Garak

What's Changed

garak's 1st birthday! 🎂

Headlines in this birthday release:
* Multimodal support! LLaVa + FigStep - HUGE thanks to DavidLee528
* LiteLLM generator support - thanks to Tien-Cheng!
* DoNotAnswer probe for prompts an LLM should decline - thanks to AhsanAyub!
* LangChain Serve generator support - thanks to GustavFredrikson!
* Support for NIM generators, NVIDIA Inference Microservices
* OpenAI abstraction with parallelisation support
* Windows compatibility enhanced, with optional testing in the workflow
* Hugging Face speedup

plugins
* LiteLLM generator by Tien-Cheng in https://github.com/leondz/garak/pull/572
* Support for using 'langchain serve' endpoints by GustavFredrikson in https://github.com/leondz/garak/pull/588
* Enable parallel OpenAI calls by jmartin-tech in https://github.com/leondz/garak/pull/645
* Multi-modal Jailbreaking Attack on LLaVA by DavidLee528 in https://github.com/leondz/garak/pull/587
* bump openai module version to match paths in latest litellm by leondz in https://github.com/leondz/garak/pull/664
* generator: NIM by leondz in https://github.com/leondz/garak/pull/637
* Probe: Do Not Answer by AhsanAyub in https://github.com/leondz/garak/pull/608

architecture
* change supported pythons to 3.10-3.12 by leondz in https://github.com/leondz/garak/pull/503
* add more detailed TAP docs by leondz in https://github.com/leondz/garak/pull/504
* add multiple-result aggregator by leondz in https://github.com/leondz/garak/pull/505
* add post buff hook by erickgalinkin in https://github.com/leondz/garak/pull/506
* Add fleshed-out docs to all probes by leondz in https://github.com/leondz/garak/pull/507
* add bibtex under citation info in readme by leondz in https://github.com/leondz/garak/pull/511
* define broad test, all probes, 1 gen per by leondz in https://github.com/leondz/garak/pull/514
* Feature/taxonomy payloads by leondz in https://github.com/leondz/garak/pull/519
* include paraphrasing in broad conf by leondz in https://github.com/leondz/garak/pull/521
* choose whether buffing will also include the original prompt by leondz in https://github.com/leondz/garak/pull/523
* add config var for capping max buffed prompts to add per buff by leondz in https://github.com/leondz/garak/pull/526
* document Probe.probe(); skip a buff hook if no buffs by leondz in https://github.com/leondz/garak/pull/527
* add type hints to base.Probe; fix base probe rst by leondz in https://github.com/leondz/garak/pull/528
* Bump datasets package by shubhobm in https://github.com/leondz/garak/pull/536
* Add ConversationalPipeline for huggingface models by erickgalinkin in https://github.com/leondz/garak/pull/539
* add generator for supporting openai module v0.x by leondz in https://github.com/leondz/garak/pull/553
* Update README.md by erickgalinkin in https://github.com/leondz/garak/pull/558
* Minor typo in FAQ by jmartin-tech in https://github.com/leondz/garak/pull/562
* Add additional error message when __doc__ is None type by DavidLee528 in https://github.com/leondz/garak/pull/566
* shared constant & string literal by jmartin-tech in https://github.com/leondz/garak/pull/571
* Spelling corrections for multiple locations by jmartin-tech in https://github.com/leondz/garak/pull/564
* Reduce Huggingface GPU utilization by erickgalinkin in https://github.com/leondz/garak/pull/567
* skip `verbose` flag in secondary parser by jmartin-tech in https://github.com/leondz/garak/pull/576
* Added project twitter link and corrected a grammatic error by codebrain001 in https://github.com/leondz/garak/pull/578
* Convert GGML to expect GGUF format by jmartin-tech in https://github.com/leondz/garak/pull/581
* Update workflows: CLA asst bump, PR & manual testing by leondz in https://github.com/leondz/garak/pull/591
* add test de-duping using skip-duplicate-actions by leondz in https://github.com/leondz/garak/pull/597
* Remove `!` entries from files not intended as executables by jmartin-tech in https://github.com/leondz/garak/pull/612
* Further align shebangs with code that has executable entry points by leondz in https://github.com/leondz/garak/pull/613
* interactive mode intro by leondz in https://github.com/leondz/garak/pull/614
* add tests for `ggml` generator by jmartin-tech in https://github.com/leondz/garak/pull/618
* add var for generator context_len and populate this for some generators by leondz in https://github.com/leondz/garak/pull/616
* allow generators.Base.generate() to take an optional param specifying generation count by leondz in https://github.com/leondz/garak/pull/600
* Enable windows tests as github action by jmartin-tech in https://github.com/leondz/garak/pull/626
* add on-demand macos testing by leondz in https://github.com/leondz/garak/pull/631
* macOS test install from correct path by jmartin-tech in https://github.com/leondz/garak/pull/633
* consolidate test file cleanup by jmartin-tech in https://github.com/leondz/garak/pull/634
* bump discord link by leondz in https://github.com/leondz/garak/pull/648
* meta the arguments a bit for GET vs other request types by jmartin-tech in https://github.com/leondz/garak/pull/640

stability
* fail gracefully if nvcf rejects input; compact zalgo prompts by leondz in https://github.com/leondz/garak/pull/509
* log & skip past NVCF 4xx errors by leondz in https://github.com/leondz/garak/pull/533
* fix empty autodan prompts & poor detector behaviour by leondz in https://github.com/leondz/garak/pull/534
* Fix AutoDAN issues by erickgalinkin in https://github.com/leondz/garak/pull/537
* fix bad nonetype handling in atkgen probe by leondz in https://github.com/leondz/garak/pull/538
* Division by zero error fixed in HTML report generation by CoderMayhem in https://github.com/leondz/garak/pull/545
* cap cohere lib version by leondz in https://github.com/leondz/garak/pull/569
* rm deprecated model from example by leondz in https://github.com/leondz/garak/pull/575
* Attack fixes by erickgalinkin in https://github.com/leondz/garak/pull/555
* More regex as string literal by jmartin-tech in https://github.com/leondz/garak/pull/586
* Bugfix/action dedupe by leondz in https://github.com/leondz/garak/pull/598
* wrap cli exec to gracefully catch keyboard exit signal by jmartin-tech in https://github.com/leondz/garak/pull/603
* Enforce warning output for `garak` classes. by jmartin-tech in https://github.com/leondz/garak/pull/605
* bump hf transformers v to avoid transformers30076 by leondz in https://github.com/leondz/garak/pull/636
* update avidtools to remove typing reference by jmartin-tech in https://github.com/leondz/garak/pull/639
* torch v bump by leondz in https://github.com/leondz/garak/pull/649
* Pause FigStepTiny by leondz in https://github.com/leondz/garak/pull/652
* Bugfix/visual jailbreak pause by leondz in https://github.com/leondz/garak/pull/653
* limit push test to main by jmartin-tech in https://github.com/leondz/garak/pull/661
* Update MANIFEST.in so all resources are installed by JKL98ISR in https://github.com/leondz/garak/pull/660
* handle extant but closed `hitlogfile` file by leondz in https://github.com/leondz/garak/pull/665


New Contributors
* CoderMayhem made their first contribution in https://github.com/leondz/garak/pull/545
* jmartin-tech made their first contribution in https://github.com/leondz/garak/pull/562
* codebrain001 made their first contribution in https://github.com/leondz/garak/pull/578
* Tien-Cheng made their first contribution in https://github.com/leondz/garak/pull/572
* GustavFredrikson made their first contribution in https://github.com/leondz/garak/pull/588
* JKL98ISR made their first contribution in https://github.com/leondz/garak/pull/660
* AhsanAyub made their first contribution in https://github.com/leondz/garak/pull/608

**Full Changelog**: https://github.com/leondz/garak/compare/v0.9.0.12...v0.9.0.13

What's Changed

plugins
* New encoding probes by zmackie in https://github.com/leondz/garak/pull/459
* OpenAI upgrade by erickgalinkin in https://github.com/leondz/garak/pull/477
* Low Resource Languages Buff by erickgalinkin in https://github.com/leondz/garak/pull/478
* Add Rasa generator by rgstephens in https://github.com/leondz/garak/pull/453
* Tree of Attacks by erickgalinkin in https://github.com/leondz/garak/pull/446

functionality improvements
* support multiple buffs by leondz in https://github.com/leondz/garak/pull/497
* wrap exception printing in repr by leondz in https://github.com/leondz/garak/pull/425
* add generators.function docs & examples by leondz in https://github.com/leondz/garak/pull/437
* update doc indices, add test to check them by leondz in https://github.com/leondz/garak/pull/450
* fix & unify REST generator timeout param names; set default request timeout to 20s by leondz in https://github.com/leondz/garak/pull/451
* add test to keep requirements in sync by leondz in https://github.com/leondz/garak/pull/465
* docs for buffs by leondz in https://github.com/leondz/garak/pull/466
* autosearch in the configs/ subdir for configs (no yaml extension should be given) by leondz in https://github.com/leondz/garak/pull/467
* Update function.py by erickgalinkin in https://github.com/leondz/garak/pull/500
* add warning when using a lite/default profile by leondz in https://github.com/leondz/garak/pull/476
* rename default output dir to garak_runs/; by leondz in https://github.com/leondz/garak/pull/488
* update openai model list by leondz in https://github.com/leondz/garak/pull/494
* make test_openai generation tests skip if no OAI API key set by leondz in https://github.com/leondz/garak/pull/491

fixes
* html report now uses correct basedir by leondz in https://github.com/leondz/garak/pull/439
* typos & clarifications in rest generator by leondz in https://github.com/leondz/garak/pull/436
* update manifest by leondz in https://github.com/leondz/garak/pull/454
* Avoid divide by zero error by erickgalinkin in https://github.com/leondz/garak/pull/458
* Fix/test pytest-8.0.0 order by leondz in https://github.com/leondz/garak/pull/472
* Check & enable Python 3.12 support by leondz in https://github.com/leondz/garak/pull/475
* move pathlib uses to _config.transient.basedir by leondz in https://github.com/leondz/garak/pull/499
* catch & handle HF hub exceptions loading dataset for package hallucination by leondz in https://github.com/leondz/garak/pull/470


New Contributors
* zmackie made their first contribution in https://github.com/leondz/garak/pull/459
* rgstephens made their first contribution in https://github.com/leondz/garak/pull/453

**Full Changelog**: https://github.com/leondz/garak/compare/v0.9.0.11...v0.9.0.12

What's Changed
* wrap exception printing in repr by leondz in https://github.com/leondz/garak/pull/425
* typos & clarifications in rest generator by leondz in https://github.com/leondz/garak/pull/430, https://github.com/leondz/garak/pull/436
* add generators.function docs & examples by leondz in https://github.com/leondz/garak/pull/437
* html report now uses correct basedir by leondz in https://github.com/leondz/garak/pull/439

**Full Changelog**: https://github.com/leondz/garak/compare/v0.9.0.11...v0.9.0.11.post1

What's Changed
* Probe for repetition-based nudging into replay/spurious generation by leondz in https://github.com/leondz/garak/pull/404
* Probe for invisible text prompt injections by leondz in https://github.com/leondz/garak/pull/397
* Probe for the 'DAN in the wild' paper's library of jailbreak prompts by leondz in https://github.com/leondz/garak/pull/405
* Probe for NYT & The Guardian content in training data by leondz in https://github.com/leondz/garak/pull/402
* Add NVIDIA cloud functions generator by leondz in https://github.com/leondz/garak/pull/398
* Add toxicity generation deep test config by leondz in https://github.com/leondz/garak/pull/413
* Generator enhancements and minor improvements by shubhobm in https://github.com/leondz/garak/pull/391
* Update HF inf api generator to match their current expectations by leondz in https://github.com/leondz/garak/pull/400
* Invoke garak on the command line, with `garak` by leondz in https://github.com/leondz/garak/pull/410
* Mitigate continuation probe oversensitivity by leondz in https://github.com/leondz/garak/pull/394
* Handle nvcf container timeouts by leondz in https://github.com/leondz/garak/pull/399
* Fixing Exception Cause By Type Error When Scanning LLMs Via Replicate by DavidLee528 in https://github.com/leondz/garak/pull/401
* Make sure triggers attempt.note is saved in hitlog by leondz in https://github.com/leondz/garak/pull/403
* Repeat replay now optionally overrides generator max len by leondz in https://github.com/leondz/garak/pull/408
* Replay.Repeat now preserves attempt when restoring generator max_tokens by leondz in https://github.com/leondz/garak/pull/409
* Gracefully handle NVCF request timeouts & other failures by leondz in https://github.com/leondz/garak/pull/411
* Fix deprecated encoding by leondz in https://github.com/leondz/garak/pull/412
* Better coverage in mitigation bypass detector

**Full Changelog**: https://github.com/leondz/garak/compare/v0.9.0.10...v0.9.0.11

* Probes can now be selected by MISP tag, e.g. owasp:llm01
* garak now automatically creates an HTML report on completion
* HTML reports can be grouped by module but also by probe tag category, so you can see e.g. top-level scores for prompt injection, hallucination, and so on
* logs now go to a dedicated log dir by default, to keep things clean
* new buffs: encoding.Base64, encoding.CharCode
* new generator: [NeMo guardrails](https://github.com/NVIDIA/NeMo-Guardrails)
* new probe: [AutoDAN](https://arxiv.org/abs/2310.04451)
* RealToxicityProbes now only loads local lists, much faster
* update OpenAI models list
* fix attempt parameter stability
* better logging of config params
* atk is now atkgen

Contributions from erickgalinkin , drazvan . Enjoy & Happy holidays! 🎅🎄

What's Changed
* Attempt no longer uses mutable type defaults by leondz in https://github.com/leondz/garak/pull/360
* Add NeMoGuardrails generator (WIP). by drazvan in https://github.com/leondz/garak/pull/345
* add test for mutable defaults bug in attempt.Attempt by leondz in https://github.com/leondz/garak/pull/362
* refresh openai model name list by leondz in https://github.com/leondz/garak/pull/363
* speed up realtoxicityprompts loading by leondz in https://github.com/leondz/garak/pull/364
* Feature/digest report 231212 by leondz in https://github.com/leondz/garak/pull/365
* Autodan by erickgalinkin in https://github.com/leondz/garak/pull/367
* Auto-reporting by leondz in https://github.com/leondz/garak/pull/368
* add guardrails doc connection by leondz in https://github.com/leondz/garak/pull/369
* Feature/digest plugin descrs by leondz in https://github.com/leondz/garak/pull/370
* Add Base64 and CharCode buffs by erickgalinkin in https://github.com/leondz/garak/pull/372
* tidy buffs, add test for buff config loading by leondz in https://github.com/leondz/garak/pull/376
* Feature/tag selection by leondz in https://github.com/leondz/garak/pull/383
* set default for probe_tags in core config; use this as default cli arg by leondz in https://github.com/leondz/garak/pull/386
* hitlogs should use same paths as other reporting. add test for this by leondz in https://github.com/leondz/garak/pull/387
* Feature/reporting categories by leondz in https://github.com/leondz/garak/pull/389

New Contributors
* drazvan made their first contribution in https://github.com/leondz/garak/pull/345

**Full Changelog**: https://github.com/leondz/garak/compare/v0.9.0.9...v0.9.0.10

* Added GCG jailbreak probe (probes.gcg.GCG_Probe)
* Add support for NVIDIA Optimum (generators.huggingface.OptimumPipeline)
* Add OWASP tags to probes
* Add fast & slow paraphrase buffs (buffs.paraphrase.Fast, buffs.paraphrase.PegasusT5)
* Support for config files: there's a core config, site config, and a CLI config, and all can be used to set system, run, and plugin parameters
* Supply some sample config files for a few different styles of garak run
* Progress bar for buffs
* Added debugging REST server for dev
* Move RealToxicityPrompts resources to their own subdir

Thanks to erickgalinkin drazvan DavidLee528