fix: resolve safetensors shard index prefix splitting

[pipe1os]

Summary

This pull request implements regex-based shard prefix parsing in the SafeTensors parser to support model names containing hyphens.

Motivation & Context

Previously, the SafeTensors shard index logic extracted the model name prefix by splitting the base filename at the first hyphen (base_name.split("-")[0]). For model names that contain hyphens (for example, llama-3-8b-00001-of-00004.safetensors), this split logic wrongly extracted only llama as the prefix. As a result, the parser failed to locate the correct index file (llama-3-8b.safetensors.index.json).

This change uses a regular expression to match standard shard formats and correctly extract the prefix. It falls back to the previous split-based method for non-standard formats.

Type of Change

• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Breaking change (fix or feature that would cause existing functionality to not work as expected)
• Refactoring (no functional changes, no api changes)
• Documentation update

How Has This Been Tested?

Added a unit test test_safetensors_sharded_with_hyphens in tests/test_parsers.py that verifies the index path is correctly resolved when parsing a shard file path with multiple hyphens (e.g. mock-llama-3-8b-00001-of-00002.safetensors).

Ran all unit tests to verify:

.venv/bin/pytest tests/ -v

• Unit tests
• Integration tests
• Manual testing

Screenshots (if appropriate)

Checklist

• My code follows the code style of this project.
• My commit messages follow the Conventional Commits format, are lowercase, imperative, and specific.
• I have updated the documentation accordingly (if applicable).
• I have added tests to cover my changes.
• My changes pass all tests.

[coderabbitai]

Warning

Review limit reached

@pipe1os, we couldn't start this review because you've reached your PR review rate limit.

More reviews will be available in 50 minutes and 23 seconds. Learn how PR review limits work.

To continue reviewing without waiting, enable usage-based billing in the billing tab.

⌛ How to resolve this issue?

After more reviews become available, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

To avoid repeated limits, reduce automatic review volume by pausing incremental auto-reviews earlier, using label-based review opt-in, excluding WIP or generated PR titles, or requesting reviews manually when the PR is ready. If your team needs uninterrupted high-volume reviews, an organization admin can enable usage-based credits.

🚦 How do rate limits work?

CodeRabbit enforces per-developer PR review limits for each organization. Most developers receive the normal plan review availability.

For paid Pro and Pro+ PR reviews, CodeRabbit uses adaptive limits for sustained high-volume activity. When a developer's recent PR review activity reaches the 95th percentile or higher among CodeRabbit users, additional reviews become available more gradually as earlier reviews age out of the rolling window.

Please see our Fair Usage Limits Policy for further information.

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro Plus

Run ID: 5a429314-5d23-4a40-808d-fa3dc028319b

📥 Commits

Reviewing files that changed from the base of the PR and between 0e82634 and 9985fd0.

📒 Files selected for processing (2)

• src/modelinfo/parsers/safetensors.py
• tests/test_parsers.py

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch advisor/004-fix-safetensors-shard-prefix

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands.}

[codacy-production]

Up to standards ✅

🟢 Issues 0 issues

Results:
0 new issues

View in Codacy

AI Reviewer: first review requested successfully. AI can make mistakes. Always validate suggestions.

_{TIP This summary will be updated as you push new changes.}

[codacy-production]

Pull Request Overview

While this PR successfully addresses the SafeTensors sharding issue for hyphenated model names, it introduces substantial scope creep by adding remote GGUF inspection and comparison UI views.

A critical concern is that src/modelinfo/parsers/huggingface.py has seen a massive increase in cyclomatic complexity (+41) without adequate test coverage. Furthermore, authentication logic for accessing gated or private models on the Hugging Face Hub is inconsistently implemented and missing from the new remote streaming requests, which will result in 401 errors in production. The regex fix for SafeTensors shards is also too restrictive and should be generalized to support different padding lengths. Codacy indicates the project remains up to standards, but the high complexity in the parser module and duplicated mock logic in tests should be addressed before merging.

About this PR

• Authentication logic for the Hugging Face Hub is currently duplicated and missing in several new network request paths. This should be centralized into a shared utility to ensure gated/private models are handled consistently across all remote fetching operations.
• The PR contains significant scope creep. The title focuses on a SafeTensors fix, but the majority of the changes implement a new Remote GGUF support system and UI tables. This should ideally be split into separate PRs to simplify review and testing.

1 comment outside of the diff

src/modelinfo/cli.py

_{line 133 🟡 MEDIUM RISK}
The analyze_model function has reached a cyclomatic complexity of 16. It is managing too many responsibilities including local file validation, remote resolution, and multi-format dispatch. Consider refactoring local parser dispatch and remote fetching into separate helper functions.

Test suggestions

• Resolve SafeTensors index path when the model name contains multiple hyphens
• Fetch and parse remote GGUF header via stream/range requests
• Render a comparison table in the UI for repositories with multiple GGUF variants
• Handle unauthorized (401) and not found (404) responses from Hugging Face Hub
• Automate unit tests for high-complexity remote fetching logic in src/modelinfo/parsers/huggingface.py

Prompt proposal for missing tests

Consider implementing these tests if applicable:
1. Automate unit tests for high-complexity remote fetching logic in src/modelinfo/parsers/huggingface.py

_{TIP Improve review quality by adding custom instructions
TIP How was this review? Give us feedback}

[codacy-production]

_{🔴 HIGH RISK}

Authentication logic is missing from the new RemoteFileStream and config.json requests. This will cause 401 Unauthorized errors when users attempt to inspect gated or private models. Additionally, this file is flagged as complex and lacks sufficient test coverage for these new paths.

[codacy-production]

_{🟡 MEDIUM RISK}

Suggestion: The regex strictly expects exactly 5 digits for shard indexing (e.g., -00001-of-00005). This will fail for non-standard exports (e.g., 4-digit padding), causing the logic to fall back to the broken split('-')[0] behavior. Use a more flexible digit match.

Suggested change

	match = re.match(r"^(.*?)-\d{5}-of-\d{5}\.safetensors$", base_name)
	match = re.match(r"^(.*?)-\d+-of-\d+\.safetensors$", base_name)

[codacy-production]

_{⚪ LOW RISK}

The mock implementation for network requests and GGUF headers is duplicated across multiple test cases. Consolidating this into a shared pytest fixture or a parameterized test would improve maintainability.