FEAT: Make safe serialization the default one

[younesbelkada]

What does this PR do?

As per title, to be in line with the current efforts in the OSS ecosystem let's also make in PEFT safe serialization the default behaviour

Adapted the tests and added some regression tests!

cc @BenjaminBossan @pacman100

[younesbelkada]

This change in necessary as now in transformers we don't save anymore pytorch-model.bin but the safetensors model

[HuggingFaceDocBuilderDev]

The documentation is not available anymore as the PR was closed or merged.

[BenjaminBossan]

No full review yet, but some general questions:

1. Do we want to do a deprecation/future warning cycle before making safetensors the default? How was it done in transformers?
2. Do we want to run _test_save_pretrained twice, once with safetensors, once with pytorch?

[younesbelkada]

Thanks @BenjaminBossan !

1. not sure how they did it in transformers, let me double check that

2. Do we want to run _test_save_pretrained twice, once with safetensors, once with pytorch?

Yes this is what I did in the PR, I kept test_save_pretrained as is and replaced the expected file names with safetensors file names and added a new test to check if one calls save_pretrained with safe_serialization=False it leads to the same behavior as we had before this PR

[BenjaminBossan]

I kept test_save_pretrained as is and replaced the expected file names with safetensors file names and added a new test to check if one calls save_pretrained with safe_serialization=False it leads to the same behavior as we had before this PR

Oh I see. I wonder if _test_save_pretrained could not be changed slightly so that it takes an argument use_safetensors or something like that which can be parameterized. Then the same test can be re-used without duplicating it whole.

I think the new test is not quite a regression test, as regression testing would require the model to be persisted with one PEFT version and loaded with another PEFT version. I think we should really try to advance #995, which adds regression tests which would also help cover this case.

[younesbelkada]

I prefer to not pass safe_serialization=safe_serialization in save_pretrained to test the native behaviour, let me know if this makes sense

[BenjaminBossan]

You mean the default behavior? I think it's okay either way.

[younesbelkada]

yes sorry I meant the default behaviour

[younesbelkada]

We are post the patch release now and merged this branch with main, this PR is ready for another review!

[HuggingFaceDocBuilderDev]

The documentation is not available anymore as the PR was closed or merged.

[pacman100]

Thank you @younesbelkada for making safetensors the default format for saving the adapter weights 🔐! This makes it safe by avoiding the risk of random code execution cases when using pickled format.

[BenjaminBossan]

Thanks for making the switch and adjusting the tests. I think we can merge now, although I would imagine some users will be surprised that their code suddenly produces safetensors. We should put a big note about this on the release notes once we publish the next version.