Skip to content

BentoML

Model Serving & MLOps

Python library for building scalable, production‑ready model serving APIs and Docker containers for any AI/ML model

Track releases GitHub Website
Python Latest v1.4.39 · 27d ago Security brief →

Features

  • Easily create REST/gRPC inference APIs from any Python model script with type hints
  • Generate reproducible Docker images automatically, handling dependencies and model versions
  • Optimize CPU/GPU utilization via dynamic batching, model parallelism, and multi‑model pipelines
  • Fully extensible – add custom business logic, task queues, or compose multiple models

Security Response History

1 CVE
CVE Severity Disclosed Patched (this tool) vs Ecosystem Median
CVE-2023-4863 KEV high
CVSS 8.8
 2023-09-13 2026-01-09 2y 4mo / median 2y 4mo

Recent releases

View all 8 releases →
v1.4.39 Bug fix patches CVE-2023-4863
Security fixes
  • Prevent following symlinks when copying files in BentoStore
Full changelog

What's Changed

  • ci: pre-commit autoupdate [skip ci] by @pre-commit-ci[bot] in https://github.com/bentoml/BentoML/pull/5593
  • fix: prevent following symlinks when copying files in BentoStore by @frostming in https://github.com/bentoml/BentoML/pull/5598
  • fix: add sharing=locked to BuildKit cache mounts for multi-arch builds by @lawrence3699 in https://github.com/bentoml/BentoML/pull/5597
  • fix: enhance Dockerfile generation by normalizing base image lines and adding tests by @frostming in https://github.com/bentoml/BentoML/pull/5603
  • fix: defer prometheus_client import in bentoml.metrics to fix histogram collection in multiprocess mode by @ramkrishs in https://github.com/bentoml/BentoML/pull/5602
  • ci: pre-commit autoupdate [skip ci] by @pre-commit-ci[bot] in https://github.com/bentoml/BentoML/pull/5605
  • fix: handle string input in FileSchema by encoding to UTF-8 by @frostming in https://github.com/bentoml/BentoML/pull/5606

New Contributors

  • @lawrence3699 made their first contribution in https://github.com/bentoml/BentoML/pull/5597
  • @ramkrishs made their first contribution in https://github.com/bentoml/BentoML/pull/5602

Full Changelog: https://github.com/bentoml/BentoML/compare/v1.4.38...v1.4.39

View release on GitHub
v1.4.38 Mixed
Notable features
  • Native support for src-layout projects
Full changelog

What's Changed

  • feat: native support for src-layout projects by @VedantMadane in https://github.com/bentoml/BentoML/pull/5555
  • fix: switch to SandboxedEnvironment and remove unused Jinja2 extensions by @frostming in https://github.com/bentoml/BentoML/pull/5591
  • fix: use correct NVIDIA CUDA base images for debian distro by @mattmorganpdx in https://github.com/bentoml/BentoML/pull/5590

New Contributors

  • @mattmorganpdx made their first contribution in https://github.com/bentoml/BentoML/pull/5590

Full Changelog: https://github.com/bentoml/BentoML/compare/v1.4.37...v1.4.38

View release on GitHub
v1.4.36 Mixed
Security fixes
  • Validate symlink targets in safe_extract_tarfile
Notable features
  • New image API: build_include
  • SQLite busy_timeout and WAL mode to prevent 'database is locked' under concurrency
  • Fixed memory leak in readiness checks with remote dependencies
Full changelog

What's Changed

  • fix: correct typo 'seperators' to 'separators' by @thecaptain789 in https://github.com/bentoml/BentoML/pull/5546
  • Reapply "feat: new image API: build_include" (#5531) by @frostming in https://github.com/bentoml/BentoML/pull/5539
  • fix: resolve AnyIO NoEventLoopError when calling sync API from async API by @paipeline in https://github.com/bentoml/BentoML/pull/5550
  • fix: Set SQLite busy_timeout and WAL mode to prevent 'database is locked' under concurrency by @VedantMadane in https://github.com/bentoml/BentoML/pull/5551
  • Fix memory leak in readiness checks with remote dependencies by @paipeline in https://github.com/bentoml/BentoML/pull/5553
  • fix: validate symlink targets in safe_extract_tarfile by @q1uf3ng in https://github.com/bentoml/BentoML/pull/5548
  • Revert "fix: resolve AnyIO NoEventLoopError when calling sync API from async API" by @frostming in https://github.com/bentoml/BentoML/pull/5554
  • chore: update AWS BYOC doc to v10 by @sauyon in https://github.com/bentoml/BentoML/pull/5559
  • chore(deps): bump actions/download-artifact from 7 to 8 by @dependabot[bot] in https://github.com/bentoml/BentoML/pull/5561
  • chore(deps): bump actions/upload-artifact from 6 to 7 by @dependabot[bot] in https://github.com/bentoml/BentoML/pull/5560
  • ci: pre-commit autoupdate [skip ci] by @pre-commit-ci[bot] in https://github.com/bentoml/BentoML/pull/5562

New Contributors

  • @thecaptain789 made their first contribution in https://github.com/bentoml/BentoML/pull/5546
  • @paipeline made their first contribution in https://github.com/bentoml/BentoML/pull/5550
  • @VedantMadane made their first contribution in https://github.com/bentoml/BentoML/pull/5551
  • @q1uf3ng made their first contribution in https://github.com/bentoml/BentoML/pull/5548

Full Changelog: https://github.com/bentoml/BentoML/compare/v1.4.35...v1.4.36

View release on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

About

Stars
8,663
Forks
971
Languages
Python Shell Jinja
View on GitHub Homepage Documentation

Install & Platforms

Install via
pip

Community & Support

Community

Similar tools

zenml
SwanLab
metaflow
LocalAI
Profine

Beta — feedback welcome: [email protected]