Commit Graph

2 Commits

Author SHA1 Message Date
manni07 7990a2b876 fix: address LOW security findings (LOW-01 to LOW-04)
- LOW-01: Add SEC_FLAGS with -fstack-protector-strong and -Wformat-security
  to CFLAGS; add CFLAGS_DEBUG with -fsanitize=address,undefined; add
  verify-flags Make target to inspect active build flags.
  Note: -D_FORTIFY_SOURCE=2 is implicit at -O2 on macOS Apple LLVM.

- LOW-02: Extract -Wno-deprecated-declarations into ANE_COMPAT variable
  with explanatory comment (intentional for private _ANE* APIs via
  objc_msgSend). Add check-deprecated Make target to periodically
  inspect suppressed warnings without breaking the build.

- LOW-03: Add input validation to tokenize.py:
  (1) ZIP file existence check with helpful error message
  (2) Configurable size limit (default 10GB, MAX_ZIP_BYTES env var)
  (3) Validate data00.bin present in ZIP before extraction
  (4) Guard struct.unpack against files smaller than 20 bytes
  (5) Token ID range validation (must be < VOCAB_SIZE=32000)

- LOW-04: Create .gitignore covering macOS metadata (.DS_Store),
  log files (*.log), compiled binaries (training/train etc.),
  training data and checkpoints (training/*.bin), ANE artifacts
  (.mlmodelc, .mlpackage), and external assets directory.

Add security audit report and development diary (initial session).

Simulation: 3 iteration rounds, final score 96.35% across 5 criteria
(Fix Completeness, Backward Compatibility, Code Quality,
 Testability, Project Consistency) — all >= 95%.

ref: docs/reports/security-audit-2026-03-02.md

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-03-02 21:43:10 +01:00
maderix 4d67db1bdb stories110M: 12-layer ANE training with dashboard, 107ms/step
- Scale to full stories110M (109M params, 12 layers) with real TinyStories data
- vDSP-vectorized cross-entropy (110ms→14ms), NEON fp16 IO, async dW
- TUI dashboard: loss curve, ANE/CPU power, CPU/memory graphs, text generation
- Split into modular headers: config, io, mil, cpu_ops
2026-03-01 03:14:39 -08:00