Pinning ML model revisions for compatibility and security is a best practice when using open source models to prevent breaking changes or security vulnerabilities in your codebase. When working with open source packages, it's common to pin versions to prevent backwards-incompatible changes and new security vulnerabilities. This can be done by pinning package versions or model revisions, which gives you the chance to review any changes to your dependencies before updating. By doing so, you protect against unexpected breaking changes and malicious code execution. Maintaining a private copy of a model also provides similar protections and benefits, such as getting the same protections as pinning a model revision, ensuring your application isn't affected if the model is moved or deleted, and applying your own updates to the model.