Skip to main content

A security-first linter for machine learning training code.

Project description

lintML

The security linter for environments that shouldn't need linting.

Linters (and let's be honest with ourselves, any measures of code quality) have long been reserved for production environments. But we've increasingly seen that the most impactful machine learning attacks happen during training time. Traditional linters often rely on CI/CD pipelines or git commit hooks and are often opinionated on things like code formatting. However, many research projects never touch git until they are far down the path of productionization and researchers write some of the sloppiest code known to humankind (in the name of science). So how can we arm researchers with quick sanity checks for their research code? lintML.

Philosophy

lintML is a simple python script (backed by dockerized security tools) that can give researchers and security teams some quick insight into potential risk in machine learning research projects. It checks for valid, plaintext credentials and uses static analysis to identify risky code patterns.

Things we check for:

(today)

  1. Plaintext credentials.
  2. Unsafe deserialization.
  3. Serialization to unsafe formats.
  4. Using untrustworthy assets.

(WIP)

  1. Training without augmentation.
  2. Evidence of insecure services.

Things we don't check for:

  • Formatting

Many linters measure quality by the breadth of rules, leading to complicated CI/CD configurations where we're ignoring their flashing lights. With a linter for research and machine learning training code, we want to be high signal/low noise. Every rule represents a real exploitable vulnerability that you should seriously consider engineering around to preserve the integrity of your research. lintML shouldn't distract you from getting stuff done. Ideally, most times when you run lintML, you'll have no alerts. :thumbsup:

Compatibility

Currently lintML is focused on .py and .ipynb files (based solely on the author's personal preferences). TruffleHog supported both of these natively, but lintML uses nbconvert under the hood to support Semgrep on .ipynb.

Foundations

The checks in lintML are powered by TruffleHog and Semgrep. Since lintML wraps these tools in their docker containers, the first execution may take longer as those containers are initially pulled.

lintML uses Apache Avro for data serialization to support fast operations and evolving schemas.

Getting Started

  1. pip install lintML
  2. lintML <your directory> -- If you don't specify a directory, lintML will default to the current working directory.

When run from the CLI, lintML will return a summary report.

  1. To get a more detailed report, use the --full-report argument (lintML <your directory> --full-report). Results are also persisted in .avro for later analysis and manipulation in your favorite data analysis tools.
  2. The cli also exposes optional arguments for --semgrep-options and --outfile. For instance, lintML --semgrep-options "--config 'p/python' --config 'p/trailofbits'" --outfile obs/obs1.avro ~/example

Requirements

Requirements are listed in poetry.lock, but the most notable requirement is the ability to build and run docker containers.

Contributing

To immediately contribute security outcomes, consider contributing new rules to TruffleHog and/or Semgrep (and letting us know so we can import them).

Please also report any false positives or negatives to help us fine-tune rules or create new ones.

To add a new security tool to lintML, simply write an async function that returns Observations. PRs welcome.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

lintml-0.0.5.tar.gz (24.1 kB view details)

Uploaded Source

Built Distribution

lintml-0.0.5-py3-none-any.whl (29.3 kB view details)

Uploaded Python 3

File details

Details for the file lintml-0.0.5.tar.gz.

File metadata

  • Download URL: lintml-0.0.5.tar.gz
  • Upload date:
  • Size: 24.1 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/4.0.2 CPython/3.11.5

File hashes

Hashes for lintml-0.0.5.tar.gz
Algorithm Hash digest
SHA256 696092ff415217bf0277df285b94798ddc59ec8ee2624ff156881728504449f3
MD5 ffb4b1224b9402b643f9ac74fc019519
BLAKE2b-256 636f6eb3feb94a152b6ff3dea8ccde18463857c595b4cfe71357e912033046e9

See more details on using hashes here.

File details

Details for the file lintml-0.0.5-py3-none-any.whl.

File metadata

  • Download URL: lintml-0.0.5-py3-none-any.whl
  • Upload date:
  • Size: 29.3 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/4.0.2 CPython/3.11.5

File hashes

Hashes for lintml-0.0.5-py3-none-any.whl
Algorithm Hash digest
SHA256 e2a6a65ae2865322004d3c624a0db38e0ddf026f48b1241ddbb839ec7575c15b
MD5 1610c43dfba824e6c42414a4313b8c6c
BLAKE2b-256 8336fb4fa8398ca486abcb04302e8ae4fa959bdb6f1c52a965d910027948bb9a

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page