Project-MONAI
diff --git a/‎SECURITY.md‎
Lines changed: 18 additions & 0 deletions b/‎SECURITY.md‎
Lines changed: 18 additions & 0 deletions
diff --git a/‎docs/requirements.txt‎
Lines changed: 1 addition & 1 deletion b/‎docs/requirements.txt‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎monai/apps/auto3dseg/auto_runner.py‎
Lines changed: 9 additions & 0 deletions b/‎monai/apps/auto3dseg/auto_runner.py‎
Lines changed: 9 additions & 0 deletions
diff --git a/‎monai/data/decathlon_datalist.py‎
Lines changed: 41 additions & 6 deletions b/‎monai/data/decathlon_datalist.py‎
Lines changed: 41 additions & 6 deletions
diff --git a/‎monai/inferers/inferer.py‎
Lines changed: 13 additions & 3 deletions b/‎monai/inferers/inferer.py‎
Lines changed: 13 additions & 3 deletions
diff --git a/‎monai/networks/blocks/fcn.py‎
Lines changed: 3 additions & 1 deletion b/‎monai/networks/blocks/fcn.py‎
Lines changed: 3 additions & 1 deletion
diff --git a/‎monai/networks/nets/diffusion_model_unet.py‎
Lines changed: 8 additions & 1 deletion b/‎monai/networks/nets/diffusion_model_unet.py‎
Lines changed: 8 additions & 1 deletion
diff --git a/‎monai/networks/nets/milmodel.py‎
Lines changed: 3 additions & 4 deletions b/‎monai/networks/nets/milmodel.py‎
Lines changed: 3 additions & 4 deletions
diff --git a/‎monai/networks/nets/torchvision_fc.py‎
Lines changed: 5 additions & 6 deletions b/‎monai/networks/nets/torchvision_fc.py‎
Lines changed: 5 additions & 6 deletions
diff --git a/‎monai/transforms/intensity/dictionary.py‎
Lines changed: 1 addition & 1 deletion b/‎monai/transforms/intensity/dictionary.py‎
Lines changed: 1 addition & 1 deletion
@@ -0,0 +1,18 @@
+# Security Policy
+
+## Reporting a Vulnerability
+MONAI takes security seriously and appreciate your efforts to responsibly disclose vulnerabilities. If you discover a security issue, please report it as soon as possible.
+
+To report a security issue:
+* please use the GitHub Security Advisories tab to "[Open a draft security advisory](https://github.com/Project-MONAI/MONAI/security/advisories/new)".
+* Include a detailed description of the issue, steps to reproduce, potential impact, and any possible mitigations.
+* If applicable, please also attach proof-of-concept code or screenshots.
+* We aim to acknowledge your report within 72 hours and provide a status update as we investigate.
+* Please do not create public issues for security-related reports.
+
+## Disclosure Policy
+* We follow a coordinated disclosure approach.
+* We will not publicly disclose vulnerabilities until a fix has been developed and released.
+* Credit will be given to researchers who responsibly disclose vulnerabilities, if requested.
+## Acknowledgements
+We greatly appreciate contributions from the security community and strive to recognize all researchers who help keep MONAI safe.
@@ -40,6 +40,6 @@ onnx>=1.13.0
 onnxruntime; python_version <= '3.10'
 zarr
 huggingface_hub
-pyamg>=5.0.0
+pyamg>=5.0.0, <5.3.0
 packaging
 polygraphy
@@ -194,6 +194,15 @@ class AutoRunner:
             ├── segresnet2d_0       # network scripts/configs/checkpoints and pickle object of the algo
             └── swinunetr_0         # network scripts/configs/checkpoints and pickle object of the algo
 
+
+        The input config requires at least the following keys:
+            - ``modality``: the modality of the data, e.g. "ct", "mri", etc.
+            - ``datalist``: the path to the datalist file in JSON format.
+            - ``dataroot``: the root directory of the data files.
+
+        For the datalist file format, see the description under :py:func:`monai.data.load_decathlon_datalist`.
+        Note that the AutoRunner will use the "validation" key in the datalist file if it exists, otherwise
+        it will do cross-validation, by default with five folds (this is hardcoded).
     """
 
     analyze_params: dict | None
 
@@ -92,8 +92,42 @@ def load_decathlon_datalist(
 ) -> list[dict]:
     """Load image/label paths of decathlon challenge from JSON file
 
-    Json file is similar to what you get from http://medicaldecathlon.com/
-    Those dataset.json files
+    JSON file should follow the format of the Medical Segmentation Decathlon
+    datalist.json files, see http://medicaldecathlon.com.
+    The files are structured as follows:
+
+    .. code-block:: python
+
+        {
+            "metadata_key_0": "metadata_value_0",
+            "metadata_key_1": "metadata_value_1",
+            ...,
+            "training": [
+                {"image": "path/to/image_1.nii.gz", "label": "path/to/label_1.nii.gz"},
+                {"image": "path/to/image_2.nii.gz", "label": "path/to/label_2.nii.gz"},
+                ...
+            ],
+            "test": [
+                "path/to/image_3.nii.gz",
+                "path/to/image_4.nii.gz",
+                ...
+            ]
+        }
+
+
+    The metadata keys are optional for loading the datalist, but include:
+        - some string items: ``name``, ``description``, ``reference``, ``licence``, ``release``, ``tensorImageSize``
+        - two dict items: ``modality`` (keyed by channel index), and ``labels`` (keyed by label index)
+        - and two integer items: ``numTraining`` and ``numTest``, with the number of items.
+
+    The ``training`` key contains a list of dictionaries, each of which has at least
+    the ``image`` and ``label`` keys.
+    The image and label are loaded by :py:func:`monai.transforms.LoadImaged`, so both can be either
+    a single file path or a list of file paths, in which case they are loaded as multi-channel images.
+    Each item can also include a ``fold`` key for cross-validation purposes.
+    The "test" key contains a list of image paths, without labels, MONAI also supports a "validation" list
+    with the same format as the "training" list.
+
 
     Args:
         data_list_file_path: the path to the json file of datalist.
@@ -107,11 +141,11 @@ def load_decathlon_datalist(
 
     Returns a list of data items, each of which is a dict keyed by element names, for example:
 
-    .. code-block::
+    .. code-block:: python
 
         [
-            {'image': '/workspace/data/chest_19.nii.gz',  'label': 0},
-            {'image': '/workspace/data/chest_31.nii.gz',  'label': 1}
+            {'image': '/workspace/data/chest_19.nii.gz',  'label': '/workspace/labels/chest_19.nii.gz'},
+            {'image': '/workspace/data/chest_31.nii.gz',  'label': '/workspace/labels/chest_31.nii.gz'},
         ]
 
     """
@@ -134,7 +168,8 @@ def load_decathlon_datalist(
 
 
 def load_decathlon_properties(data_property_file_path: PathLike, property_keys: Sequence[str] | str) -> dict:
-    """Load the properties from the JSON file contains data property with specified `property_keys`.
+    """Extract the properties with the specified keys from the Decathlon JSON file.
+    See under `load_decathlon_datalist` for the expected keys in the Decathlon challenge.
 
     Args:
         data_property_file_path: the path to the JSON file of data properties.
 
@@ -916,6 +916,7 @@ def sample(
         verbose: bool = True,
         seg: torch.Tensor | None = None,
         cfg: float | None = None,
+        cfg_fill_value: float = -1.0,
     ) -> torch.Tensor | tuple[torch.Tensor, list[torch.Tensor]]:
         """
         Args:
@@ -929,6 +930,7 @@ def sample(
             verbose: if true, prints the progression bar of the sampling process.
             seg: if diffusion model is instance of SPADEDiffusionModel, segmentation must be provided.
             cfg: classifier-free-guidance scale, which indicates the level of strengthening on the conditioning.
+            cfg_fill_value: the fill value to use for the unconditioned input when using classifier-free guidance.
         """
         if mode not in ["crossattn", "concat"]:
             raise NotImplementedError(f"{mode} condition is not supported")
@@ -961,7 +963,7 @@ def sample(
                 model_input = torch.cat([image] * 2, dim=0)
                 if conditioning is not None:
                     uncondition = torch.ones_like(conditioning)
-                    uncondition.fill_(-1)
+                    uncondition.fill_(cfg_fill_value)
                     conditioning_input = torch.cat([uncondition, conditioning], dim=0)
                 else:
                     conditioning_input = None
@@ -1261,6 +1263,7 @@ def sample(  # type: ignore[override]
         verbose: bool = True,
         seg: torch.Tensor | None = None,
         cfg: float | None = None,
+        cfg_fill_value: float = -1.0,
     ) -> torch.Tensor | tuple[torch.Tensor, list[torch.Tensor]]:
         """
         Args:
@@ -1276,6 +1279,7 @@ def sample(  # type: ignore[override]
             seg: if diffusion model is instance of SPADEDiffusionModel, or autoencoder_model
              is instance of SPADEAutoencoderKL, segmentation must be provided.
             cfg: classifier-free-guidance scale, which indicates the level of strengthening on the conditioning.
+            cfg_fill_value: the fill value to use for the unconditioned input when using classifier-free guidance.
         """
 
         if (
@@ -1300,6 +1304,7 @@ def sample(  # type: ignore[override]
             verbose=verbose,
             seg=seg,
             cfg=cfg,
+            cfg_fill_value=cfg_fill_value,
         )
 
         if save_intermediates:
@@ -1479,6 +1484,7 @@ def sample(  # type: ignore[override]
         verbose: bool = True,
         seg: torch.Tensor | None = None,
         cfg: float | None = None,
+        cfg_fill_value: float = -1.0,
     ) -> torch.Tensor | tuple[torch.Tensor, list[torch.Tensor]]:
         """
         Args:
@@ -1493,7 +1499,8 @@ def sample(  # type: ignore[override]
             mode: Conditioning mode for the network.
             verbose: if true, prints the progression bar of the sampling process.
             seg: if diffusion model is instance of SPADEDiffusionModel, segmentation must be provided.
-                        cfg: classifier-free-guidance scale, which indicates the level of strengthening on the conditioning.
+            cfg: classifier-free-guidance scale, which indicates the level of strengthening on the conditioning.
+            cfg_fill_value: the fill value to use for the unconditioned input when using classifier-free guidance.
         """
         if mode not in ["crossattn", "concat"]:
             raise NotImplementedError(f"{mode} condition is not supported")
@@ -1521,7 +1528,7 @@ def sample(  # type: ignore[override]
                 model_input = torch.cat([image] * 2, dim=0)
                 if conditioning is not None:
                     uncondition = torch.ones_like(conditioning)
-                    uncondition.fill_(-1)
+                    uncondition.fill_(cfg_fill_value)
                     conditioning_input = torch.cat([uncondition, conditioning], dim=0)
                 else:
                     conditioning_input = None
@@ -1839,6 +1846,7 @@ def sample(  # type: ignore[override]
         verbose: bool = True,
         seg: torch.Tensor | None = None,
         cfg: float | None = None,
+        cfg_fill_value: float = -1.0,
     ) -> torch.Tensor | tuple[torch.Tensor, list[torch.Tensor]]:
         """
         Args:
@@ -1856,6 +1864,7 @@ def sample(  # type: ignore[override]
             seg: if diffusion model is instance of SPADEDiffusionModel, or autoencoder_model
              is instance of SPADEAutoencoderKL, segmentation must be provided.
             cfg: classifier-free-guidance scale, which indicates the level of strengthening on the conditioning.
+            cfg_fill_value: the fill value to use for the unconditioned input when using classifier-free guidance.
         """
 
         if (
@@ -1884,6 +1893,7 @@ def sample(  # type: ignore[override]
             verbose=verbose,
             seg=seg,
             cfg=cfg,
+            cfg_fill_value=cfg_fill_value,
         )
 
         if save_intermediates:
 
@@ -123,7 +123,9 @@ def __init__(
         self.upsample_mode = upsample_mode
         self.conv2d_type = conv2d_type
         self.out_channels = out_channels
-        resnet = models.resnet50(pretrained=pretrained, progress=progress)
+        resnet = models.resnet50(
+            progress=progress, weights=models.ResNet50_Weights.IMAGENET1K_V1 if pretrained else None
+        )
 
         self.conv1 = resnet.conv1
         self.bn0 = resnet.bn1
 
@@ -33,6 +33,7 @@
 
 import math
 from collections.abc import Sequence
+from typing import Optional
 
 import torch
 from torch import nn
@@ -2006,7 +2007,7 @@ def __init__(
 
             self.down_blocks.append(down_block)
 
-        self.out = nn.Sequential(nn.Linear(4096, 512), nn.ReLU(), nn.Dropout(0.1), nn.Linear(512, self.out_channels))
+        self.out: Optional[nn.Module] = None
 
     def forward(
         self,
@@ -2049,6 +2050,12 @@ def forward(
             h, _ = downsample_block(hidden_states=h, temb=emb, context=context)
 
         h = h.reshape(h.shape[0], -1)
+
+        # 5. out
+        if self.out is None:
+            self.out = nn.Sequential(
+                nn.Linear(h.shape[1], 512), nn.ReLU(), nn.Dropout(0.1), nn.Linear(512, self.out_channels)
+            )
         output: torch.Tensor = self.out(h)
 
         return output
@@ -16,7 +16,7 @@
 import torch
 import torch.nn as nn
 
-from monai.utils.module import optional_import
+from monai.utils import optional_import
 
 models, _ = optional_import("torchvision.models")
 
@@ -48,7 +48,6 @@ class MILModel(nn.Module):
             Defaults to ``None`` (necessary only when using a custom backbone)
         trans_blocks: number of the blocks in `TransformEncoder` layer.
         trans_dropout: dropout rate in `TransformEncoder` layer.
-
     """
 
     def __init__(
@@ -74,7 +73,7 @@ def __init__(
         self.transformer: nn.Module | None = None
 
         if backbone is None:
-            net = models.resnet50(pretrained=pretrained)
+            net = models.resnet50(weights=models.ResNet50_Weights.IMAGENET1K_V1 if pretrained else None)
             nfc = net.fc.in_features  # save the number of final features
             net.fc = torch.nn.Identity()  # remove final linear layer
 
@@ -99,7 +98,7 @@ def hook(module, input, output):
             torch_model = getattr(models, backbone, None)
             if torch_model is None:
                 raise ValueError("Unknown torch vision model" + str(backbone))
-            net = torch_model(pretrained=pretrained)
+            net = torch_model(weights="DEFAULT" if pretrained else None)
 
             if getattr(net, "fc", None) is not None:
                 nfc = net.fc.in_features  # save the number of final features
 
@@ -112,12 +112,11 @@ def __init__(
         weights=None,
         **kwargs,
     ):
-        if weights is not None:
-            model = getattr(models, model_name)(weights=weights, **kwargs)
-        elif pretrained:
-            model = getattr(models, model_name)(weights="DEFAULT", **kwargs)
-        else:
-            model = getattr(models, model_name)(weights=None, **kwargs)
+        # if pretrained is False, weights is a weight tensor or None for no pretrained loading
+        if pretrained and weights is None:
+            weights = "DEFAULT"
+
+        model = getattr(models, model_name)(weights=weights, **kwargs)
 
         super().__init__(
             model=model,
 
@@ -1836,7 +1836,7 @@ class HistogramNormalized(MapTransform):
             See also: :py:class:`monai.transforms.compose.MapTransform`
         num_bins: number of the bins to use in histogram, default to `256`. for more details:
             https://numpy.org/doc/stable/reference/generated/numpy.histogram.html.
-        min: the min value to normalize input image, default to `255`.
+        min: the min value to normalize input image, default to `0`.
         max: the max value to normalize input image, default to `255`.
         mask: if provided, must be ndarray of bools or 0s and 1s, and same shape as `image`.
             only points at which `mask==True` are used for the equalization.