pickle is insecure and shouldn't be used for distributing models #1468
Describe the problem
So pickle is a very bad solution for distributing pretrained models. So a way of serializing models without pickling them is needed.
Unfortunately some models, like neural networks, may be a security issue by itself. For example TensorFlow authors say: