-
Notifications
You must be signed in to change notification settings - Fork 0
how to contribute tooling
CSV Anonymizer centralizes local commands in package.json, frontend commands in frontend/package.json, implementation scripts in scripts, and CI behavior in .github/workflows. Pair this page with Testing and Deployment.
package.json is the contributor command surface.
| Area | Scripts |
|---|---|
| Development |
npm run dev, npm run tauri:dev
|
| Build |
npm run frontend:build, npm run build, npm run tauri:build, npm run build:stable
|
| Quality gates |
npm run fmt, npm run lint, npm run test, npm run typecheck
|
| Contracts and docs |
npm run contracts:check, npm run docs:check
|
| Dead code and audits |
npm run deadcode:required, npm run frontend:audit, npm run cargo:audit, npm run cargo:machete
|
| Browser checks |
npm run frontend:e2e, npm run frontend:a11y
|
| Release checks |
npm run release:check, npm run tauri:prebuilt:check, npm run artifacts:rust:check
|
| Packaging |
npm run dist:mac, npm run dist:linux, npm run linux:package-manager:check
|
| Smoke |
npm run smoke:rust, npm run smoke:packaged, node scripts/rust-smoke.mjs
|
The root scripts are intentionally composed from narrower frontend, Rust, and script checks.
frontend/package.json owns React/Vite tooling:
-
npm --prefix frontend run devstarts Vite. -
npm --prefix frontend run buildruns TypeScript checks and Vite build. -
npm --prefix frontend run testruns Vitest. -
npm --prefix frontend run e2eanda11yrun Playwright groups. -
npm --prefix frontend run typecheckchecks app and e2e TypeScript projects. -
npm --prefix frontend run deadcodeanddeadcode:productionrun Knip.
Frontend configuration lives in frontend/vite.config.ts, frontend/playwright.config.ts, and knip.json.
Important scripts under scripts include:
| Script | Purpose |
|---|---|
scripts/check-contracts.mjs |
Compares selected Rust and TypeScript DTO contracts |
scripts/check-docs.mjs |
Verifies documented root npm run scripts exist |
scripts/rust-smoke.mjs |
Builds or uses the CLI harness and checks fixture anonymization |
scripts/cargo-audit.mjs |
Runs cargo audit, required in CI or with --required
|
scripts/cargo-machete.mjs |
Runs cargo machete, required in CI or with --required
|
scripts/check-release-metadata.mjs |
Validates version, changelog, Tauri, Linux metadata, icons, and forbidden model artifacts |
scripts/build_frontend_for_tauri.sh |
Builds or validates frontend/dist for Tauri |
scripts/check-tauri-prebuilt-frontend.sh |
Tests the prebuilt frontend guard |
scripts/package-tauri-linux.mjs |
Builds and copies Linux Tauri .deb, .rpm, and AppImage artifacts |
scripts/validate_linux_package_metadata.py |
Extracts Linux packages and validates desktop/AppStream metadata |
scripts/build_apt_repository.py |
Generates the signed APT repository and repository setup package |
scripts/check-apt-repository.mjs |
Exercises signed APT repository generation |
scripts/check-apt-installer.mjs |
Validates rendered APT installer fingerprint and staging behavior |
scripts/check-rust-artifacts.mjs |
Validates expected desktop artifact names and presence |
scripts/package-rust-macos.mjs |
Packages macOS release artifacts |
scripts/notarize-macos-artifact.sh |
Submits macOS artifacts for notarization in release jobs |
Release scripts are part of the product surface. Changes should include script tests or CI-equivalent validation.
| Workflow | Path | Purpose |
|---|---|---|
| CI | .github/workflows/ci.yml |
Path-filtered docs, Rust/frontend, package, e2e/a11y, audit, clippy, build, and smoke checks |
| Release | .github/workflows/release.yml |
Tag-triggered validation, draft release creation, signed/notarized macOS builds, Linux package builds, signed checksum sidecars, APT Pages publishing, and final release publication |
| Dead code and dependency scan | .github/workflows/dead-code.yml |
Weekly and manual cargo-audit plus required dead-code scans |
CI pins Node 26 and the Tauri CLI version with TAURI_CLI_VERSION, while package.json keeps the local engine floor at >=22.13.0.
-
cargo-auditandcargo-macheteare optional locally unless required mode is enabled, but CI installs them and treats failures as blocking. - Playwright Chromium must be installed once with
cd frontend && npx playwright install chromium. - Linux Tauri packaging needs platform libraries and packaging tools listed in
.github/workflows/ci.ymland.github/workflows/release.yml. - macOS release signing and notarization run in GitHub Actions with secrets, not local source files.