fix(llama-lora): force safetensors for HF base and PEFT adapter loads to avoid torch.load CVE; update TinyLlama load too

api.py

@@ -513,6 +513,7 @@ try:
     llm_model = AutoModelForCausalLM.from_pretrained(
         model_name,
         torch_dtype=torch.float16,
+        use_safetensors=True,
         # Removing options that require accelerate package
         # device_map="auto",
         # load_in_8bit=True
@@ -806,7 +807,7 @@ def load_hf_base_and_tokenizer(base_id: str, tok_id: str = None):
         hf_base_models[base_id] = AutoModelForCausalLM.from_pretrained(
             base_id,
             torch_dtype=_preferred_dtype(),
-            use_safetensors=False,
+            use_safetensors=True,
         ).to(device)
     return hf_tokenizers[tok_key], hf_base_models[base_id]
 
@@ -821,9 +822,15 @@ def load_hf_lora_model(base_id: str, adapter_id: str):
     base = AutoModelForCausalLM.from_pretrained(
         base_id,
         torch_dtype=_preferred_dtype(),
-        use_safetensors=False,
+        use_safetensors=True,
     ).to(device)
-    lora_model = PeftModel.from_pretrained(base, adapter_id).eval().to(device)
+    # Prefer safetensors for adapter weights to avoid torch.load vulnerability
+    try:
+        lora_model = PeftModel.from_pretrained(base, adapter_id, use_safetensors=True)
+    except TypeError:
+        # Older PEFT versions may not support use_safetensors flag
+        lora_model = PeftModel.from_pretrained(base, adapter_id)
+    lora_model = lora_model.eval().to(device)
     hf_lora_models[key] = lora_model
     return lora_model