Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
onnxruntime-web
Advanced tools
A Javascript library for running ONNX models on browsers
onnxruntime-web is a JavaScript library that allows you to run ONNX (Open Neural Network Exchange) models directly in the browser or in Node.js environments. It leverages WebAssembly (WASM) and WebGL for efficient execution of machine learning models, making it possible to perform inference tasks on the client side without needing a server.
Load and Run ONNX Model
This feature allows you to load an ONNX model and run inference on it. The code sample demonstrates how to create an inference session, prepare input data, and run the model to get the results.
const ort = require('onnxruntime-web');
async function runModel() {
const session = await ort.InferenceSession.create('model.onnx');
const input = new ort.Tensor('float32', new Float32Array([1.0, 2.0, 3.0, 4.0]), [1, 4]);
const feeds = { input: input };
const results = await session.run(feeds);
console.log(results);
}
runModel();
Use WebGL Backend
This feature allows you to leverage the WebGL backend for running ONNX models, which can provide better performance for certain types of models. The code sample shows how to specify the WebGL execution provider when creating the inference session.
const ort = require('onnxruntime-web');
async function runModelWithWebGL() {
const session = await ort.InferenceSession.create('model.onnx', { executionProviders: ['webgl'] });
const input = new ort.Tensor('float32', new Float32Array([1.0, 2.0, 3.0, 4.0]), [1, 4]);
const feeds = { input: input };
const results = await session.run(feeds);
console.log(results);
}
runModelWithWebGL();
Run Model in Node.js
This feature demonstrates how to run ONNX models in a Node.js environment. The code sample is similar to the browser example but is intended to be run in a Node.js context.
const ort = require('onnxruntime-web');
async function runModelInNode() {
const session = await ort.InferenceSession.create('model.onnx');
const input = new ort.Tensor('float32', new Float32Array([1.0, 2.0, 3.0, 4.0]), [1, 4]);
const feeds = { input: input };
const results = await session.run(feeds);
console.log(results);
}
runModelInNode();
Brain.js is a JavaScript library for neural networks, which can be used in the browser or with Node.js. It is simpler and more lightweight compared to onnxruntime-web, and is suitable for basic neural network tasks. However, it does not support the ONNX model format.
Synaptic is a JavaScript neural network library for node.js and the browser. It provides a flexible and powerful API for creating and training neural networks. Unlike onnxruntime-web, Synaptic does not support running pre-trained ONNX models and is more focused on building and training models from scratch.
ONNX Runtime Web is a Javascript library for running ONNX models on browsers and on Node.js.
ONNX Runtime Web has adopted WebAssembly and WebGL technologies for providing an optimized ONNX model inference runtime for both CPUs and GPUs.
The Open Neural Network Exchange (ONNX) is an open standard for representing machine learning models. The biggest advantage of ONNX is that it allows interoperability across different open source AI frameworks, which itself offers more flexibility for AI frameworks adoption.
With ONNX Runtime Web, web developers can score models directly on browsers with various benefits including reducing server-client communication and protecting user privacy, as well as offering install-free and cross-platform in-browser ML experience.
ONNX Runtime Web can run on both CPU and GPU. On CPU side, WebAssembly is adopted to execute the model at near-native speed. ONNX Runtime Web complies the native ONNX Runtime CPU engine into WebAssembly backend by using Emscripten, so it supports most functionalities native ONNX Runtime offers, including full ONNX operator coverage, multi-threading, ONNX Runtime Quantization as well as ONNX Runtime Mobile. For performance acceleration with GPUs, ONNX Runtime Web leverages WebGL, a popular standard for accessing GPU capabilities. We are keeping improving op coverage and optimizing performance in WebGL backend.
See Compatibility and Operators Supported for a list of platforms and operators ONNX Runtime Web currently supports.
Refer to ONNX Runtime JavaScript examples for samples and tutorials.
Refer to the following links for development information:
OS/Browser | Chrome | Edge | Safari | Electron | Node.js |
---|---|---|---|---|---|
Windows 10 | wasm, webgl | wasm, webgl | - | wasm, webgl | wasm |
macOS | wasm, webgl | wasm, webgl | wasm, webgl | wasm, webgl | wasm |
Ubuntu LTS 18.04 | wasm, webgl | wasm, webgl | - | wasm, webgl | wasm |
iOS | wasm, webgl | wasm, webgl | wasm, webgl | - | - |
Android | wasm, webgl | wasm, webgl | - | - | - |
ONNX Runtime Web currently support all operators in ai.onnx and ai.onnx.ml.
ONNX Runtime Web currently supports a subset of operators in ai.onnx operator set. See operators.md for a complete, detailed list of which ONNX operators are supported by WebGL backend.
License information can be found here.
FAQs
A Javascript library for running ONNX models on browsers
The npm package onnxruntime-web receives a total of 124,129 weekly downloads. As such, onnxruntime-web popularity was classified as popular.
We found that onnxruntime-web demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.