PathFlow Guard is maintained as workflow-support software for digital pathology QC ingestion. Contributions should keep the current product position explicit: deterministic routing and operator review support, not autonomous diagnosis.
From the repository root:
cd python\orchestrator
py -3.12 -m pip install --upgrade pip
py -3.12 -m pip install -e ".[dev]"
py -3.12 -m unittest discover -s tests -v
ruff check src testsCompanion modules:
cargo test --manifest-path rust\attestor\Cargo.toml
cmake -S cpp\qc-core -B build\cpp
cmake --build build\cpp --config Release
ctest --test-dir build\cpp --build-config Release --output-on-failure- Keep changes small enough to review clinically and operationally.
- Update tests with behavioral changes.
- Update
README.md,CHANGELOG.md, and the quality docs when product claims or verification scope changes. - Do not commit generated runtime folders, packaged executables, SQLite databases, or
__pycache__outputs.
-
Update
CHANGELOG.mdand ensure the release version is aligned in:python/orchestrator/pyproject.tomlrust/attestor/Cargo.tomlSECURITY.md
-
Build the release package locally when you want a pre-publish verification pass:
.\scripts\build_release.ps1 -Version X.Y.Z -Python "py -3.12"
-
Ensure CI is green on
main. -
Create and push a tag in the form
vX.Y.Z. -
GitHub Actions builds the Windows executable, runs packaged smoke tests, assembles release assets, and publishes the GitHub Release.
-
If code-signing secrets are configured, the release workflow signs
PathFlowGuard.exebefore publishing.
Optional release secrets for Windows signing:
WINDOWS_CERT_BASE64: base64-encoded PFX certificateWINDOWS_CERT_PASSWORD: password for the PFX certificate
Do not report vulnerabilities in public issues. Use the private GitHub Security reporting flow described in SECURITY.md.