow as tf;print(tf.__version__);print(tf.config.list_physical_devices("GPU"))'
@@ -42,7 +42,7 @@ fi
 if [ "$KERAS_BACKEND" == "jax" ]
 then
    echo "JAX backend detected."
-   pip install -r requirements-jax-cuda.txt --progress-bar off
+   pip install -r requirements-jax-cuda.txt --progress-bar off --timeout 1000
    pip uninstall -y keras keras-nightly
    python3 -c 'import jax;print(jax.__version__);print(jax.default_backend())'
    # Raise error if GPU is not detected.
@@ -62,7 +62,7 @@ fi
 if [ "$KERAS_BACKEND" == "torch" ]
 then
    echo "PyTorch backend detected."
-   pip install -r requirements-torch-cuda.txt --progress-bar off
+   pip install -r requirements-torch-cuda.txt --progress-bar off --timeout 1000
    pip uninstall -y keras keras-nightly
    python3 -c 'import torch;print(torch.__version__);print(torch.cuda.is_available())'
    # Raise error if GPU is not detected.

README.md

@@ -1,6 +1,17 @@
 # Keras 3: Deep Learning for Humans
 
-Keras 3 is a multi-backend deep learning framework, with support for TensorFlow, JAX, and PyTorch.
+Keras 3 is a multi-backend deep learning framework, with support for JAX, TensorFlow, and PyTorch.
+Effortlessly build and train models for computer vision, natural language processing, audio processing,
+timeseries forecasting, recommender systems, etc.
+
+- **Accelerated model development**: Ship deep learning solutions faster thanks to the high-level UX of Keras
+and the availability of easy-to-debug runtimes like PyTorch or JAX eager execution.
+- **State-of-the-art performance**: By picking the backend that is the fastest for your model architecture (often JAX!),
+leverage speedups ranging from 20% to 350% compared to other frameworks. [Benchmark here](https://keras.io/getting_started/benchmarks/).
+- **Datacenter-scale training**: Scale confidently from your laptop to large clusters of GPUs or TPUs.
+
+Join nearly three million developers, from burgeoning startups to global enterprises, in harnessing the power of Keras 3.
+
 
 ## Installation
 

SECURITY.md

@@ -1,5 +1,66 @@
 # Security Policy
 
+ - [**Using Keras Securely**](#using-keras-securely)
+   - [Untrusted inputs](#untrusted-inputs)
+   - [Data privacy](#data-privacy)
+   - [Untrusted environments or networks](#untrusted-environments-or-networks)
+   - [Multi-Tenant environments](#multi-tenant-environments)
+ - [**Reporting a Vulnerability**](#reporting-a-vulnerability)
+
+## Using Keras Securely
+
+### Untrusted inputs
+
+Some models accept various input formats (text, images, audio, etc.). The libraries converting these inputs have varying security levels, so it's crucial to isolate the model and carefully pre-process inputs to mitigate script injection risks.
+
+For maximum security when handling untrusted inputs, you may need to employ the following:
+
+* Sandboxing: Isolate the model process.
+* Pre-analysis: check how the model performs by default when exposed to prompt injection (e.g. using [fuzzing for prompt injection](https://github.com/FonduAI/awesome-prompt-injection?tab=readme-ov-file#tools)). This will give you leads on how hard you will have to work on the next topics.
+* Updates: Keep your model and libraries updated with the latest security patches.
+* Input Sanitation: Before feeding data to the model, sanitize inputs rigorously. This involves techniques such as:
+    * Validation: Enforce strict rules on allowed characters and data types.
+    * Filtering: Remove potentially malicious scripts or code fragments.
+    * Encoding: Convert special characters into safe representations.
+    * Verification: Run tooling that identifies potential script injections (e.g. [models that detect prompt injection attempts](https://python.langchain.com/docs/guides/safety/hugging_face_prompt_injection)). 
+
+### Data privacy
+To protect sensitive data from potential leaks or unauthorized access, it is essential to sandbox the model execution. This means running the model in a secure, isolated environment, which helps mitigate many attack vectors.
+
+When training the model with sensitive data, expose your newly-trained model to tests to identify potential sensitive data leaks.
+
+### Untrusted environments or networks
+
+If you can't run your models in a secure and isolated environment or if it must be exposed to an untrusted network, make sure to take the following security precautions:
+* Confirm the hash of  any downloaded artifact (i.e. pre-trained model weights) matches a known-good value
+* Encrypt your data while sending it over the network.
+
+### Multi-Tenant environments
+
+If you intend to run multiple models in parallel with shared memory, it is your responsibility to ensure the models do not interact or access each other's data. The primary areas of concern are tenant isolation, resource allocation, model sharing and hardware attacks.
+
+#### Tenant Isolation
+
+You must make sure that models run separately. Since models can run code, it's important to use strong isolation methods to prevent unwanted access to the data from other tenants.
+
+Separating networks is also a big part of isolation. If you keep model network traffic separate, you not only prevent unauthorized access to data or models, but also prevent malicious users or tenants sending graphs to execute under another tenant’s identity.
+
+#### Resource Allocation
+
+A denial of service caused by one model can impact the overall system health. Implement safeguards like rate limits, access controls, and health monitoring.
+
+#### Model Sharing
+
+In a multitenant design that allows sharing models, make sure that tenants and users fully understand the potential security risks involved. They must be aware that they will essentially be running code provided by other users. Unfortunately, there are no reliable methods available to detect malicious models, graphs, or checkpoints. To mitigate this risk, the recommended approach is to sandbox the model execution, effectively isolating it from the rest of the system.
+
+#### Hardware Attacks
+
+Besides the virtual environment, the hardware (GPUs or TPUs) can also be attacked. [Research](https://scholar.google.com/scholar?q=gpu+side+channel) has shown that side channel attacks on GPUs are possible, which can make data leak from other models or processes running on the same system at the same time.
+
+## Reporting a Vulnerability
+
+Beware that none of the topics under [Using Keras Securely](#using-Keras-securely) are considered vulnerabilities of Keras.
+
 If you have discovered a security vulnerability in this project, please report it
 privately. **Do not disclose it as a public issue.** This gives us time to work with you
 to fix the issue before public exposure, reducing the chance that the exploit will be

guides/custom_train_step_in_jax.py

@@ -277,7 +277,7 @@ def metrics(self):
 outputs = keras.layers.Dense(1)(inputs)
 model = CustomModel(inputs, outputs)
 
-# We don't passs a loss or metrics here.
+# We don't pass a loss or metrics here.
 model.compile(optimizer="adam")
 
 # Just use `fit` as usual -- you can use callbacks, etc.

guides/custom_train_step_in_tensorflow.py

@@ -189,7 +189,7 @@ def metrics(self):
 outputs = keras.layers.Dense(1)(inputs)
 model = CustomModel(inputs, outputs)
 
-# We don't passs a loss or metrics here.
+# We don't pass a loss or metrics here.
 model.compile(optimizer="adam")
 
 # Just use `fit` as usual -- you can use callbacks, etc.

guides/custom_train_step_in_torch.py

@@ -204,7 +204,7 @@ def metrics(self):
 outputs = keras.layers.Dense(1)(inputs)
 model = CustomModel(inputs, outputs)
 
-# We don't passs a loss or metrics here.
+# We don't pass a loss or metrics here.
 model.compile(optimizer="adam")
 
 # Just use `fit` as usual -- you can use callbacks, etc.