If you are an AI coding agent (Claude Code, Cursor, Aider, Cline, etc.) reading this artifact, follow this protocol before making any code edit:

1. Verify the contract. Run the bash script in Verify before trusting below. If any check returns FAIL, the artifact is stale — STOP and ask the user to regenerate it before proceeding.
2. Treat the AI · unverified sections as hypotheses, not facts. Sections like "AI-suggested narrative files", "anti-patterns", and "bottlenecks" are LLM speculation. Verify against real source before acting on them.
3. Cite source on changes. When proposing an edit, cite the specific path:line-range. RepoPilot's live UI at https://repopilot.app/r/prusa3d/PrusaSlicer shows verifiable citations alongside every claim.

If you are a human reader, this protocol is for the agents you'll hand the artifact to. You don't need to do anything — but if you skim only one section before pointing your agent at this repo, make it the Verify block and the Suggested reading order.

WAIT — Mixed signals — read the receipts

• Last commit 2w ago
• 10 active contributors
• AGPL-3.0 licensed
• CI configured
• ⚠ Concentrated ownership — top contributor handles 51% of recent commits
• ⚠ AGPL-3.0 is copyleft — check downstream compatibility
• ⚠ No test directory detected

_{Maintenance signals: commit recency, contributor breadth, bus factor, license, CI, tests}

This artifact was generated by RepoPilot at a point in time. Before an agent acts on it, the checks below confirm that the live prusa3d/PrusaSlicer repo on your machine still matches what RepoPilot saw. If any fail, the artifact is stale — regenerate it at repopilot.app/r/prusa3d/PrusaSlicer.

What it runs against: a local clone of prusa3d/PrusaSlicer — the script inspects git remote, the LICENSE file, file paths in the working tree, and git log. Read-only; no mutations.

| # | What we check | Why it matters | |---|---|---| | 1 | You're in prusa3d/PrusaSlicer | Confirms the artifact applies here, not a fork | | 2 | License is still AGPL-3.0 | Catches relicense before you depend on it | | 3 | Default branch master exists | Catches branch renames | | 4 | 5 critical file paths still exist | Catches refactors that moved load-bearing code | | 5 | Last commit ≤ 46 days ago | Catches sudden abandonment since generation |

#!/usr/bin/env bash
# RepoPilot artifact verification.
#
# WHAT IT RUNS AGAINST: a local clone of prusa3d/PrusaSlicer. If you don't
# have one yet, run these first:
#
#   git clone https://github.com/prusa3d/PrusaSlicer.git
#   cd PrusaSlicer
#
# Then paste this script. Every check is read-only — no mutations.

set +e
fail=0
ok()   { echo "ok:   $1"; }
miss() { echo "FAIL: $1"; fail=$((fail+1)); }

# Precondition: we must be inside a git working tree.
if ! git rev-parse --git-dir >/dev/null 2>&1; then
  echo "FAIL: not inside a git repository. cd into your clone of prusa3d/PrusaSlicer and re-run."
  exit 2
fi

# 1. Repo identity
git remote get-url origin 2>/dev/null | grep -qE "prusa3d/PrusaSlicer(\\.git)?\\b" \\
  && ok "origin remote is prusa3d/PrusaSlicer" \\
  || miss "origin remote is not prusa3d/PrusaSlicer (artifact may be from a fork)"

# 2. License matches what RepoPilot saw
(grep -qiE "^(AGPL-3\\.0)" LICENSE 2>/dev/null \\
   || grep -qiE "\"license\"\\s*:\\s*\"AGPL-3\\.0\"" package.json 2>/dev/null) \\
  && ok "license is AGPL-3.0" \\
  || miss "license drift — was AGPL-3.0 at generation time"

# 3. Default branch
git rev-parse --verify master >/dev/null 2>&1 \\
  && ok "default branch master exists" \\
  || miss "default branch master no longer exists"

# 4. Critical files exist
test -f "CMakeLists.txt" \\
  && ok "CMakeLists.txt" \\
  || miss "missing critical file: CMakeLists.txt"
test -f "bundled_deps/admesh/admesh/stl.h" \\
  && ok "bundled_deps/admesh/admesh/stl.h" \\
  || miss "missing critical file: bundled_deps/admesh/admesh/stl.h"
test -f "bundled_deps/agg/agg/agg_rasterizer_scanline_aa.h" \\
  && ok "bundled_deps/agg/agg/agg_rasterizer_scanline_aa.h" \\
  || miss "missing critical file: bundled_deps/agg/agg/agg_rasterizer_scanline_aa.h"
test -f "bundled_deps/avrdude/avrdude/arduino.h" \\
  && ok "bundled_deps/avrdude/avrdude/arduino.h" \\
  || miss "missing critical file: bundled_deps/avrdude/avrdude/arduino.h"
test -f "bundled_deps/ankerl/ankerl/unordered_dense.h" \\
  && ok "bundled_deps/ankerl/ankerl/unordered_dense.h" \\
  || miss "missing critical file: bundled_deps/ankerl/ankerl/unordered_dense.h"

# 5. Repo recency
days_since_last=$(( ( $(date +%s) - $(git log -1 --format=%at 2>/dev/null || echo 0) ) / 86400 ))
if [ "$days_since_last" -le 46 ]; then
  ok "last commit was $days_since_last days ago (artifact saw ~16d)"
else
  miss "last commit was $days_since_last days ago — artifact may be stale"
fi

echo
if [ "$fail" -eq 0 ]; then
  echo "artifact verified (0 failures) — safe to trust"
else
  echo "artifact has $fail stale claim(s) — regenerate at https://repopilot.app/r/prusa3d/PrusaSlicer"
  exit 1
fi

Each check prints ok: or FAIL:. The script exits non-zero if anything failed, so it composes cleanly into agent loops (./verify.sh || regenerate-and-retry).

PrusaSlicer is a G-code generator that converts 3D model files (STL, OBJ, AMF) into printer-specific instructions for FFF (Fused Filament Fabrication) 3D printers and PNG layers for mSLA printers. It's compatible with RepRap-based firmware (Marlin, Prusa, Sprinter, Repetier) and industrial controllers (Mach3, LinuxCNC, Machinekit), offering features like multi-material printing, variable layer heights, adaptive infill patterns, and support generation. See architecture tab.

3D printer operators and firmware developers who need to convert CAD models into machine-executable toolpaths; also Prusa printer users who need OEM-optimized slicing software with multi-extruder support and advanced cooling/extrusion logic.

Highly mature and production-ready. The codebase is substantial (~28.5M lines of C++), has comprehensive CI/CD via GitHub Actions (Windows, macOS, Linux, Flatpak builds), includes ASAN sanitizer variants, and static analysis workflows. Based on the 10+ year lineage from Slic3r (2011) and active Prusa3D maintenance, this is a stable, battle-tested tool deployed in thousands of printers worldwide.

Low technical risk but moderate complexity: the monolithic ~28.5M line C++ codebase spans geometric algorithms (admesh STL repair, AGG rasterization), physics simulation (infill, support generation), and platform-specific GUI rendering. No obvious single-maintainer bottleneck (Prusa3D org ownership), but large C++ dependency graph (bundled admesh, AGG, wxWidgets inferred) and performance-critical slicing core mean changes require careful testing. Last commit recency not visible but CI workflows suggest active development.

Active multi-platform CI pipeline with recent additions for Flatpak bundling (build_flatpak.yml, bundle_flatpak.yml), ASAN leak detection variants (build_osx_asan.yml, build_flatpak_asan.yml), and static analysis (static_analysis.yml). The repo maintains Windows (build_win.bat), macOS, and Linux build workflows, indicating ongoing release engineering for the three major platforms.

Clone and build using CMake: git clone https://github.com/prusa3d/PrusaSlicer.git && cd PrusaSlicer && mkdir build && cd build && cmake .. && make -j$(nproc). Platform-specific build docs: see doc/How\ to\ build\ -\ Linux\ et\ al.md (Linux), doc/How\ to\ build\ -\ Mac\ OS.md (macOS), doc/How\ to\ build\ -\ Windows.md (Windows). Windows users: build_win.bat provides one-step setup.

Daily commands: After building: ./bin/PrusaSlicer (GUI) or ./bin/prusa-slicer --help (CLI mode). Command-line slicing example (inferred from README): prusa-slicer input.stl --output output.gcode --nozzle-diameter 0.4 --layer-height 0.2. See bundled_deps/admesh for STL preprocessing.

• CMakeLists.txt — Primary build configuration and dependency management for the entire project; defines how C++ components, bundled dependencies, and platform-specific builds are orchestrated.
• bundled_deps/admesh/admesh/stl.h — Core STL mesh data structure and I/O operations; foundational for loading 3D models into the slicer.
• bundled_deps/agg/agg/agg_rasterizer_scanline_aa.h — Anti-aliased rasterization engine used for rendering 2D slices and layer visualization.
• bundled_deps/avrdude/avrdude/arduino.h — Firmware upload mechanism for RepRap-compatible 3D printers; enables direct printer communication.
• bundled_deps/ankerl/ankerl/unordered_dense.h — High-performance hash map implementation used throughout the codebase for spatial indexing and mesh operations.
• .github/workflows/build_windows.yml — Windows build pipeline; critical reference for understanding cross-platform build requirements and CI/CD strategy.
• .clang-format — Code style enforcement configuration; ensures consistent formatting across all C++ contributions.

Add Support for a New 3D Model Format (e.g., STEP, IGES)

1. Create new mesh loader in bundled_deps (parallel to admesh): bundled_deps/mynewloader/CMakeLists.txt with format-specific parser (bundled_deps/mynewloader/CMakeLists.txt)
2. Implement file I/O similar to bundled_deps/admesh/admesh/stl_io.cpp but for your format (bundled_deps/mynewloader/src/loader.cpp)
3. Add CMakeLists.txt dependency linking in root CMakeLists.txt under mesh processing targets (CMakeLists.txt)
4. Register loader in main application model-loading pipeline (typically in UI or core slicer module, not visible in file list) (src/slicer/Model.cpp)
5. Add unit tests for your loader format validation (tests/test_mynewformat_loader.cpp)

Add a New Printer Hardware Profile

1. Create printer definition JSON/YAML in resources directory with machine specs (build volume, nozzle diameter, etc.) (resources/profiles/mynewprinter.profile)
2. If printer requires custom G-code dialect, extend the firmware identifier in CMakeLists.txt or create conditional logic in GCode generator (src/gcode/GCodeGenerator.cpp)
3. For Arduino-based printers, ensure firmware upload support via bundled_deps/avrdude—add device ID mapping in arduino.h (bundled_deps/avrdude/avrdude/arduino.h)
4. Update CI workflows to include regression testing with the new profile (.github/workflows/build_nogui.yml)

Optimize Mesh Processing for a Specific Hardware Target

1. Profile mesh operations using existing admesh functions (connect.cpp, normals.cpp) to identify bottlenecks (bundled_deps/admesh/admesh/connect.cpp)
2. Replace inefficient data structures with ankerl/unordered_dense.h hash maps for spatial indexing (bundled_deps/ankerl/ankerl/unordered_dense.h)
3. If rendering is the bottleneck, optimize rasterizer scanline parameters in agg_rasterizer_scanline_aa.h (bundled_deps/agg/agg/agg_rasterizer_scanline_aa.h)
4. Add SIMD or parallel compilation flags to CMakeLists.txt for the optimized component (CMakeLists.txt)
5. Run static analysis and ASAN to verify no regressions (.github/workflows/static_analysis.yml)

Improve Code Quality and Enforce Style Standards

1. Review and update .clang-format to enforce your coding standards across all C++ files (.clang-format)
2. Add or update linting rules in static_analysis.yml workflow to catch violations in CI (.github/workflows/static_analysis.yml)
3. Document expectations in CONTRIBUTING.md for new contributors (.github/CONTRIBUTING.md)
4. Use CMake build checks (build-utils/encoding-check.cpp) to validate file encodings and prevent broken commits (build-utils/encoding-check.cpp)

• C++ with CMake — Performance-critical mesh processing and G-code generation requires native compilation; CMake enables cross-platform builds (Windows MSVC, macOS Clang, Linux GCC) from a single config
• admesh (bundled) — Mature, specialized STL mesh library with connectivity, normal, and validation operations; avoids external dependency management for core 3D geometry

CMake build requires wxWidgets development headers (wxWidgets > 3.1 inferred), OpenGL for 3D preview, and Boost libraries—missing these causes cryptic linker errors. Windows build_win.bat script likely handles dependency auto-fetch, but Linux users must install manually (apt-get libwxgtk3.0-dev, etc.). STL repair in admesh may silently tolerate non-manifold geometry; check repair logs in verbose mode. Multi-threaded slicing can saturate CPU—use CMake -DCMAKE_BUILD_TYPE=Release for optimized binaries. ASAN variants (build_osx_asan.yml) exist but are for CI only; local ASAN builds require -DSANITIZE=address flag.

• Mesh repair and auto-healing (admesh) — STL files from CAD tools are often malformed (non-manifold edges, reversed normals). PrusaSlicer's bundled admesh library silently repairs these—knowing how it works prevents surprises when your model changes after slicing.
• Scan-line rasterization (Anti-Aliased Graphics, AGG library) — mSLA printer output requires rasterizing 2D layer polygons into PNG pixels. AGG's rasterizer (agg_rasterizer_cells_aa.h) performs anti-aliased scan conversion—understanding this is essential when debugging mSLA layer output quality.
• Toolpath planning and G-code flavors — Different printers (RepRap, Makerbot, Mach3, LinuxCNC) parse G-code dialects differently. PrusaSlicer must emit correct move sequences, extrusion parameters, and firmware-specific codes—a bug here causes mechanical failures or failed prints.
• Slicing algorithm (2.5D layer generation) — Converting 3D mesh to 2D slices at discrete heights is the core algorithm. Understanding plane–mesh intersection, polygon offsetting for walls/infill, and per-layer feature extraction is essential for modifying infill patterns or support generation.
• Infill patterns (space-filling curves and tessellations) — PrusaSlicer supports honeycomb, spirals, and Hilbert curve infills to balance speed and strength. Each pattern has different print properties and geometry generation—key for performance optimization and material properties.
• Support material generation and topology — Automatically generating support structures requires detecting overhangs, partitioning the model, and generating tree or linear supports. Changes to support logic directly impact print success rate and material waste.
• Thermal dynamics and cooling heuristics — README mentions 'cooling logic controlling fan speed and dynamic print speed'. Managing nozzle/bed temperature, cooling fan ramp-up, and speed adjustment prevents warping, stringing, and under-extrusion—complex multi-variable optimization.

• Slic3r/Slic3r — Direct predecessor (mentioned in README); open-source slicing engine that PrusaSlicer forked from and evolved with multi-material and industrial firmware support
• prusa3d/Prusa-Firmware — Prusa-specific Marlin firmware variant; PrusaSlicer generates G-code optimized for this firmware with custom profiles and macros
• MarlinFirmware/Marlin — Industry-standard RepRap firmware that PrusaSlicer supports as a G-code dialect; understanding Marlin's parser helps when debugging G-code generation
• cura3d/Cura — Competing open-source slicing software; shares similar architecture (core library + GUI) and supports same printer ecosystems for comparative feature/performance analysis
• prusa3d/PrusaSlicerData — Likely companion repo containing printer profiles, materials database, and calibration data that PrusaSlicer loads at runtime

To work on one of these in Claude Code or Cursor, paste: Implement the "<title>" PR idea from CLAUDE.md, working through the checklist as the task list.

Add comprehensive unit tests for bundled_deps/admesh mesh processing

The admesh library (bundled_deps/admesh/) is critical for STL mesh handling in PrusaSlicer, but there are no visible test files for its core functions (connect.cpp, normals.cpp, stl_io.cpp, stlinit.cpp). Adding unit tests for mesh validation, normal calculation, and STL I/O would catch regressions early and improve code quality for a core dependency.

• [ ] Create tests/admesh/ directory structure
• [ ] Add unit tests for bundled_deps/admesh/admesh/stl_io.cpp (STL reading/writing)
• [ ] Add unit tests for bundled_deps/admesh/admesh/normals.cpp (normal vector calculations)
• [ ] Add unit tests for bundled_deps/admesh/admesh/connect.cpp (mesh connectivity)
• [ ] Integrate tests into CMakeLists.txt build system
• [ ] Ensure tests run in build_nogui.yml CI workflow

Add GitHub Actions workflow for static analysis on G-code generation

While static_analysis.yml exists, there's no specialized CI workflow validating G-code output correctness. Given PrusaSlicer's core function is G-code generation for multiple printer types (RepRap, Marlin, Prusa, Sprinter, Repetier, Mach3), adding a workflow that validates generated G-code against known reference outputs would prevent subtle regressions in critical paths.

• [ ] Create .github/workflows/validate_gcode.yml
• [ ] Add test fixtures with sample STL models and expected G-code outputs
• [ ] Implement comparison logic for generated vs. reference G-code
• [ ] Test against multiple printer profiles (RepRap, Prusa, Marlin variants)
• [ ] Integrate into main CI pipeline to run on PRs
• [ ] Document test fixture format in .github/CONTRIBUTING.md

Create integration test suite for 3D model import pipeline (STL/OBJ/AMF)

PrusaSlicer supports multiple 3D model formats (STL, OBJ, AMF) as stated in README, but the file structure shows admesh (STL-focused). There's no visible test coverage for the import/parsing pipeline across all supported formats. Adding format-specific integration tests would catch parser bugs and format compatibility issues early.

• [ ] Create tests/import/ directory with sample valid/invalid models in each format
• [ ] Add test cases for STL import (binary and ASCII variants)
• [ ] Add test cases for OBJ import (mtl dependencies, vertex/face parsing)
• [ ] Add test cases for AMF import (3D structure, materials)
• [ ] Create error handling tests (corrupt files, unsupported features)
• [ ] Integrate into build_nogui.yml CI and document in CONTRIBUTING.md

• Add unit tests for STL repair logic in bundled_deps/admesh (connect.cpp, normals.cpp, stl_io.cpp)—currently no obvious *test/ subdirectory visible, a common gap in geometry libraries.
• Document the macro language (mentioned in README as 'customizable G-code macros') with examples in doc/—no macro-specific .md file visible, despite being a key customization feature.
• Implement missing validation for printer profile JSON schemas (firmware flavor definitions, nozzle size constraints)—add JSON Schema files to src/profiles/ or similar to catch user config errors early.

PrusaSlicer is a mature 3D slicing application with moderate security posture. Key concerns include: (1) bundled dependencies that are not updated regularly, particularly the outdated avrdude component from 2015; (2) lack of visible input validation frameworks for handling untrusted 3D model files; (3) C++ codebase without comprehensive memory safety instrumentation; (4) minimal security integration in CI/CD pipelines. The application's primary risk surface is the processing of untrusted 3D model files (STL, OBJ, AMF). Recommendations focus on modernizing dependencies, implementing robust input validation, enabling compiler security features, and enhancing CI/CD security practices.

• Medium · Bundled Dependencies Without Version Pinning — bundled_deps/. The codebase includes bundled dependencies (admesh, agg, ankerl, avrdude) that are shipped with the project. These dependencies may not receive timely security updates, and there's no visible version pinning strategy to ensure reproducible builds and vulnerability tracking. Fix: Implement a dependency management strategy that tracks versions of all bundled libraries, establishes a regular security update process, and considers using a dependency scanner tool (e.g., Dependabot, OWASP Dependency-Check) to identify known vulnerabilities in bundled components.
• Medium · avrdude Bundled Component - Outdated — bundled_deps/avrdude/avrdude/. The bundled avrdude component includes ChangeLog files dated up to 2015, suggesting this is an older version that may contain unpatched security vulnerabilities. avrdude is used for firmware flashing and operates at a low level with elevated privileges. Fix: Update avrdude to the latest version, review security advisories for avrdude, and implement security patches. Consider making avrdude an optional system dependency rather than bundling an outdated version.
• Low · No Visible Input Validation Strategy — Source code structure (not fully visible). As a G-code generator accepting 3D model files (STL, OBJ, AMF), the application processes untrusted user input. While no explicit code was visible in the file listing, there's no documented security validation framework visible for handling potentially malicious model files. Fix: Implement robust input validation and sanitization for all supported 3D model formats (STL, OBJ, AMF). Use sandboxed parsing, validate file headers, implement size limits, and test with malformed/malicious model files. Consider fuzzing the model file parsers.
• Low · Missing Security Headers in CI/CD Workflows — .github/workflows/. GitHub Actions workflows are present but security context is minimal. There's no visible evidence of signed commits, protected branches, or security scanning integration in the workflow files. Fix: Implement SLSA provenance signing, enable branch protection rules, add code signing to release artifacts, integrate security scanning tools (SAST, dependency scanning) into CI/CD pipelines, and consider adding SBOM generation.
• Low · Potential Buffer Overflow Risk in C++ Codebase — bundled_deps/admesh/admesh/, bundled_deps/agg/agg/. The codebase is primarily C++ (based on .cpp files in bundled_deps), which has inherent memory safety risks. Legacy code in admesh and agg components may not have modern memory safety protections. Fix: Enable compiler security flags (-fstack-protector-strong, -D_FORTIFY_SOURCE=2, -fPIE -pie), use AddressSanitizer and UndefinedBehaviorSanitizer in testing, perform static analysis with clang-analyzer or similar tools, and consider fuzzing-based testing for memory safety.
• Low · No Visible Cryptographic Verification — Project-wide. As a tool that generates G-code for 3D printers, there's no visible mechanism to sign or verify the generated G-code, which could allow tampering if the generated code is transmitted or shared. Fix: Consider implementing optional cryptographic signing of generated G-code files, implement integrity checking mechanisms, and provide users with guidance on secure G-code transmission and verification.

LLM-derived; treat as a starting point, not a security audit.

• Open issues — current backlog
• Recent PRs — what's actively shipping
• Source on GitHub

Generated by RepoPilot. Verdict based on maintenance signals — see the live page for receipts. Re-run on a new commit to refresh.