kernels/pr_463/en/_app/immutable/nodes/9.249fbc3e.js

import{s as ye,n as $e,o as we}from"../chunks/scheduler.f3b1e791.js";import{S as Me,i as xe,e as a,s as l,c as o,h as ve,a as r,d as i,b as s,f as be,g as u,j as f,k as ge,l as Te,m as n,n as d,t as p,o as m,p as c}from"../chunks/index.023a9934.js";import{C as ke}from"../chunks/CopyLLMTxtMenu.1f02c0cb.js";import{C as je}from"../chunks/CodeBlock.480185e2.js";import{H as q,E as Ce}from"../chunks/MermaidChart.svelte_svelte_type_style_lang.eae8da11.js";function _e(ae){let h,Z,P,z,b,A,g,B,y,X,$,re=`As a kernel builder, you provide code that might be run on thousands or
even millions of machines. This comes with the responsibility of ensuring
no malicious code is distributed.`,E,w,oe=`Below, we provide guidelines to help avoid common attack vectors. These
are <em>in addition to</em> common-sense security practices, such as keeping
your credentials/tokens safe, being vigilant against machine compromise,
and doing proper code reviews.`,G,M,W,x,ue=`The Hugging Face Hub allows users to submit pull requests to your
repositories. <strong>Never</strong> merge a pull request that contains a <code>build/</code>
directory. The binaries inside the <code>build/</code> directory might be compromised
even when the source code looks fine. When a pull request includes
<code>build/</code>, ask the submitter to re-submit it without builds. Build the
kernel on your own trusted infrastructure after the PR is merged.`,Y,v,de=`When a PR does not contain build outputs and is ready to review, <em>carefully</em>
review every changed line, also taking security into account. Even if the
PR is from a trusted party, review it as if their credentials might have
been compromised.`,O,T,R,k,pe=`If possible, do builds on a dedicated build machine/VM that is only used
for sandboxed builds (non-macOS kernel-builder builds are sandboxed as
well). Specialized machines are less likely to be compromised, especially
when they are accessed with a hardware-stored SSH key that requires user
interaction.`,D,j,F,C,me=`Reproducible builds are very helpful to verify that no malicious code has
slipped into a kernel. If a kernel build is reproducible, then anyone can
rebuild a kernel and verify the binaries match the distributed binaries.
Full reproducibility is a goal we are working toward in <code>kernel-builder</code>.`,Q,_,ce=`However, this also requires assistance from the kernel builder. This section
describes what you need to do to make reproducible builds possible.`,V,J,K,N,he=`Nix can be used with sandboxing disabled to support systems that do not
support sandboxing (e.g. Linux systems that are configured to disable
mount/network namespaces). <strong>Never</strong> build kernels with sandboxing disabled.
Not only can this cause stray system dependencies to be picked up, but
it can also cause other impurities to slip into the build, making it
impossible to reproduce the build. You can verify that sandboxing is enabled
using <code>nix-info</code>:`,ee,S,te,L,ie,H,fe=`Before building a kernel, ensure that all changes are committed. This
makes it possible to reproduce a build from exactly the same source code.
We bake the git shorthash into the ops name, so that it is clear from
which git hash a kernel was built.`,ne,I,le,U,se;return b=new ke({props:{containerStyle:"float: right; margin-left: 10px; display: inline-flex; position: relative; z-index: 10;"}}),g=new q({props:{title:"Security",local:"security",headingTag:"h1"}}),y=new q({props:{title:"Introduction",local:"introduction",headingTag:"h2"}}),M=new q({props:{title:"Handling pull requests",local:"handling-pull-requests",headingTag:"h2"}}),T=new q({props:{title:"Build hygiene",local:"build-hygiene",headingTag:"h2"}}),j=new q({props:{title:"Supporting reproducibility",local:"supporting-reproducibility",headingTag:"h2"}}),J=new q({props:{title:"Only build kernels with Nix sandboxing enabled.",local:"only-build-kernels-with-nix-sandboxing-enabled",headingTag:"h3"}}),S=new je({props:{code:"JTI0JTIwbml4LXNoZWxsJTIwLXAlMjBuaXgtaW5mbyUyMC0tcnVuJTIwJTIybml4LWluZm8lMjAtbSUyMiUwQSUyMC0lMjBzeXN0ZW0lM0ElMjAlNjAlMjJ4ODZfNjQtbGludXglMjIlNjAlMEElMjAtJTIwaG9zdCUyMG9zJTNBJTIwJTYwTGludXglMjA2LjEyLjM5JTJDJTIwTml4T1MlMkMlMjAyNS4xMSUyMChYYW50dXNpYSklMkMlMjAyNS4xMS4yMDI1MDcyMy4xNzQ0ZjNkJTYwJTBBJTIwLSUyMG11bHRpLXVzZXIlM0YlM0ElMjAlNjB5ZXMlNjAlMEElMjAtJTIwc2FuZGJveCUzQSUyMCU2MHllcyU2MCUwQSUyMC0lMjB2ZXJzaW9uJTNBJTIwJTYwbml4LWVudiUyMChOaXgpJTIwMi4yOC40JTYwJTBBJTIwLSUyMG5peHBrZ3MlM0ElMjAlNjAlMkZuaXglMkZzdG9yZSUyRmZxd2MzZ2hpNXFmZG16a2xwd3NzYmFteGNxajF2Z2wzLXNvdXJjZSU2MA==",highlighted:'$ nix-shell -p nix-info --run <span class="hljs-string">&quot;nix-info -m&quot;</span>\n - system: `<span class="hljs-string">&quot;x86_64-linux&quot;</span>`\n - host os: `Linux 6.12.39, NixOS, 25.11 (Xantusia), 25.11.20250723.1744f3d`\n - multi-user?: `<span class="hljs-built_in">yes</span>`\n - sandbox: `<span class="hljs-built_in">yes</span>`\n - version: `nix-env (Nix) 2.28.4`\n - nixpkgs: `/nix/store/fqwc3ghi5qfdmzklpwssbamxcqj1vgl3-<span class="hljs-built_in">source</span>`',wrap:!1}}),L=new q({props:{title:"Do not build from dirty Git trees",local:"do-not-build-from-dirty-git-trees",headingTag:"h3"}}),I=new Ce({props:{source:"https://github.com/huggingface/kernels/blob/main/docs/source/builder/security.md"}}),{c(){h=a("meta"),Z=l(),P=a("p"),z=l(),o(b.$$.fragment),A=l(),o(g.$$.fragment),B=l(),o(y.$$.fragment),X=l(),$=a("p"),$.textContent=re,E=l(),w=a("p"),w.innerHTML=oe,G=l(),o(M.$$.fragment),W=l(),x=a("p"),x.innerHTML=ue,Y=l(),v=a("p"),v.innerHTML=de,O=l(),o(T.$$.fragment),R=l(),k=a("p"),k.textContent=pe,D=l(),o(j.$$.fragment),F=l(),C=a("p"),C.innerHTML=me,Q=l(),_=a("p"),_.textContent=ce,V=l(),o(J.$$.fragment),K=l(),N=a("p"),N.innerHTML=he,ee=l(),o(S.$$.fragment),te=l(),o(L.$$.fragment),ie=l(),H=a("p"),H.textContent=fe,ne=l(),o(I.$$.fragment),le=l(),U=a("p"),this.h()},l(e){const t=ve("svelte-u9bgzb",document.head);h=r(t,"META",{name:!0,content:!0}),t.forEach(i),Z=s(e),P=r(e,"P",{}),be(P).forEach(i),z=s(e),u(b.$$.fragment,e),A=s(e),u(g.$$.fragment,e),B=s(e),u(y.$$.fragment,e),X=s(e),$=r(e,"P",{"data-svelte-h":!0}),f($)!=="svelte-n02llg"&&($.textContent=re),E=s(e),w=r(e,"P",{"data-svelte-h":!0}),f(w)!=="svelte-qvl8v1"&&(w.innerHTML=oe),G=s(e),u(M.$$.fragment,e),W=s(e),x=r(e,"P",{"data-svelte-h":!0}),f(x)!=="svelte-gf7zn2"&&(x.innerHTML=ue),Y=s(e),v=r(e,"P",{"data-svelte-h":!0}),f(v)!=="svelte-1t5wsl8"&&(v.innerHTML=de),O=s(e),u(T.$$.fragment,e),R=s(e),k=r(e,"P",{"data-svelte-h":!0}),f(k)!=="svelte-1lq4bpe"&&(k.textContent=pe),D=s(e),u(j.$$.fragment,e),F=s(e),C=r(e,"P",{"data-svelte-h":!0}),f(C)!=="svelte-1ee5iya"&&(C.innerHTML=me),Q=s(e),_=r(e,"P",{"data-svelte-h":!0}),f(_)!=="svelte-1yfo4tn"&&(_.textContent=ce),V=s(e),u(J.$$.fragment,e),K=s(e),N=r(e,"P",{"data-svelte-h":!0}),f(N)!=="svelte-cvhztp"&&(N.innerHTML=he),ee=s(e),u(S.$$.fragment,e),te=s(e),u(L.$$.fragment,e),ie=s(e),H=r(e,"P",{"data-svelte-h":!0}),f(H)!=="svelte-cyta3c"&&(H.textContent=fe),ne=s(e),u(I.$$.fragment,e),le=s(e),U=r(e,"P",{}),be(U).forEach(i),this.h()},h(){ge(h,"name","hf:doc:metadata"),ge(h,"content",Je)},m(e,t){Te(document.head,h),n(e,Z,t),n(e,P,t),n(e,z,t),d(b,e,t),n(e,A,t),d(g,e,t),n(e,B,t),d(y,e,t),n(e,X,t),n(e,$,t),n(e,E,t),n(e,w,t),n(e,G,t),d(M,e,t),n(e,W,t),n(e,x,t),n(e,Y,t),n(e,v,t),n(e,O,t),d(T,e,t),n(e,R,t),n(e,k,t),n(e,D,t),d(j,e,t),n(e,F,t),n(e,C,t),n(e,Q,t),n(e,_,t),n(e,V,t),d(J,e,t),n(e,K,t),n(e,N,t),n(e,ee,t),d(S,e,t),n(e,te,t),d(L,e,t),n(e,ie,t),n(e,H,t),n(e,ne,t),d(I,e,t),n(e,le,t),n(e,U,t),se=!0},p:$e,i(e){se||(p(b.$$.fragment,e),p(g.$$.fragment,e),p(y.$$.fragment,e),p(M.$$.fragment,e),p(T.$$.fragment,e),p(j.$$.fragment,e),p(J.$$.fragment,e),p(S.$$.fragment,e),p(L.$$.fragment,e),p(I.$$.fragment,e),se=!0)},o(e){m(b.$$.fragment,e),m(g.$$.fragment,e),m(y.$$.fragment,e),m(M.$$.fragment,e),m(T.$$.fragment,e),m(j.$$.fragment,e),m(J.$$.fragment,e),m(S.$$.fragment,e),m(L.$$.fragment,e),m(I.$$.fragment,e),se=!1},d(e){e&&(i(Z),i(P),i(z),i(A),i(B),i(X),i($),i(E),i(w),i(G),i(W),i(x),i(Y),i(v),i(O),i(R),i(k),i(D),i(F),i(C),i(Q),i(_),i(V),i(K),i(N),i(ee),i(te),i(ie),i(H),i(ne),i(le),i(U)),i(h),c(b,e),c(g,e),c(y,e),c(M,e),c(T,e),c(j,e),c(J,e),c(S,e),c(L,e),c(I,e)}}}const Je='{"title":"Security","local":"security","sections":[{"title":"Introduction","local":"introduction","sections":[],"depth":2},{"title":"Handling pull requests","local":"handling-pull-requests","sections":[],"depth":2},{"title":"Build hygiene","local":"build-hygiene","sections":[],"depth":2},{"title":"Supporting reproducibility","local":"supporting-reproducibility","sections":[{"title":"Only build kernels with Nix sandboxing enabled.","local":"only-build-kernels-with-nix-sandboxing-enabled","sections":[],"depth":3},{"title":"Do not build from dirty Git trees","local":"do-not-build-from-dirty-git-trees","sections":[],"depth":3}],"depth":2}],"depth":1}';function Ne(ae){return we(()=>{new URLSearchParams(window.location.search).get("fw")}),[]}class Pe extends Me{constructor(h){super(),xe(this,h,Ne,_e,ye,{})}}export{Pe as component};