fix(security): replace pickle-based torch.save/load with safetensors

[gomezzz]

Summary

• Replace all torch.save/torch.load(weights_only=False) with safetensors to eliminate arbitrary code execution risk from pickle deserialization
• New checkpoint_io.py module handles all checkpoint serialization: tensors in safetensors binary format, metadata as JSON in the header
• No legacy .pth/.pkl loading retained — all torch.load calls removed entirely
• Convert test_model.pth fixture to test_model.safetensors

Security

The safetensors format stores only raw tensor bytes and plain JSON strings — no pickle, no arbitrary object deserialization, no code execution possible. The _checkpoint_object_hook restores enum values via name lookup only (not eval/exec).

Test plan

• 14 new unit tests for checkpoint_io.py (round-trips, optimizer state, security)
• Updated fitsbolt config persistence integration tests (10/10 pass)
• Updated model IO integration tests
• All 287+ tests pass (failures are pre-existing Jupyter widget issues)

[github-actions]

Coverage Report

File	Stmts	Miss	Cover	Missing
__init__.py	8	0	100%
data_io
SessionIOHandler.py	326	41	87%	111, 128–129, 173–174, 184–185, 215–216, 282–283, 286, 326–328, 370, 388–390, 455, 530, 553, 567–568, 570–571, 573–575, 719–724, 738, 742–743, 747–749
checkpoint_io.py	148	25	83%	68, 74, 76, 78, 95–109, 120, 122, 161, 182, 228, 281
find_images_in_folder.py	21	0	100%
load_images.py	91	28	69%	51–53, 58–60, 81, 93, 110, 140–147, 150, 156–157, 189, 248, 256, 277, 285, 292–294
metadata_handler.py	80	8	90%	70–71, 117, 122–123, 170–172
save_config.py	33	3	90%	92–94
datasets
AnomalyDetectionDataset.py	248	39	84%	126–127, 356, 362–363, 365, 369, 371–372, 374, 395–396, 398, 404–405, 409, 422–423, 484–485, 491–496, 498–499, 503–506, 508–510, 512–514, 525
BasicDataset.py	52	4	92%	59, 61, 97, 103
Label.py	5	0	100%
SSL_Dataset.py	68	3	95%	136, 139, 209
__init__.py	0	0	100%
data_utils.py	56	2	96%	80, 199
datasets/augmentation
randaugment.py	92	11	88%	222, 225–226, 245, 328–330, 332–335
randaugment_multispectral.py	77	23	70%	77–79, 92–93, 120–121, 148–149, 166, 170, 174, 248, 253, 270–272, 274–277, 280–281
image_processing
transforms.py	57	3	94%	46–47, 76
models
FixMatch.py	214	29	86%	108, 201–202, 217, 222, 254, 281–282, 285, 288–290, 293, 301, 306–307, 366, 404, 430–434, 495, 497–498, 502, 519–520
pipeline
SessionTracker.py	122	3	97%	127, 219–220
session.py	535	85	84%	131–134, 384–387, 432, 445, 597, 654, 656–657, 665, 668, 679, 687, 717, 721, 725–726, 730, 735–736, 743, 747–748, 760, 770–771, 773, 777, 791–792, 794–796, 798, 801–802, 860–861, 863–866, 868–872, 878, 884, 889–893, 895, 903, 906–907, 923, 964–965, 971–972, 976–978, 980, 1005, 1031, 1065–1066, 1074, 1085, 1093, 1097, 1101, 1106, 1109, 1153, 1156
utils
accuracy.py	13	0	100%
consistency_loss.py	18	0	100%
create_model_string.py	4	0	100%
cross_entropy_loss.py	9	0	100%
cutana_stream_utils.py	70	9	87%	64–65, 88, 108, 118–122
get_cosine_schedule_with_warmup.py	11	1	90%	39
get_default_cfg.py	61	0	100%
get_net_builder.py	49	7	85%	81–82, 89, 92, 146–147, 151
get_optimizer.py	21	2	90%	54, 58
print_cfg.py	45	4	91%	89, 95, 117, 119
set_log_level.py	15	0	100%
set_seeds.py	13	2	84%	25–26
validate_config.py	131	11	91%	180, 199, 214, 228, 244, 248, 264, 290, 379–381
TOTAL	2693	343	87%

Tests	Skipped	Failures	Errors	Time
375	0 💤	0 ❌	0 🔥	1m 0s ⏱️

[giusgal]

It seems like this function is not used anymore (session.py only uses save_model)

[gomezzz]

Good catch. Removed both save_model_checkpoint and load_model_checkpoint — neither had production callers (session.py only uses save_model/load_model). Also removed their tests and vulture whitelist entries. See adcf233.