docs: comprehensive documentation updates and modernization

- Update BUILDING.md with current build system information
- Modernize various README files across the project
- Update CHANGELOG.md with recent changes
- Improve documentation consistency and formatting
- Update platform-specific documentation (iOS, Electron, Docker)
- Enhance test documentation and build guides

doc/sharebufferarray_spectre_security.md

@@ -4,11 +4,13 @@
 ## 1. Introduction to SharedArrayBuffer
 
 ### Overview
+
 - `SharedArrayBuffer` is a JavaScript object that enables **shared memory** access between the main thread and Web Workers.
 - Unlike `ArrayBuffer`, the memory is **not copied** between threads—allowing **true parallelism**.
 - Paired with `Atomics`, it allows low-level memory synchronization (e.g., locks, waits).
 
 ### Example Use
+
 ```js
 const sab = new SharedArrayBuffer(1024);
 const sharedArray = new Uint8Array(sab);
@@ -18,6 +20,7 @@ sharedArray[0] = 42;
 ## 2. Browser Security Requirements
 
 ### Security Headers Required to Use SharedArrayBuffer
+
 Modern browsers **restrict access** to `SharedArrayBuffer` due to Spectre-class vulnerabilities.
 
 The following **HTTP headers must be set** to enable it:
@@ -28,23 +31,28 @@ Cross-Origin-Embedder-Policy: require-corp
 ```
 
 ### HTTPS Requirement
+
 - Must be served over **HTTPS** (except `localhost` for dev).
 - These headers enforce **cross-origin isolation**.
 
 ### Role of CORS
+
 - CORS **alone is not sufficient**.
 - However, embedded resources (like scripts and iframes) must still include proper CORS headers if they are to be loaded in a cross-origin isolated context.
 
 ## 3. Spectre Vulnerability
 
 ### What is Spectre?
+
 - A class of **side-channel attacks** exploiting **speculative execution** in CPUs.
 - Allows an attacker to read arbitrary memory from the same address space.
 
 ### Affected Architectures
+
 - Intel, AMD, ARM — essentially **all modern processors**.
 
 ### Why It's Still a Concern
+
 - It's a **hardware flaw**, not just a software bug.
 - Can't be fully fixed in software without performance penalties.
 - New Spectre **variants** (e.g., v2, RSB, BranchScope) continue to emerge.
@@ -52,16 +60,19 @@ Cross-Origin-Embedder-Policy: require-corp
 ## 4. Mitigations and Current Limitations
 
 ### Browser Mitigations
+
 - **Restricted precision** for `performance.now()`.
 - **Disabled or gated** access to `SharedArrayBuffer`.
 - **Reduced or removed** fine-grained timers.
 
 ### OS/Hardware Mitigations
+
 - **Kernel Page Table Isolation (KPTI)**
 - **Microcode updates**
 - **Retpoline** compiler mitigations
 
 ### Developer Responsibilities
+
 - Avoid sharing sensitive data across threads unless necessary.
 - Use **constant-time cryptographic functions**.
 - Assume timing attacks are **still possible**.
@@ -70,10 +81,12 @@ Cross-Origin-Embedder-Policy: require-corp
 ## 5. Practical Development Notes
 
 ### Using SharedArrayBuffer Safely
+
 - Ensure the site is **cross-origin isolated**:
   - Serve all resources with appropriate **CORS policies** (`Cross-Origin-Resource-Policy`, `Access-Control-Allow-Origin`)
   - Set the required **COOP/COEP headers**
 - Validate support using:
+
 ```js
 if (window.crossOriginIsolated) {
     // Safe to use SharedArrayBuffer
@@ -81,6 +94,7 @@ if (window.crossOriginIsolated) {
 ```
 
 ### Testing and Fallback
+
 - Provide fallbacks to `ArrayBuffer` if isolation is not available.
 - Document use cases clearly (e.g., high-performance WebAssembly applications or real-time audio/video processing).