No description
Find a file
github-actions[bot] cd131e0b02
Some checks failed
Build & release Android APK / Build signed APK (push) Has been cancelled
Build TWA APK / build-apk (push) Has been cancelled
Build & Push Docker Image / Build linux/amd64 (push) Has been cancelled
Build & Push Docker Image / Build linux/arm64 (push) Has been cancelled
Build & Push Docker Image / Merge manifests (push) Has been cancelled
Release v6.5.0
2026-04-20 01:51:30 +00:00
.github/workflows ci: multi-arch Docker via native runners + Node 24 opt-in + PAT for tag-trigger chain 2026-04-15 00:05:34 +02:00
android Fix APK crash: replace XML splash with PNG, add real mipmap launcher icons 2026-03-29 11:07:10 +00:00
docs feat: neonatal calculator, DOCX/PPTX/ODT/EPUB support, gateway-agnostic URL helper, TTS/STT fixes 2026-04-19 02:17:06 +02:00
e2e feat: A1+A2 — Playwright smoke suite + index.html mtime-based caching 2026-04-20 03:51:22 +02:00
migrations Batch of security + scale fixes 2026-04-14 05:24:40 +02:00
mobile Release v6.5.0 2026-04-20 01:51:30 +00:00
monitoring Add Loki + Grafana monitoring stack, ntfy notifications, biometric auth 2026-04-11 03:00:52 +02:00
public feat: A1+A2 — Playwright smoke suite + index.html mtime-based caching 2026-04-20 03:51:22 +02:00
scripts feat: A1+A2 — Playwright smoke suite + index.html mtime-based caching 2026-04-20 03:51:22 +02:00
src fix: auth/API logging to Loki, TTS voice auto-detection, STT ElevenLabs support 2026-04-19 21:26:49 +02:00
test feat: Bedside clinical reference module + age→weight estimator + dose-math unit tests 2026-04-20 02:49:42 +02:00
.dockerignore Add .dockerignore (exclude .env, .agent-config, node_modules, data) 2026-03-21 19:27:21 -04:00
.env.example Security hardening: PHI encryption, argon2, DOMPurify, SRI 2026-04-14 02:49:38 +02:00
.gitignore feat: A1+A2 — Playwright smoke suite + index.html mtime-based caching 2026-04-20 03:51:22 +02:00
.gitmessage docs: add CONTRIBUTING.md + .gitmessage template for conventional commits 2026-04-14 23:51:09 +02:00
.node-pg-migraterc.json Add node-pg-migrate for versioned schema changes + better mobile UA labels 2026-04-14 05:06:19 +02:00
admin-cli.js v3.0.0: Auth, admin panel, security fixes, per-tab model selector 2026-03-21 19:25:51 -04:00
BROWSER_WHISPER_SETUP.md Update docs for v3 truly self-hosted setup 2026-03-31 23:12:46 +00:00
BROWSER_WHISPER_TROUBLESHOOTING.md v16: Make Browser Whisper CDN failure graceful with clear warnings 2026-03-31 16:18:46 +00:00
CONTRIBUTING.md fix: verify auto-version → android + docker pipeline end-to-end 2026-04-15 00:10:35 +02:00
DEVELOPER_GUIDE.md Expand DEVELOPER_GUIDE with detailed architecture, DB layer, file descriptions 2026-03-24 19:30:01 -04:00
docker-compose.local.yml Feat: admin CMS, save/resume encounters, user templates, SSHADESS, well visit notes, sick visit, ROS/PE checklists, ICD-10 diagnoses 2026-03-22 16:43:39 -04:00
docker-compose.monitoring.yml Update bilirubin to exact AAP 2022 values, add exchange transfusion 2026-04-11 05:50:19 +02:00
docker-compose.yml Maintenance CLI + unpin postgres digest 2026-04-14 04:00:13 +02:00
Dockerfile Dockerfile: add build tools for argon2 native compile 2026-04-14 03:09:38 +02:00
EMBEDDINGS_SETUP.md Add embeddings setup documentation 2026-03-31 14:37:46 +00:00
FEATURES_EXPLAINED.md Fix TTS preview + Browser Whisper preload, add comprehensive docs 2026-03-31 15:13:53 +00:00
grafana-dashboard.json feat: neonatal calculator, DOCX/PPTX/ODT/EPUB support, gateway-agnostic URL helper, TTS/STT fixes 2026-04-19 02:17:06 +02:00
IMPROVEMENTS.md Add automatic ICD-10 and CPT billing code suggestions 2026-04-11 01:50:17 +02:00
OPENID_SETUP.md v4: Fix milestones display + add OpenID auth + 100MB PDF support 2026-04-01 17:59:51 +00:00
package-lock.json FAQ page, dep security patches, model dropdown and UI fixes 2026-04-09 01:56:11 +02:00
package.json Release v6.5.0 2026-04-20 01:51:30 +00:00
README.md Maintenance CLI + unpin postgres digest 2026-04-14 04:00:13 +02:00
server.js feat: A1+A2 — Playwright smoke suite + index.html mtime-based caching 2026-04-20 03:51:22 +02:00
TRANSCRIPTION_OPTIONS.md Add comprehensive transcription options documentation 2026-03-31 21:58:17 +00:00

Pediatric AI Scribe v6

AI-powered clinical documentation platform for pediatric medicine. Generates HPIs, hospital courses, chart reviews, SOAP notes, well/sick visit notes, and developmental milestone assessments from voice recordings or dictation.

Features

Clinical Documentation

  • Live Encounter — record doctor-patient conversations, AI generates structured OLDCARTS HPI
  • Voice Dictation — dictate narrative, AI cleans and restructures
  • Hospital Course — paste progress notes, generates prose, day-by-day, organ-system (ICU), or psych format
  • Chart Review / Precharting — summarize outpatient, subspecialty, and ED notes
  • SOAP Notes — full SOAP or subjective-only from dictation
  • Well Visit — AAP 2025 Bright Futures periodicity with vaccines, screenings, billing codes, SSHADESS (12+), milestones
  • Sick Visit — quick documentation with auto-suggested ROS and PE from chief complaint
  • Developmental Milestones — AAP/Nelson tracker (birth-11y) with narrative/structured/summary output

AI & Speech

  • 5 AI Providers — OpenRouter, AWS Bedrock, Azure OpenAI, Google Vertex AI, LiteLLM
  • 5 STT Providers — Google Gemini, Amazon Transcribe (Medical), OpenAI Whisper, Local Whisper, LiteLLM
  • 3 TTS Providers — Google Cloud TTS, LiteLLM (OpenAI), ElevenLabs
  • Browser Whisper — fully offline in-browser transcription via WebAssembly (HIPAA-safe)
  • Per-tab model selector — choose fast vs. smart vs. premium models per task
  • Physician memory system — Dragon-like learning from your corrections

Learning Hub

  • Content Management — articles, clinical pearls, quizzes, presentations
  • AI Content Generation — generate from topics, uploaded PDFs, or Nextcloud files
  • Marp Presentations — slide editor with preview and PPTX export
  • Semantic Search — vector-based search via pgvector embeddings
  • Quiz System — MCQ, multi-select, true/false with scoring and progress tracking

Platform

  • Multi-user with roles — admin, moderator, user
  • OIDC/SSO — Azure AD, Okta, Keycloak, PocketID, Google
  • 2FA — TOTP-based two-factor authentication
  • Cloudflare Turnstile — bot protection on login, register, password reset
  • Email verification — with customizable templates
  • Nextcloud integration — WebDAV export
  • S3 Document Storage — AWS S3, Backblaze B2, MinIO
  • PWA — installable, works on mobile
  • Admin Panel — user management, settings, prompt editor, model configuration, logs

Quick Start

1. Configure

cp .env.example .env

Edit .env — at minimum set:

AI_PROVIDER=litellm          # or openrouter, bedrock, azure, vertex
LITELLM_API_BASE=https://your-litellm.example.com
LITELLM_API_KEY=sk-...

OPENAI_API_KEY=sk-...        # for Whisper transcription (if not using LiteLLM STT)

JWT_SECRET=<64-char random>  # openssl rand -hex 32
DB_PASSWORD=<strong password>
APP_URL=https://your-domain.com

2. Start

docker compose up -d

App runs on port 3552. First user to register becomes admin.

3. Admin CLI

docker exec pediatric-ai-scribe node admin-cli.js list-users
docker exec pediatric-ai-scribe node admin-cli.js create-admin admin@example.com password123 "Dr. Admin"
docker exec pediatric-ai-scribe node admin-cli.js make-admin user@example.com
docker exec pediatric-ai-scribe node admin-cli.js reset-password user@example.com newpassword
docker exec pediatric-ai-scribe node admin-cli.js toggle-registration
docker exec pediatric-ai-scribe node admin-cli.js stats

AI Provider Configuration

Switch providers by setting AI_PROVIDER in .env. No code changes needed.

Provider HIPAA Config
LiteLLM Depends on backend LITELLM_API_BASE, LITELLM_API_KEY
AWS Bedrock Yes (with BAA) AWS_BEDROCK_REGION, AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY
Azure OpenAI Yes (with BAA) AZURE_OPENAI_ENDPOINT, AZURE_OPENAI_API_KEY, AZURE_DEPLOYMENT_NAME
Google Vertex AI Yes (with BAA) GOOGLE_VERTEX_PROJECT, GOOGLE_VERTEX_LOCATION
OpenRouter No OPENROUTER_API_KEY

Transcription (Speech-to-Text)

Set TRANSCRIBE_PROVIDER or let the app auto-detect.

Provider HIPAA Config
Google Gemini Yes GOOGLE_VERTEX_PROJECT, GOOGLE_STT_MODEL
Amazon Transcribe Yes AWS creds + TRANSCRIBE_PROVIDER=aws
Amazon Transcribe Medical Yes AWS_TRANSCRIBE_MEDICAL=true, AWS_TRANSCRIBE_SPECIALTY=PRIMARYCARE
Local Whisper Yes (offline) TRANSCRIBE_PROVIDER=local, WHISPER_BINARY, WHISPER_MODEL_SIZE
OpenAI Whisper No OPENAI_API_KEY
LiteLLM Depends TRANSCRIBE_PROVIDER=litellm, LITELLM_STT_MODEL
Browser Whisper Yes (client-side) No config needed — toggle in user settings

Text-to-Speech

Provider HIPAA Config
Google Cloud TTS Yes GOOGLE_VERTEX_PROJECT, GOOGLE_TTS_VOICE
LiteLLM Depends LITELLM_TTS_MODEL, LITELLM_TTS_VOICE
ElevenLabs No ELEVENLABS_API_KEY

OpenID Connect / SSO

Supports Azure AD, Okta, Keycloak, PocketID, Google, and any OIDC-compliant provider.

  1. Register callback URL: https://your-domain.com/api/auth/oidc/callback
  2. Admin Panel > Settings > Configure OIDC (Issuer URL, Client ID, Client Secret)
  3. Users are auto-created and linked by email on first SSO login

See OPENID_SETUP.md for provider-specific guides.


Cloudflare Turnstile (Bot Protection)

Optional CAPTCHA on login, registration, and password reset forms.

TURNSTILE_SITE_KEY=0x4AAA...
TURNSTILE_SECRET_KEY=0x4AAA...

Email

Without SMTP, email verification is skipped and users are auto-verified.

SMTP_HOST=smtp.gmail.com
SMTP_PORT=587
SMTP_USER=your-email@gmail.com
SMTP_PASS=your-app-password
SMTP_FROM=noreply@yourdomain.com

Maintenance CLI

After a Postgres image upgrade (major version bump or silent base-layer change), btree indexes on text columns can become inconsistent with the new ICU/glibc library. The app auto-detects this at startup and reindexes on drift, but you can also trigger it manually:

# Health check — no writes
docker exec pediatric-ai-scribe npm run maint:check

# Rebuild all indexes + refresh collation + ANALYZE
docker exec pediatric-ai-scribe npm run maint:reindex

Run maint:reindex any time after:

  • Upgrading the Postgres image (major or minor)
  • Restoring from a dump created on a different Linux distro
  • Seeing "invalid credentials" on credentials you know are correct
  • Seeing 0 rows returned from a lookup that should match

The reindex takes seconds on a small DB and a minute or two on larger ones. Safe to run while the app is serving traffic, though queries may slow briefly.


Docker Hub

docker pull danielonyejesi/pediatric-ai-scribe-v3:latest

Minimal compose without building:

services:
  app:
    image: danielonyejesi/pediatric-ai-scribe-v3:latest
    ports:
      - "3552:3000"
    env_file: .env
    depends_on:
      postgres:
        condition: service_healthy
    restart: unless-stopped

  postgres:
    image: pgvector/pgvector:pg16
    environment:
      POSTGRES_DB: pedscribe
      POSTGRES_USER: pedscribe
      POSTGRES_PASSWORD: ${DB_PASSWORD}
    volumes:
      - pgdata:/var/lib/postgresql/data
    restart: unless-stopped
    healthcheck:
      test: ["CMD-SHELL", "pg_isready -U pedscribe"]
      interval: 10s
      retries: 5

volumes:
  pgdata:

HIPAA Notice

This application processes data through third-party AI APIs.

  • All connections use HTTPS/TLS
  • Authentication required for all AI endpoints
  • 2FA and SSO available
  • Cloudflare Turnstile bot protection
  • AWS Bedrock, Azure OpenAI, and Google Vertex AI offer BAAs
  • OpenRouter and ElevenLabs do NOT offer BAAs
  • Browser Whisper and Local Whisper keep audio fully private

Do not use real PHI without executed BAAs with all providers in your deployment.


Documentation

See the docs/ directory for detailed documentation:


Development

npm install
cp .env.example .env   # edit with your keys
# Requires PostgreSQL with pgvector
node server.js