From 57c94f305c0b0347ed02b11535623a8b375eee5f Mon Sep 17 00:00:00 2001
From: Francois Chollet <francois.chollet@gmail.com>
Date: Tue, 14 Jan 2025 14:39:15 -0800
Subject: [PATCH] Disallow pickle loading in npz files

---
 keras/src/saving/saving_lib.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/keras/src/saving/saving_lib.py b/keras/src/saving/saving_lib.py
index 13d408f9538f..4d77886ec188 100644
--- a/keras/src/saving/saving_lib.py
+++ b/keras/src/saving/saving_lib.py
@@ -1073,7 +1073,7 @@ def __init__(self, root_path, archive=None, mode="r"):
                 self.f = archive.open(root_path, mode="r")
             else:
                 self.f = open(root_path, mode="rb")
-            self.contents = np.load(self.f, allow_pickle=True)
+            self.contents = np.load(self.f)
 
     def make(self, path, metadata=None):
         if not path: