I recently uploaded a ZIP file to my dataset repository containing only .jpg image files and .json view hierarchy files. However, after the upload, I encountered a “pickle scan error” message. I believe this error is being triggered incorrectly, as there are no Python serialized pickle objects in the ZIP file.
The file appears to be uploaded correctly, but I’m concerned that the error may confuse users who want to download and use this dataset.
1 Like
I think all binaries except the safetensors file are treated as pickle…
In any case, false positives do happen sometimes; if it’s treated as unsafe, it’s a false positive. If it’s treated as unsafe, then it’s a false positive, otherwise it’s just a failure to check.