mahalanobis: missing _validate_raster on bands

[brendancol]

Summary

mahalanobis() does not call _validate_raster() on each input band. The existing validate_arrays() helper only checks that bands have matching shapes and array types -- it does not enforce a numeric dtype. Boolean and other non-numeric DataArrays are silently coerced to float64 and produce an output, when they should raise a clear error at the input boundary.

The HIGH-severity memory guard for this function was addressed in #1288. The dtype-validation gap is a separate Cat 6 finding from the audit and was deferred per the one-fix-per-PR convention.

Reproducer

from xrspatial import mahalanobis
import xarray as xr
import numpy as np

rng = np.random.default_rng(0)
b1 = xr.DataArray(rng.integers(0, 2, size=(10, 10)).astype(bool))
b2 = xr.DataArray(rng.integers(0, 2, size=(10, 10)).astype(bool))

out = mahalanobis([b1, b2])
print(out.dtype)  # float64 -- silently coerced

Expected: a ValueError from _validate_raster() reporting the non-numeric dtype.
Actual: silent coercion to float64.

Fix

At the top of mahalanobis(), call _validate_raster(band, func_name='mahalanobis', ndim=2) for every band before the existing validate_arrays() and memory-guard logic.

Order:

1. validate each band (dtype + ndim)
2. matching shape / array-type check (validate_arrays)
3. memory guard
4. compute

Related

• mahalanobis: unbounded float64 allocations on numpy and cupy backends #1288 (mahalanobis memory guard, the HIGH fix from the same audit)