feat: rnnoise and ringbuf as submodules rather than copied libraries

[TheDukeofErl]

This PR migrates the dependencies that are on github to be submodules to lower the overall code audit needs over time.

This isn't something that has to be approved now but I think is worth considering in order to simplify the maintenance of the code. Once the current audit is finished this can then be tested and merged.

When the time comes to update the README with information on the repository again, it would be a good idea to include instructions for cloning the repo git clone --recurse-submodules https://github.com/noisetorch/NoiseTorch.git and updating the repo git submodule update --init --recursive.

Note that the ladspa files themselves aren't as simple to deal with in terms of doing this: I was able to find some of the involved files in other repos but wasn't able to find the full dependency so that may be something that just has to remain maintained by the noisetorch organization.

[ZyanKLee]

I personally like the idea of removing external dependencies from the projects codebase.

To ensure the supply chain, I would suggest to fork those projects into the org instead of using them directly.

That way we would on the one hand stay in control about which state of those projects will be used during build (by also using them as submodules) and also make sure deleted or otherwise impaired projects will not be a problem for us.

[TheDukeofErl]

I think that's a reasonable course of action. I initially took this approach, more or less copying how Valve handled it with Proton by just using the repositories directly.

Once the noisetorch org forks rnnoise and c-ringbuf I'll update the PR. Taking that approach, a better and more consistent course can even be taken with ladspa, which would be great.

[ZyanKLee]

Once the noisetorch org forks rnnoise and c-ringbuf I'll update the PR. Taking that approach, a better and more consistent course can even be taken with ladspa, which would be great.

I forked both projects.

[TheDukeofErl]

Thanks, I've gotten the submodules pointed at the noisetorch forks.

[ZyanKLee]

This basically LGTM. Just one small issue I had, that has a suggested fix in @OldiLo's PR #269 .

[OldiLo]

Good

EDIT: and please, remove the vendor folder

[TheDukeofErl]

EDIT: and please, remove the vendor folder

I think it's best to have that in a separate, specific to that task PR, for a couple of reasons, the first being that keeping this PR focused on just these dependencies makes it easily trackable/reversible (if necessary), the second being that there needs to be an open discussion over the removal of the vendor folder given the previous pushback against that.