Publish

Uploading models

Package a checkpoint, validate it locally, and publish it to the marketplace.

Supported formats

Node Data accepts the following weight formats out of the box. Other formats can be uploaded as raw artifacts but will not benefit from the framework-aware preview, automatic schema extraction, or one-click deploy.

Framework	Preferred format	Also accepted
PyTorch	`.safetensors`	`.pt`, `.bin`
TensorFlow / Keras	`SavedModel`	`.h5`
JAX / Flax	`msgpack`	`.pkl`
ONNX	`.onnx`	—
LLMs (quantized)	`.gguf`	`.awq`

Prefer safetensors

Pickle-based formats (.pt, .bin, .pkl) can execute arbitrary code on load. Safetensors is memory-mapped, fast, and audited. We surface a warning on listing pages for non-safetensors uploads.

Recommended directory layout

The upload validator expects a model card and a config at the root. Anything else under the directory is included verbatim in the artifact manifest.

text

my-model/
├── model_card.md          # required: description, intended use, training data
├── config.json            # required: framework, task, input/output schema
├── weights/
│   ├── model.safetensors  # preferred over .pt or .bin
│   └── tokenizer.json     # if applicable
├── examples/
│   └── inference.py
└── LICENSE

The model card

Every model needs a model_card.md at the root. It is rendered as the listing page on the marketplace and surfaces in the API. Front-matter is parsed into structured metadata; the body becomes the public description.

model_card.mdyaml

---
name: lift-and-place
framework: pytorch
task: manipulation
license: MIT
authors:
  - acme-robotics
training_data:
  - panda-arm-grasp-100k
benchmarks:
  - name: real-robot-pick
    metric: success_rate
    value: 0.87
inputs:
  - rgb: [3, 224, 224]
  - depth: [1, 224, 224]
outputs:
  - action: [7]
---

# Lift-and-place policy

A manipulation policy trained on 100k Panda arm episodes...

Validate locally

The CLI runs the same checks Node Data runs server-side. Catching problems before upload saves a round-trip on multi-gigabyte artifacts.

bash

node-data validate ./my-model

✓ model_card.md present
✓ config.json well-formed
✓ weights/model.safetensors is a valid safetensors file (412 MB)
✓ no PII or secrets detected in metadata
✓ license is OSI-approved
✓ checksum manifest written
Ready to upload.

Upload

Either the CLI or the SDK works. The CLI is what most CI pipelines use.

CLIbash

# Upload from the directory you just created
node-data upload \
  --name "lift-and-place" \
  --framework pytorch \
  --task manipulation \
  --license MIT \
  --price 49.00 \
  --visibility public \
  ./my-model

Python SDKpython

from nodedata import NodeData

node = NodeData()

job = node.models.create(
    name="lift-and-place",
    framework="pytorch",            # pytorch | tensorflow | jax | onnx | gguf
    task="manipulation",            # see /docs/api-reference#task-taxonomy
    license="MIT",
    price_usd=49.00,
    visibility="public",            # public | unlisted | private
    files=[
        "./model_card.md",
        "./config.json",
        "./weights/model.safetensors",
    ],
    metadata={
        "input_shape": [3, 224, 224],
        "output_shape": [7],         # 7-DoF action
        "training_data": "panda-arm-grasp-100k",
        "benchmark": {"success_rate": 0.87},
    },
)

print(job.status)  # validating → packaging → ready

Size limits and resumable uploads

Single file limit: 50 GB
Total artifact limit: 250 GB per revision
Uploads over 100 MB use the resumable tus protocol automatically
Connection drops resume from the last acknowledged byte

Larger than 250 GB?

Enterprise tenants can request larger artifact limits. Contact Enterprise to provision a dedicated bucket.

Lifecycle and review

New listings enter a short automated review pipeline that scans for malware, license conflicts, and known unsafe weights. Most uploads publish within two minutes. See Safety & moderation.