torch.hub security improvement: add new trust_repo parameter
As pointed by #71205, `torch.hub.load` assumes that the user trusts the repo from where the code is gathered and exececuted. We propose a solution to make sure that the user is aware of the security threat that this can represent.
**Solution**: Adds a `trust_repo` parameter to the `load`, `list` and `help` functions in torch.hub.
For now, the default `trust_repo=None` warns that, in the future, the user will need to authorize explicitly every repo before downloading it.
Once the repo has been trusted (via `trust_repo=True` or via a command prompt input) it will be added to the list of trusted repositories.
Pull Request resolved: https://github.com/pytorch/pytorch/pull/72060
Approved by: https://github.com/NicolasHug