Skip to content

how to contribute development workflow

Douwe de Vries edited this page Jul 1, 2026 · 1 revision

Development workflow

This page describes the usual local loop for CSV Anonymizer contributors. It complements Testing, Tooling, and Patterns and conventions.

Setup

Install the project requirements from README.md:

  • Rust stable.
  • Node.js >=22.13.0.
  • Frontend dependencies from frontend/package-lock.json.
  • Playwright Chromium for browser and accessibility checks.
npm ci --prefix frontend
cd frontend && npx playwright install chromium

Run the desktop app through Tauri:

npm run tauri:dev

The root dev script is an alias for the same Tauri dev flow.

Edit loops by layer

Layer Edit paths Fast checks
React UI frontend/src npm run frontend:typecheck, npm run frontend:test, npm run frontend:lint
Tauri shell src-tauri/src cargo test -p csv-anonymizer-tauri, cargo check -p csv-anonymizer-tauri
Rust core crates/csv-anonymizer-core/src cargo test -p csv-anonymizer-core, cargo check -p csv-anonymizer-core
CLI smoke harness crates/csv-anonymizer-app/src cargo test -p csv-anonymizer-app, node scripts/rust-smoke.mjs
Scripts and release checks scripts, .github/workflows, package.json Run the specific script plus npm run release:check when release metadata is involved

Prefer scoped checks while iterating, then run the broader gates before handoff or PR.

Contract loop

Rust DTOs in crates/csv-anonymizer-core/src/types.rs are mirrored manually in frontend/src/types.ts. Tauri command wrappers in frontend/src/tauri.ts depend on those shapes.

After changing a shared enum, struct, or command payload:

npm run contracts:check
npm run test

The contract check verifies selected enum variants and struct fields across Rust and TypeScript. Serialization behavior still belongs in targeted Rust or frontend tests when optional fields, defaults, or casing change.

Release cautions

Release work touches many files at once: package.json, frontend/package.json, frontend/package-lock.json, Cargo.toml, src-tauri/tauri.conf.json, CHANGELOG.md, and build/linux/io.github.ddv1982.csv-data-anonymizer.metainfo.xml.

Do not create tags, edit signing workflows, or change release metadata during normal feature work. When release work is explicitly requested, follow Deployment and docs/releasing.md.

Secrets and local artifacts

  • Do not paste signing secrets, Apple credentials, GPG private keys, or local model paths into source or wiki pages.
  • Keep GitHub Actions secret values in CI only.
  • Do not track Local AI model/runtime artifacts such as .gguf files, Ollama caches, model caches, or llama-server binaries.
  • Use the configured Ollama loopback endpoint only through the Local AI code paths in src-tauri/src/local_ai.

Full local gate

Before a broad PR or release-adjacent change, run the canonical checks that apply:

npm run fmt
npm run lint
npm run test
npm run typecheck
npm run deadcode:required
npm run docs:check
npm run release:check
npm run tauri:prebuilt:check
npm run frontend:e2e
npm run frontend:a11y
npm run frontend:audit
npm run cargo:audit:required
node scripts/rust-smoke.mjs

Use platform package checks from Deployment when installer or Linux package metadata changes.

Clone this wiki locally