difference between safetensor and pickle tensor?

not sure which to download, im using auto111 1.5

Hey! Tldr: You should always go for the Safetensor file, if available.

Originally, when SD was released, the file format for models was .ckpt, which could theoretically include "pickles" (malicious python code, malware). To combat this, Safetensors format was developed, which is inherently safe. Both Safetensors and .ckpt files are used in the same way - placed within the models directory and selected from the model list in the interface.

Checkpoint files are sometimes referred to as "pickletensor" now, and the site does scan them for potentially dangerous inclusions; you will see a warning if suspicious code is detected by the scanner.

So, in general, always take the Safetensors version if available, and if not, check the "picklescanner" status of the checkpoint before downloading!

I moved the downloaded safetensors into my models folder and restarted everything but they do not show up in the drop down box, am I missing something? thanks

if you installed a while back, add "git pull" to the webui-user.bat second line and restart.

There's a good guide on how to convert these yourself - https://rentry.org/safetensorsguide