Safetensors joins PyTorch Foundation for open governance

Safetensors graduating to a vendor-neutral foundation formally kills the unsafe Python pickle format for model distribution.

• –Transfers control from Hugging Face to the Linux Foundation, removing vendor lock-in concerns for enterprise adoption
• –Formalizes Safetensors as the industry standard for distributing open-weights models without arbitrary code execution risks
• –Unlocks deeper PyTorch optimizations, including device-aware loading and advanced quantization support
• –Current APIs and Hub compatibility remain completely unchanged for local inference users