Edit‑agnostic robustness evaluation reports for weight edits (InvarLock framework)
Project description
InvarLock — Edit‑agnostic robustness reports for weight edits
Quantizing, pruning, or otherwise editing a model’s weights can silently degrade quality. InvarLock compares an edited subject checkpoint against a fixed baseline with paired evaluation windows, enforces a guard pipeline (invariants → spectral → RMT → variance), and produces a machine‑readable Evaluation Report you can gate in CI.
Status: pre‑1.0. Until 1.0, minor releases may be breaking. See
CHANGELOG.md.
For guidance on where to ask questions, how to report bugs, and what to expect in terms of response times, see SUPPORT.md.
Why InvarLock?
- Quality gates for weight edits: catch regressions before deployment.
- Statistical guarantees: paired primary metrics with confidence intervals.
- Auditable evidence: deterministic pairing metadata + policy digests in
evaluation.report.json. - CI/CD-friendly: stable exit codes,
--jsonoutputs, and portable “proof packs”. - Offline-first: network is disabled by default; enable downloads per command.
Who is this for?
- ML engineers shipping quantized/pruned checkpoints.
- MLOps teams building CI quality gates and reviewable artifacts.
- Researchers validating compression/edit methods with reproducible, paired eval.
How it works
┌───────────────────────┐ ┌────────────────────────────────────────────┐
│ Baseline (checkpoint) │────►│ │
└───────────────────────┘ │ invarlock evaluate │
│ ├─► Paired windows (deterministic) │
┌───────────────────────┐ │ ├─► GuardChain pipeline │
│ Subject (checkpoint) │────►│ │ └─► invariants → spectral → RMT → VE │
└───────────────────────┘ │ └─► Emit: evaluation.report.json │
│ │
└────────────────────────────────────────────┘
│
┌───────────────┴───────────────┐
▼ ▼
✅ PASS ❌ FAIL
(ship) (rollback)
Quick start
Colab (CPU-friendly):
# HF adapter stack (torch/transformers)
pip install "invarlock[hf]"
# Version + report schema (when available)
invarlock --version
# Compare baseline vs subject (downloads require explicit network enable)
INVARLOCK_ALLOW_NETWORK=1 invarlock evaluate \
--baseline gpt2 \
--subject gpt2 \
--adapter auto \
--profile dev \
--quiet
# Validate the evaluation report
invarlock verify reports/eval/evaluation.report.json
# Render HTML for sharing
invarlock report html -i reports/eval/evaluation.report.json -o reports/eval/evaluation.html
Example output (abridged; counts vary by profile/config):
INVARLOCK v<version> · EVALUATE
Baseline: gpt2 -> Subject: gpt2 · Profile: dev
Status: PASS · Gates: <passed>/<total> passed
Primary metric ratio: <ratio>
Output: reports/eval/evaluation.report.json
Proof packs (portable evidence bundles)
Proof packs bundle reports + verification metadata into a distributable artifact.
- Guide: https://github.com/invarlock/invarlock/blob/main/docs/user-guide/proof-packs.md
- Verify:
scripts/proof_packs/verify_pack.sh --pack <dir> --strict(orPACK_STRICT_MODE=1 ...)
Note: configs/ and scripts/ are repo resources and are not shipped in wheels; clone the repo to use
presets and proof-pack helpers.
Installation
# Minimal CLI (no torch/transformers)
pip install invarlock
# HF workflows (torch/transformers)
pip install "invarlock[hf]"
Optional extras: invarlock[gpu], invarlock[awq,gptq]. Full setup: https://github.com/invarlock/invarlock/blob/main/docs/user-guide/getting-started.md.
Documentation
- Quickstart: https://github.com/invarlock/invarlock/blob/main/docs/user-guide/quickstart.md
- Compare & evaluate (BYOE): https://github.com/invarlock/invarlock/blob/main/docs/user-guide/compare-and-evaluate.md
- Reading a report: https://github.com/invarlock/invarlock/blob/main/docs/user-guide/reading-report.md
- CLI reference: https://github.com/invarlock/invarlock/blob/main/docs/reference/cli.md
- Assurance case: https://github.com/invarlock/invarlock/blob/main/docs/assurance/00-safety-case.md
- Threat model: https://github.com/invarlock/invarlock/blob/main/docs/security/threat-model.md
Community
- Questions/ideas: https://github.com/invarlock/invarlock/discussions
- Bug reports: https://github.com/invarlock/invarlock/issues
- Contact: mailto:support@invarlock.dev
Citation
If you use InvarLock in scientific work, please cite it (canonical metadata is in CITATION.cff):
@software{invarlock,
title = {InvarLock: Edit-agnostic robustness evaluation reports for weight edits},
author = {{InvarLock Maintainers}},
url = {https://github.com/invarlock/invarlock},
}
Limitations
- InvarLock evaluates an edited model relative to a baseline under a specific configuration; results are not “global” guarantees.
- Not a content-safety/alignment tool.
- Native Windows is not supported (use WSL2 or Linux).
Support matrix
| Platform | Status | Notes |
|---|---|---|
| Python 3.12+ | ✅ Required | |
| Linux | ✅ Full | Primary dev target |
| macOS (Intel/M-series) | ✅ Full | MPS supported (default on Apple Silicon) |
| Windows | ❌ Not supported | Use WSL2 or a Linux container if required |
| CUDA | ✅ Recommended | For larger models |
| CPU | ✅ Fallback | Slower but functional |
Contributing
- Contributing guide: https://github.com/invarlock/invarlock/blob/main/CONTRIBUTING.md
- Fast local checks (repo clone):
make dev-installmake testmake lint
License
Apache-2.0 — see LICENSE.
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file invarlock-0.3.8.tar.gz.
File metadata
- Download URL: invarlock-0.3.8.tar.gz
- Upload date:
- Size: 481.7 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.13.3
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
ce2e363ade5ccf8023f681316548472e8e1e4ede7d411e7fc8002378d7b7a98d
|
|
| MD5 |
d030f6e595fb3a41183492aa5b215cb0
|
|
| BLAKE2b-256 |
df8a92e778e3832ec5817d5bf2e19087b3fd2180008131e9f982fdf6d36bde5a
|
File details
Details for the file invarlock-0.3.8-py3-none-any.whl.
File metadata
- Download URL: invarlock-0.3.8-py3-none-any.whl
- Upload date:
- Size: 533.6 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.13.3
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
49125cc7a614db730bbe24fb1790f0b5eaa78b305bac8bacaa5371e22cfefe73
|
|
| MD5 |
aa0bf9e1536f752db55daa222675a4e0
|
|
| BLAKE2b-256 |
735dfbc1700df9a1f97bf043b566621fb1d2dd96ec689e94464ef7e0e853da6a
|
