Spaces:
Running on Zero
Questions About Image Storage, Retention, and Privacy in This Space
Hi, thanks for sharing this Space.
While reviewing the code, I noticed that users' uploaded and generated images appear to be explicitly written to disk inside:
/tmp/.gradio_buffer_cache
using filenames like:
src_*.webp for uploaded images
dst_*.webp for generated images
The function _maintain_session_state() also writes metadata entries into:
state_registry.jsonl
including prompts and generation parameters.
I also noticed that images are converted to base64 and sent through:
InferenceClient(provider="nebius")
during prompt rewriting.
Could you clarify the following:
β Are users' uploaded and generated images stored only temporarily, or persistently retained?
β How long are files inside /tmp/.gradio_buffer_cache kept?
β Is state_registry.jsonl retained across sessions or deployments?
β Can you, the owner of this Space access previously uploaded/generated images?
β Are the images or prompts ever used for analytics, monitoring, moderation, or training?
β Are images transmitted to Nebius or any other third-party infrastructure during prompt rewriting or inference?
β Does the external provider retain any uploaded image data, prompts, or metadata?
β Is there any automatic cleanup job for:
src_*.webp
dst_*.webp
state_registry.jsonl
Iβm asking because the code appears to explicitly save user uploads, generated outputs, and prompt/session metadata locally, and also transmit image content to an external inference provider.
Thanks for clarifying.
- Temporarily, deleted when the huggingface container restarts
- As long as the container lasts which as far as I know restarts frequently
- No I cannot. You can only access files inside a container if developer mode is enabled which for all of my spaces it isn't.
- No, nothing is used for training or reviewing, training wouldn't make sense because there is no new information to bring here that could be used for training, users are just inferencing a model. The space outputs were anonymously looked at once after a complain from a user about the space being used for abusive content, and afterwards not done again as developer mode was turned off.
- Nebius is solely an inference provider for the prompt rewriting process, however that part of the code doesn't actually work in this space so no prompt rewriting happens, it is simply a piece of non working artifact code left out from where I forked the code from which you can verify.
- Like said before nebius is a legitimate inference provider, and the part of the code that aims to utilise it here does not function. From what I can remember nebius returns an error about the model id missing, therefore the entire prompt rewriting pipeline is skipped and raw prompts are passed to the model.
- They're cleaned by huggingface as discussed, the containers do not run indefinitely, they do not have permanent space, and besides those files are written to /tmp which usually resides solely in the RAM.
To put it simply, all of your concerns are old code that I simply didn't bother to remove. Nothing changes if I remove those pieces of code but if this is a real concern I could maybe revert those lines. However in the meanwhile, you're free to create a copy of the space and make whatever changes you deem appropriate.
Thank you for the quick response and for making everything clear. Have a great day!