Skip to content

Harden PyTorch random scalar input validation#3234

Open
FlorianPfaff wants to merge 2 commits into
mainfrom
fix-pytorch-scalar-array-random-size-20260627
Open

Harden PyTorch random scalar input validation#3234
FlorianPfaff wants to merge 2 commits into
mainfrom
fix-pytorch-scalar-array-random-size-20260627

Conversation

@FlorianPfaff

@FlorianPfaff FlorianPfaff commented Jun 27, 2026

Copy link
Copy Markdown
Owner

Summary

  • accept zero-dimensional NumPy integer arrays and scalar PyTorch integer tensors as size dimensions in PyTorch random samplers
  • reject zero-dimensional boolean and floating-point array/tensor sizes with the backend's standard size validation error
  • validate random.choice(..., p=...) before casting probabilities so complex probabilities are rejected instead of silently truncated
  • add PyTorch backend regression coverage for scalar array/tensor size inputs and complex choice probabilities

Testing

  • Not run as a full repository pytest suite here; the repository could not be cloned in this environment due DNS resolution for github.com.
  • Performed standalone validation of the changed helper paths for accepted/rejected scalar sizes and complex choice probabilities.

@github-actions

github-actions Bot commented Jun 27, 2026

Copy link
Copy Markdown
Contributor

MegaLinter analysis: Success

Descriptor Linter Files Fixed Errors Warnings Elapsed time
✅ COPYPASTE jscpd yes no no 47.07s
✅ JSON prettier 7 0 0 0 0.8s
✅ JSON v8r 7 0 0 4.48s
✅ MARKDOWN markdownlint 68 0 0 0 1.37s
✅ MARKDOWN markdown-table-formatter 68 0 0 0 0.72s
✅ PYTHON black 1051 51 0 0 45.26s
✅ PYTHON isort 1051 73 0 0 3.53s
✅ REPOSITORY checkov yes no no 40.87s
✅ REPOSITORY gitleaks yes no no 7.33s
✅ REPOSITORY git_diff yes no no 0.17s
✅ REPOSITORY secretlint yes no no 23.59s
✅ REPOSITORY syft yes no no 4.02s
✅ REPOSITORY trivy-sbom yes no no 4.7s
✅ REPOSITORY trufflehog yes no no 19.55s
✅ YAML prettier 11 0 0 0 0.57s
✅ YAML v8r 11 0 0 8.32s
✅ YAML yamllint 11 0 0 0.36s

Notices

📣 MegaLinter 9.5.0 is out! Discover the new features and security recommendations in the release announcement. (Skip this info by defining SECURITY_SUGGESTIONS: false)

See detailed reports in MegaLinter artifacts

Your project could benefit from a custom flavor, which would allow you to run only the linters you need, and thus improve runtime performances. (Skip this info by defining FLAVOR_SUGGESTIONS: false)

  • Documentation: Custom Flavors
  • Command: npx mega-linter-runner@9.5.0 --custom-flavor-setup --custom-flavor-linters PYTHON_BLACK,PYTHON_ISORT,COPYPASTE_JSCPD,JSON_V8R,JSON_PRETTIER,MARKDOWN_MARKDOWNLINT,MARKDOWN_MARKDOWN_TABLE_FORMATTER,REPOSITORY_CHECKOV,REPOSITORY_GIT_DIFF,REPOSITORY_GITLEAKS,REPOSITORY_SECRETLINT,REPOSITORY_SYFT,REPOSITORY_TRIVY_SBOM,REPOSITORY_TRUFFLEHOG,YAML_PRETTIER,YAML_YAMLLINT,YAML_V8R

MegaLinter is graciously provided by OX Security
Show us your support by starring ⭐ the repository

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@FlorianPfaff