Use Safetensors instead of Pickle

[JD-The-65th]

Hey, I was wondering why we're using pickle instead of safetensors? Pickle is insecure, with a modified pickle file being able to run arbitrary code, and is causing an error (for me, at least) when running this notebook locally, with the error in question being:

UnpicklingError                           Traceback (most recent call last)
Cell In[12], line 11
      9 get_ipython().system('wget -c https://openaipublic.blob.core.windows.net/minecraft-rl/models/{multiplier}.model -O model')
     10 get_ipython().system('wget -c {weights_file} -O weights')
---> 11 agent_parameters = pickle.load(open("model", "rb"))
     12 policy_kwargs = agent_parameters["model"]["args"]["net"]["args"]
     13 pi_head_kwargs = agent_parameters["model"]["args"]["pi_head_opts"]

UnpicklingError: A load persistent id instruction was encountered,
but no persistent_load function was specified.

If possible, I think the model should be converted to safetensors, which I would say is almost becoming a new standard for ml files.

[Miffyli]

Hmm not sure what is causing that error, although yes, this might be just as simple as the pickle library being too different.

That file does not actually store the weights but the model settings (e.g., arguments for creating the model of right shape). True, it could be saved in json, but I think there were some objects or weirder classes in the mix that would have made it more difficult.