Merge 548e3e4ab8 into c0d2f624c0

Release 20250625
2025-09-15 15:18:35 +08:00 · 2025-06-27 02:28:02 +00:00 · 2025-06-25 18:05:47 -07:00 · 2025-06-25 18:03:25 -07:00 · 2025-06-25 18:00:48 -07:00 · 2025-06-25 17:54:30 -07:00
6 changed files with 32 additions and 7 deletions
--- a/.github/workflows/python-publish.yml
+++ b/.github/workflows/python-publish.yml
@ -17,11 +17,11 @@ jobs:
    - name: Set up Python
      uses: actions/setup-python@v5
      with:
-        python-version: '3.8'
+        python-version: '3.12'
    - name: Install dependencies
      run: |
        python -m pip install --upgrade pip
-        pip install setuptools wheel twine
+        pip install setuptools wheel twine build
    - name: Release
      if: ${{ steps.regex-match.outputs.match != '' }}
      uses: softprops/action-gh-release@v2
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -1,5 +1,26 @@
 # CHANGELOG

+## [v20250625](https://github.com/openai/whisper/releases/tag/v20250625)
+
+* Fix: Update torch.load to use weights_only=True to prevent security w… ([#2451](https://github.com/openai/whisper/pull/2451))
+* Fix: Ensure DTW cost tensor is on the same device as input tensor ([#2561](https://github.com/openai/whisper/pull/2561))
+* docs: updated README to specify translation model limitation ([#2547](https://github.com/openai/whisper/pull/2547))
+* Fixed triton kernel update to support latest triton versions ([#2588](https://github.com/openai/whisper/pull/2588))
+* Fix: GitHub display errors for Jupyter notebooks ([#2589](https://github.com/openai/whisper/pull/2589))
+* Bump the github-actions group with 3 updates ([#2592](https://github.com/openai/whisper/pull/2592))
+* Keep GitHub Actions up to date with GitHub's Dependabot ([#2486](https://github.com/openai/whisper/pull/2486))
+* pre-commit: Upgrade black v25.1.0 and isort v6.0.0 ([#2514](https://github.com/openai/whisper/pull/2514))
+* GitHub Actions: Add Python 3.13 to the testing ([#2487](https://github.com/openai/whisper/pull/2487))
+* PEP 621: Migrate from setup.py to pyproject.toml ([#2435](https://github.com/openai/whisper/pull/2435))
+* pre-commit autoupdate && pre-commit run --all-files ([#2484](https://github.com/openai/whisper/pull/2484))
+* Upgrade GitHub Actions ([#2430](https://github.com/openai/whisper/pull/2430))
+* Bugfix: Illogical "Avoid computing higher temperatures on no_speech" ([#1903](https://github.com/openai/whisper/pull/1903))
+* Updating README and doc strings to reflect that n_mels can now be 128 ([#2049](https://github.com/openai/whisper/pull/2049))
+* fix typo data/README.md ([#2433](https://github.com/openai/whisper/pull/2433))
+* Update README.md ([#2379](https://github.com/openai/whisper/pull/2379))
+* Add option to carry initial_prompt with the sliding window ([#2343](https://github.com/openai/whisper/pull/2343))
+* more pytorch versions in tests ([#2408](https://github.com/openai/whisper/pull/2408))
+
 ## [v20240930](https://github.com/openai/whisper/releases/tag/v20240930)

 * allowing numpy 2 in tests ([#2362](https://github.com/openai/whisper/pull/2362))
--- a/requirements.txt
+++ b/requirements.txt
@ -1,7 +1,10 @@
 numba
-numpy
-torch
+numpy>=1.22.2 # minimum version requirement to fix vulnerability per snyk
+torch>=2.2.0 # minimum version requirement to fix vulnerability per snyk
 tqdm
 more-itertools
 tiktoken
 triton>=2.0.0;platform_machine=="x86_64" and sys_platform=="linux" or sys_platform=="linux2"
+setuptools>=70.0.0 # not directly required, pinned by Snyk to avoid a vulnerability
+zipp>=3.19.1 # not directly required, pinned by Snyk to avoid a vulnerability
+wheel>=0.38.0 # not directly required, pinned by Snyk to avoid a vulnerability
--- a/whisper/init.py
+++ b/whisper/init.py
@ -147,7 +147,8 @@ def load_model(
    with (
        io.BytesIO(checkpoint_file) if in_memory else open(checkpoint_file, "rb")
    ) as fp:
-        checkpoint = torch.load(fp, map_location=device)
+        kwargs = {"weights_only": True} if torch.__version__ >= "1.13" else {}
+        checkpoint = torch.load(fp, map_location=device, **kwargs)
    del checkpoint_file

    dims = ModelDimensions(**checkpoint["dims"])
--- a/whisper/timing.py
+++ b/whisper/timing.py
@ -117,7 +117,7 @@ def dtw_cuda(x, BLOCK_SIZE=1024):
    x_skew = x_skew.T.contiguous()
    cost = torch.ones(N + M + 2, M + 2) * np.inf
    cost[0, 0] = 0
-    cost = cost.cuda()
+    cost = cost.to(x.device)
    trace = torch.zeros_like(cost, dtype=torch.int32)

    dtw_kernel[(1,)](
--- a/whisper/version.py
+++ b/whisper/version.py
@ -1 +1 @@
-__version__ = "20240930"
+__version__ = "20250625"
Author	SHA1	Message	Date
BraveHeart-David	dafce4f1f1	Merge `548e3e4ab8` into `c0d2f624c0`	2025-06-27 02:28:02 +00:00
Jong Wook Kim	c0d2f624c0	Release 20250625 Some checks failed Release / deploy (push) Has been cancelled Details test / pre-commit (push) Has been cancelled Details test / whisper-test ('numpy', 3.11, 2.3.1) (push) Has been cancelled Details test / whisper-test ('numpy', 3.12, 2.4.1) (push) Has been cancelled Details test / whisper-test ('numpy', 3.12, 2.5.1) (push) Has been cancelled Details test / whisper-test ('numpy', 3.13, 2.5.1) (push) Has been cancelled Details test / whisper-test ('numpy<2', 3.10, 2.2.2) (push) Has been cancelled Details test / whisper-test ('numpy<2', 3.8, 1.10.1) (push) Has been cancelled Details test / whisper-test ('numpy<2', 3.8, 1.13.1) (push) Has been cancelled Details test / whisper-test ('numpy<2', 3.8, 2.0.1) (push) Has been cancelled Details test / whisper-test ('numpy<2', 3.9, 2.1.2) (push) Has been cancelled Details	2025-06-25 18:05:47 -07:00
Jong Wook Kim	db7fbc75fe	Release 20250625	2025-06-25 18:03:25 -07:00
Jong Wook Kim	31243bad24	Release 20250625	2025-06-25 18:00:48 -07:00
Dridi Yassin	1f8fc975d3	Fix: Update torch.load to use weights_only=True to prevent security w… (#2451 ) * Fix: Update torch.load to use weights_only=True to prevent security warning * Update __init__.py * Update __init__.py --------- Co-authored-by: Jong Wook Kim <jongwook@openai.com>	2025-06-25 17:54:30 -07:00
Nathan Harmon	679ae1d141	Fix: Ensure DTW cost tensor is on the same device as input tensor (#2561 ) Co-authored-by: Jong Wook Kim <jongwook@openai.com>	2025-06-25 17:42:09 -07:00
BraveHeart-David	548e3e4ab8	Update requirements.txt To fix vulnerability per snyk, we set the minimum versions.	2024-12-03 22:29:54 +08:00
BraveHeart-David	458b0538b9	Merge pull request #6 from openai/main Bugfix: Illogical "Avoid computing higher temperatures on no_speech" …	2024-12-03 21:17:19 +08:00
BraveHeart-David	dc7b5325b8	Merge pull request #5 from openai/main Updating README and doc strings to reflect that n_mels can now be 128…	2024-11-28 15:39:31 +08:00
BraveHeart-David	3a2366e7e1	Merge pull request #4 from BraveHeart-David/snyk-fix-5bd06031a0ec037f3049b211dde2b777 [Snyk] Security upgrade wheel from 0.32.2 to 0.38.0	2024-11-25 11:33:13 +08:00
snyk-bot	55e0339342	fix: requirements.txt to reduce vulnerabilities The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-WHEEL-3180413	2024-11-25 03:31:21 +00:00
BraveHeart-David	e9c1f7fced	Merge pull request #3 from BraveHeart-David/snyk-fix-bdbd0a69a2d1927285019fd18ae29429 [Snyk] Security upgrade zipp from 3.15.0 to 3.19.1	2024-11-25 10:40:02 +08:00
snyk-bot	c8128c2aa2	fix: requirements.txt to reduce vulnerabilities The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-ZIPP-7430899	2024-11-25 02:25:57 +00:00
BraveHeart-David	16c2821dc7	Merge pull request #2 from BraveHeart-David/snyk-fix-71bb6be8e11062d450fdc7647bf71544 [Snyk] Security upgrade setuptools from 40.5.0 to 70.0.0	2024-11-25 08:31:06 +08:00
snyk-bot	2cc6bcf1b0	fix: requirements.txt to reduce vulnerabilities The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-SETUPTOOLS-3180412 - https://snyk.io/vuln/SNYK-PYTHON-SETUPTOOLS-7448482	2024-11-19 07:55:23 +00:00
BraveHeart-David	3c45fc4ae6	Merge pull request #1 from BraveHeart-David/snyk-fix-f5bed9b1d80526c362f894e8f534d5da [Snyk] Security upgrade setuptools from 40.5.0 to 70.0.0	2024-11-19 15:51:25 +08:00
snyk-bot	32ddcb1dd2	fix: requirements.txt to reduce vulnerabilities The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-SETUPTOOLS-7448482	2024-11-19 07:44:25 +00:00