* fix: V-002 security vulnerability
Automated security fix generated by Orbis Security AI
* fix(ruby): use Ruby allocator macros in jfk_reader and fix memory leak
- Replace calloc/free with ALLOC_N/xfree to match Ruby binding conventions
(ALLOC_N handles overflow checking and raises NoMemoryError on failure)
- Free temporary samples buffer after conversion loop (was leaked)
- Add NULL check for fopen return value with rb_raise
- Add comment clarifying n_samples is a compile-time constant
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix(ruby): return false instead of rb_raise in memory_view callback
rb_memory_view_get_func_t callbacks should communicate errors via
return value (false), not exceptions. rb_memory_view_get has no
exception-handling wrapper around get_func calls.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* replacing ALLOC_N with rb_protect as ALLOC_N raises Ruby exceptions
---------
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
* Change MemoryView example using NDAV
* Add note on audio attributes for #full and #full_parallel
* Support more variants of MemoryView
* Use IO.popen instead of Kernel.` for Windows compatibility
* Use cmake's -C option instead of multiple -D options
* Fix memsize calculation
* Remove unused argument
* Add is_interrupted field to abort callback container
* Fix RBS syntax
* Address document comment for RDoc
* Add .document for RDoc
* Add .rdoc_options
* Run #full without GVL
* Initialize callbacks with nil
* Specify implicity Whisper::Params to distinguish from Whisper::Context::Params
* Run callbacks without GVL
* Call log callback with GVL
* Run full_parallel without GVL
* Run transcribe without GVL
* Fix ruby_whisper_lock_gvl and ruby_whisper_unlock_gvl
* Fix return value of encoder_begin_callback
* Report GVL unlocking from transcribe
* Remove unused interface
* Restore overload of full_parallel
* Close process
* Fix struct name
* Make is_without_gvl thread local
* Use rb_thread_call_with_gvl instead of global variable
* Retrieve instance variable in GVL
* Narrow acceptable MemoryView format
* Fix option cache path
* Reduce files in package
* Use append_cflags
* Add ext/*.rb to task dependencies
* Use copy instead of cp
* Make TestPackage more portable
* Patch for lower version Ruby
* Make build scripts more portable
* Add Windows support
* Don't raise exceptions
* Prevent dangling pointers
* Use proper free function
* Free callback containers
* Set default log callback when nil is passed to log_set
* Raise error if callbacks set when parallel transcription
* Bump version to 1.3.7
* Make tests follow spec change
* Add note on parallel transcription and callbacks
* Update signature of Whisper.log_set [skip ci]
Kitaiti Makoto
Daniel Bevenius
Georgi Gerganov
OrbisAI Security
annaeina
Alan