Jabberjay v0.0.10

Added

• py.typed marker — PEP 561 marker file added to src/Jabberjay/; downstream
  type-checkers (mypy, pyright, ty) now recognise Jabberjay's inline type hints
• justfile Windows support — set windows-shell directive added so all just
  recipes work natively in PowerShell; clean and coverage split into [unix] /
  [windows] platform variants; version replaced with a cross-platform Python
  one-liner using tomllib
• tests/conftest.py — forces the non-interactive Agg matplotlib backend before
  any test runs, preventing TclError failures caused by the uv-managed Python
  distribution not bundling Tk
• Dependency vulnerability scanning — uv audit step added to the lint job in
  ci.yml; scans the lockfile against the PyPI advisory database on every push and PR

Changed

• Pre-commit tool versions aligned with dev dependencies — ruff bumped
  v0.11.2 → v0.15.10 and black bumped 25.1.0 → 26.3.1 in
  .pre-commit-config.yaml to match the versions resolved in uv.lock
• ty pinned — dev dependency updated from bare "ty" to "ty>=0.0.30" for
  reproducible installs
• black target-version extended — "py314" added to [tool.black] to match
  the Python 3.14 entry in the CI test matrix
• CI caching enabled — cache: true added to all astral-sh/setup-uv steps
  across ci.yml and docs.yml; coverage artifact retention set to 30 days
• Docs changelog removed — docs/changelog.md deleted; CHANGELOG.md at the
  repository root is now the single source of truth; the MkDocs navigation entry
  has been removed accordingly
• label_normalizer.py type hint tightened — raw_scores parameter type
  narrowed from list[dict[str, object]] to list[dict[str, str | float]]

Fixed

• TestASTPredict class name typo — corrected from TestASTPRedict in
  tests/test_models.py
• test_buffer_closed_on_error test isolation — plt.subplots now patched in
  the error-path test so the assertion targets the finally-block buf.close() call
  rather than being short-circuited by a TkAgg TclError from real matplotlib

---

Jabberjay v0.0.9

Changed

• Python 3.10 support dropped — minimum Python version raised to 3.11
  (requires-python = ">=3.11"); Python 3.10 classifier removed, CI test
  matrix updated to ["3.11", "3.12", "3.13", "3.14"], and documentation
  updated accordingly; follows numpy's requirement of Python >= 3.11
• Dependency constraints updated to lower bounds — all runtime dependencies
  (huggingface-hub, joblib, librosa, loguru, matplotlib, numpy,
  pillow, PyYAML, scikit-learn, soundfile, torch, torchaudio,
  transformers) now specify >= minimum-version constraints, giving library
  users flexibility to resolve their own dependency graphs; uv.lock continues
  to provide reproducible installs for development and CI

Security

• Pygments updated to 2.20.0 (uv.lock) — resolves
  CVE-2026-4539 /
  GHSA-5239-wwwm-4pmq,
  a ReDoS vulnerability in AdlLexer affecting Pygments < 2.20.0
  (Dependabot alert #3);
  Pygments is a dev/docs dependency via MkDocs and has no impact on the runtime
  library

---

Jabberjay v0.0.8.post2

Fixed

• Zenodo concept DOI corrected again — updated to 10.5281/zenodo.19056977
  across CITATION.cff, README.md, and both changelogs

---

Jabberjay v0.0.8.post1

Fixed

• Zenodo DOI corrected — all references updated from 10.5281/zenodo.19056978
  to the correct concept DOI 10.5281/zenodo.19057457 across CITATION.cff,
  README.md, and both changelogs

---

Jabberjay v0.0.8

Added

• Zenodo integration — repository is now archived on Zenodo; concept DOI
  (10.5281/zenodo.19056978) added to CITATION.cff, README badge row, and
  BibTeX entry in the README citation section
• .zenodo.json — explicit Zenodo record metadata (creator ORCID,
  affiliation, keywords, related identifiers for PyPI and docs) so archived
  records are consistent and complete
• Pre-commit hooks expanded — added trailing-whitespace, end-of-file-fixer,
  check-merge-conflict, check-added-large-files, check-yaml, check-json,
  check-toml, and detect-private-key from pre-commit-hooks; added
  scripts/sync_version.py local hook to keep CITATION.cff and README BibTeX
  version in sync with pyproject.toml automatically on every commit

Fixed

• RawNet2/run.py — YAML config loading now raises a descriptive
  RuntimeError instead of a raw OSError/YAMLError if the bundled config
  file is missing or malformed
• Utilities/label_normalizer.py — removed redundant float(str(...))
  double conversion; score is cast directly with float()

---

Jabberjay v0.0.7

Added

• CITATION.cff — machine-readable citation metadata for academic use;
  GitHub surfaces this as a "Cite this repository" button; compatible with
  Zenodo, Zotero, and other reference managers
• Sample rate validation — detect() now raises ValueError immediately
  for zero or negative sample rates when a pre-loaded audio tuple is passed,
  preventing silent failures in downstream model inference
• Test coverage for new behaviour — 7 new tests covering sample rate
  validation, BytesIO buffer cleanup on both success and error paths,
  figure cleanup on error paths, and Classical.predict() bonafide/spoof paths

Changed

• Dependency minimum versions pinned — all runtime dependencies now carry
  lower-bound constraints (torch>=2.0, transformers>=4.30,
  huggingface-hub>=0.20, librosa>=0.10, etc.) to prevent silent
  incompatibilities on fresh installs
• Contact and copyright updated — maintainer email changed to
  Matthew.Boakes@Gmail.com across CODE_OF_CONDUCT.md, SECURITY.md, and
  pyproject.toml; LICENSE updated to 2024-2026 Matthew Boakes and The Alan Turing Institute
• CONTRIBUTING.md model template corrected — example run.py now uses
  cast() + normalize_pipeline_scores() (matching real handlers) and the
  handler example uses _result_from_scores() instead of building
  DetectionResult manually; label normaliser variable names corrected to
  _BONAFIDE_SUBSTR / _SPOOF_SUBSTR / _BONAFIDE_EXACT / _SPOOF_EXACT

Fixed

• VIT/utility.py — BytesIO buffer is now always closed in the
  finally block, preventing a resource leak if Image.open() or
  img.load() raises
• Classical/run.py — renamed model variable to model_path to
  accurately reflect that download_pretrained_model() returns a file path,
  not a model object
• _result_from_scores() — parameter type restored to
  list[PredictionScore], keeping the type contract consistent end-to-end
  from model handlers through to DetectionResult.scores

---

Jabberjay v0.0.6

Added

• Documentation site — MkDocs + Material for MkDocs, hosted on GitHub Pages at
  https://mattyb95.github.io/Jabberjay; includes Getting Started, Models, CLI,
  and API Reference pages (auto-generated from docstrings via mkdocstrings)
• GitHub Release automation (release.yml) — creates a tagged release with
  changelog notes automatically on every push to main
• CodeQL security scanning (codeql.yml) — static analysis on push/PR and
  on a weekly schedule

Changed

• Updated GitHub Actions: actions/checkout v4→v6, astral-sh/setup-uv v5→v7,
  actions/upload-artifact v4→v7 (via Dependabot)
• Dependabot PRs now target the develop branch

---

v0.0.5

What's Changed

• release: v0.0.5 — new models, API overhaul, and tooling modernisation by @MattyB95 in #1

New Contributors

• @MattyB95 made their first contribution in #1

Full Changelog: v0.0.4...v0.0.5

v0.0.4

• Added ASVspoof5 Models 🤖
• Updated README
• Removed torch.load() warning for RawNet2
• Requirements Update

Full Changelog: v0.0.3...v0.0.4

Initial Release

Initial Release