Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Welcome to Spokestack Python! This library is intended for developing voice interfaces in Python. This can include anything from Raspberry Pi applications like traditional smart speakers to Django web applications. Anything built in Python can be given a voice interface.
Once system dependencies have been satisfied, you can install the library with the following.
pip install spokestack
This library requires a way to run TFLite models. There are two ways to add this ability. The first is installing the full Tensorflow library.
The full Tensorflow package is installed with the following:
pip install tensorflow
In use cases where you require a small footprint, such as on a Raspberry Pi or similar embedded devices, you will want to install the TFLite Interpreter.
pip install --extra-index-url https://google-coral.github.io/py-repo/ tflite_runtime
If you are unable to install the wheel, you may have to install some system dependencies for audio input and output.
brew install lame portaudio
sudo apt-get install portaudio19-dev libmp3lame-dev
We currently do not support Windows 10 natively, and recommend you install Windows Subsystem for Linux (WSL) with the Debian dependencies. However, if you would like to work on native Windows support, we will gladly accept pull requests.
Another potential avenue for using spokestack
on Windows 10 is from anaconda. This is without support for Text To Speech (TTS) though due to the Lame dependency. PortAudio, on the other hand, can be installed via conda
.
conda install portaudio
The quickest way to start using spokestack
is by using one of the pre-configured pipeline instances. We offer several of these Profiles, which fit many general use cases.
from spokestack.profile.wakeword_asr import WakewordSpokestackASR
pipeline = WakewordSpokestackASR.create(
"spokestack_id", "spokestack_secret", model_dir="path_to_wakeword_model"
)
If you would like fine-grained control over what is included in the pipeline, you can use SpeechPipeline
. This is the module that ties together VAD (voice activity detection), wakeword, and ASR (automated speech detection). The VAD listens to a frame of audio captured by the input device to determine if speech is present. If it is, the wakeword model processes subsequent frames of audio looking for the keyword it has been trained to recognize. If the keyword is found, the pipeline is activated and performs speech recognition, converting the subsequent audio into a transcript. The SpeechPipeline
is initialized like this:
from spokestack.activation_timeout import ActivationTimeout
from spokestack.io.pyaudio import PyAudioInput
from spokestack.pipeline import SpeechPipeline
from spokestack.vad.webrtc import VoiceActivityDetector
from spokestack.wakeword.tflite import WakewordTrigger
from spokestack.asr.spokestack.speech_recognizer import SpeechRecognizer
mic = PyAudioInput()
vad = VoiceActivityDetector()
wake = WakewordTrigger("path_to_tflite_model")
asr = SpeechRecognizer("spokestack_id", "spokestack_secret")
timeout = ActivationTimeout()
pipeline = SpeechPipeline(mic, [vad, wake, asr, timeout])
pipeline.run()
Now that the pipeline is running, it becomes important to access the results from processes at certain events. For example, when speech is recognized there is a recognize
event. These events allow code to be executed outside the pipeline in response. The process of registering a response is done with a pipeline callback, which we will cover in the next section.
Pipeline callbacks allow additional code to be executed when a speech event is detected. For example, we can print when the pipeline is activated by registering a function with the pipeline.event
decorator.
@pipeline.event
def on_activate(context):
print(context.is_active)
One of the most important use cases for a pipeline callback is accessing the ASR transcript for additional processing by the NLU. The transcript is accessed with the following:
@pipeline.event
def on_recognize(context):
print(context.transcript)
Natural Language Understanding turns an utterance into structured data a machine can act on. For our purposes, this is joint intent detection and slot filling. You can read more about the concepts here. We like to think of intents as the action a user desires from an application, and slots as the optional arguments to fulfill the requested action. Our NLU model is initialized like this:
from spokestack.nlu.tflite import TFLiteNLU
nlu = TFLiteNLU("path_to_tflite_model")
Now that the NLU is initialized we can go ahead and add that part to the callback.
@pipeline.event
def on_recognize(context):
results = nlu(context.transcript)
Text To Speech, as the name implies, converts text into spoken audio. This the method for giving your application a voice. We provide one TTS voice for free when you sign up for a Spokestack account, but you can contact us to train a truly custom voice. The TTS API keys are the same as SpeechRecognizer
. The basic TTS initialization is the following:
from spokestack.tts.manager import TextToSpeechManager
from spokestack.tts.clients.spokestack import TextToSpeechClient
from spokestack.io.pyaudio import PyAudioOutput
client = TextToSpeechClient("spokestack_id", "spokestack_secret")
output = PyAudioOutput()
manager = TextToSpeechManager(client, output)
manager.synthesize("welcome to spokestack")
To demonstrate a simple TTS callback let's set up something that reads back what the ASR recognized:
@pipeline.event
def on_recognize(context):
manager.synthesize(context.transcript)
From the root project directory:
cd docs
make clean && make html
This project is distributed using PyPI. The following is the command to build for installation.
python setup.py clean --all; rm -r ./dist
python setup.py sdist bdist_wheel
Twine is used to upload the wheel and source distribution.
twine upload dist/*
Copyright 2021 Spokestack, Inc.
Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License here
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
FAQs
Spokestack Library for Python
We found that spokestack demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.