- Today
- Holidays
- Birthdays
- Reminders
- Cities
- Atlanta
- Austin
- Baltimore
- Berwyn
- Beverly Hills
- Birmingham
- Boston
- Brooklyn
- Buffalo
- Charlotte
- Chicago
- Cincinnati
- Cleveland
- Columbus
- Dallas
- Denver
- Detroit
- Fort Worth
- Houston
- Indianapolis
- Knoxville
- Las Vegas
- Los Angeles
- Louisville
- Madison
- Memphis
- Miami
- Milwaukee
- Minneapolis
- Nashville
- New Orleans
- New York
- Omaha
- Orlando
- Philadelphia
- Phoenix
- Pittsburgh
- Portland
- Raleigh
- Richmond
- Rutherford
- Sacramento
- Salt Lake City
- San Antonio
- San Diego
- San Francisco
- San Jose
- Seattle
- Tampa
- Tucson
- Washington
PyTorch Foundation Welcomes Safetensors as Newest Open Source Project
Safetensors joins the PyTorch ecosystem to enhance security and performance of AI model distribution.
Apr. 8, 2026 at 7:29am
Got story updates? Submit your updates here. ›
The PyTorch Foundation's embrace of Safetensors signals a new era of secure and scalable open source AI model distribution.San Jose TodayThe PyTorch Foundation, a community-driven hub for open source AI under the Linux Foundation, has announced that Safetensors has joined the Foundation as its newest foundation-hosted project. Safetensors, contributed by Hugging Face, helps prevent arbitrary code execution risks and improves model performance across multi-GPU and multi-node deployments, addressing growing technical needs of the AI era.
Why it matters
As AI model development accelerates, security risks in the production pipeline inherently increase, necessitating secure, high-performance formats that can keep pace with deployment. Safetensors joining the PyTorch Foundation minimizes security risks associated with model architectures and execution, providing developers with a trusted path to production.
The details
Safetensors has become one of the most widely adopted tensor serialization formats in the open source machine learning ecosystem. In previous pickle formats, opportunities existed for developers, or bad actors, to execute arbitrary, untrusted code within model files when shared. Acting as a table of contents for an AI model's data, Safetensors prevents arbitrary code execution and is now one of the most widely used metadata formats for model distribution.
- Safetensors has joined the PyTorch Foundation in April 2026.
The players
PyTorch Foundation
A community-driven hub supporting the open source PyTorch framework and a broader portfolio of innovative open source AI projects, hosted by the Linux Foundation.
Safetensors
A tensor serialization format contributed by Hugging Face that prevents arbitrary code execution risks and enhances model performance across multi-GPU and multi-node deployments.
Hugging Face
The company that developed and maintains the Safetensors project.
Mark Collier
Executive Director of the PyTorch Foundation.
Luc Georges
Co-Maintainer of Safetensors.
Lysandre Debut
Chief Open Source Officer at Hugging Face.
Matt White
Global CTO of AI at the Linux Foundation and CTO of the PyTorch Foundation.
What they’re saying
“Safetensors' contribution to the PyTorch Foundation is an important step towards scaling production-grade AI models. Safetensors ensures secure model distribution and de-risks code execution, all while offering significant speed across complex computing architectures. For security, Safetensors is a crucial piece of the open source AI stack that will drive fast, secure, and technically advanced AI.”
— Mark Collier, Executive Director of the PyTorch Foundation
“Safetensors joining the PyTorch Foundation is an important step towards using a safe serialization format everywhere by default. The new ecosystem and exposure the library will gain from this move will solidify its security guarantees and usability. Safetensors is a well-established project, adopted by the ecosystem at large, but we're still convinced we're at the very beginning of its lifecycle: the coming months will see significant growth, and we couldn't think of a better home for that next chapter than the PyTorch Foundation.”
— Luc Georges, Co-Maintainer, Safetensors
“Safetensors joining the PyTorch Foundation promises safer, more interoperable packaging for model artifacts. The project has become a de facto standard for open-weight model distribution by halting risk associated with arbitrary code execution while also supporting fast, practical loading workflows. Together with Helion, these contributions to the Foundation solidify the technical future for open source AI.”
— Matt White, Global CTO of AI at the Linux Foundation and CTO of the PyTorch Foundation
What’s next
Developers and contributors interested in participating in the PyTorch project ecosystem are encouraged to join the community at upcoming events like PyTorch Conference China (Shanghai, September 8-9) and PyTorch Conference North America (San Jose, October 20-21).
The takeaway
The addition of Safetensors to the PyTorch Foundation represents a significant step forward in securing the open source AI ecosystem, ensuring safe and high-performance model distribution as AI development continues to accelerate.
San Jose top stories
San Jose events
Apr. 8, 2026
San Jose Sharks vs. Edmonton Oilers
Apr. 8, 2026
Mal Hall
Apr. 9, 2026
Anthony Jeselnik