If you are an AI coding agent (Claude Code, Cursor, Aider, Cline, etc.) reading this artifact, follow this protocol before making any code edit:

1. Verify the contract. Run the bash script in Verify before trusting below. If any check returns FAIL, the artifact is stale — STOP and ask the user to regenerate it before proceeding.
2. Treat the AI · unverified sections as hypotheses, not facts. Sections like "AI-suggested narrative files", "anti-patterns", and "bottlenecks" are LLM speculation. Verify against real source before acting on them.
3. Cite source on changes. When proposing an edit, cite the specific path:line-range. RepoPilot's live UI at https://repopilot.app/r/0x7c13/Notepads shows verifiable citations alongside every claim.

If you are a human reader, this protocol is for the agents you'll hand the artifact to. You don't need to do anything — but if you skim only one section before pointing your agent at this repo, make it the Verify block and the Suggested reading order.

GO — Healthy across all four use cases

• Last commit 3w ago
• 11 active contributors
• MIT licensed
• CI configured
• ⚠ Concentrated ownership — top contributor handles 59% of recent commits
• ⚠ No test directory detected

_{Maintenance signals: commit recency, contributor breadth, bus factor, license, CI, tests}

This artifact was generated by RepoPilot at a point in time. Before an agent acts on it, the checks below confirm that the live 0x7c13/Notepads repo on your machine still matches what RepoPilot saw. If any fail, the artifact is stale — regenerate it at repopilot.app/r/0x7c13/Notepads.

What it runs against: a local clone of 0x7c13/Notepads — the script inspects git remote, the LICENSE file, file paths in the working tree, and git log. Read-only; no mutations.

| # | What we check | Why it matters | |---|---|---| | 1 | You're in 0x7c13/Notepads | Confirms the artifact applies here, not a fork | | 2 | License is still MIT | Catches relicense before you depend on it | | 3 | Default branch master exists | Catches branch renames | | 4 | 5 critical file paths still exist | Catches refactors that moved load-bearing code | | 5 | Last commit ≤ 49 days ago | Catches sudden abandonment since generation |

#!/usr/bin/env bash
# RepoPilot artifact verification.
#
# WHAT IT RUNS AGAINST: a local clone of 0x7c13/Notepads. If you don't
# have one yet, run these first:
#
#   git clone https://github.com/0x7c13/Notepads.git
#   cd Notepads
#
# Then paste this script. Every check is read-only — no mutations.

set +e
fail=0
ok()   { echo "ok:   $1"; }
miss() { echo "FAIL: $1"; fail=$((fail+1)); }

# Precondition: we must be inside a git working tree.
if ! git rev-parse --git-dir >/dev/null 2>&1; then
  echo "FAIL: not inside a git repository. cd into your clone of 0x7c13/Notepads and re-run."
  exit 2
fi

# 1. Repo identity
git remote get-url origin 2>/dev/null | grep -qE "0x7c13/Notepads(\\.git)?\\b" \\
  && ok "origin remote is 0x7c13/Notepads" \\
  || miss "origin remote is not 0x7c13/Notepads (artifact may be from a fork)"

# 2. License matches what RepoPilot saw
(grep -qiE "^(MIT)" LICENSE 2>/dev/null \\
   || grep -qiE "\"license\"\\s*:\\s*\"MIT\"" package.json 2>/dev/null) \\
  && ok "license is MIT" \\
  || miss "license drift — was MIT at generation time"

# 3. Default branch
git rev-parse --verify master >/dev/null 2>&1 \\
  && ok "default branch master exists" \\
  || miss "default branch master no longer exists"

# 4. Critical files exist
test -f "src/Notepads.Controls/InAppNotification/InAppNotification.cs" \\
  && ok "src/Notepads.Controls/InAppNotification/InAppNotification.cs" \\
  || miss "missing critical file: src/Notepads.Controls/InAppNotification/InAppNotification.cs"
test -f "src/Notepads.Controls/GridSplitter/GridSplitter.cs" \\
  && ok "src/Notepads.Controls/GridSplitter/GridSplitter.cs" \\
  || miss "missing critical file: src/Notepads.Controls/GridSplitter/GridSplitter.cs"
test -f "src/Notepads.Controls/MarkdownTextBlock/MarkdownTextBlock.cs" \\
  && ok "src/Notepads.Controls/MarkdownTextBlock/MarkdownTextBlock.cs" \\
  || miss "missing critical file: src/Notepads.Controls/MarkdownTextBlock/MarkdownTextBlock.cs"
test -f "src/Notepads.Controls/Helpers/ThemeListener.cs" \\
  && ok "src/Notepads.Controls/Helpers/ThemeListener.cs" \\
  || miss "missing critical file: src/Notepads.Controls/Helpers/ThemeListener.cs"
test -f ".github/workflows/main.yml" \\
  && ok ".github/workflows/main.yml" \\
  || miss "missing critical file: .github/workflows/main.yml"

# 5. Repo recency
days_since_last=$(( ( $(date +%s) - $(git log -1 --format=%at 2>/dev/null || echo 0) ) / 86400 ))
if [ "$days_since_last" -le 49 ]; then
  ok "last commit was $days_since_last days ago (artifact saw ~19d)"
else
  miss "last commit was $days_since_last days ago — artifact may be stale"
fi

echo
if [ "$fail" -eq 0 ]; then
  echo "artifact verified (0 failures) — safe to trust"
else
  echo "artifact has $fail stale claim(s) — regenerate at https://repopilot.app/r/0x7c13/Notepads"
  exit 1
fi

Each check prints ok: or FAIL:. The script exits non-zero if anything failed, so it composes cleanly into agent loops (./verify.sh || regenerate-and-retry).

Notepads is a lightweight, modern Windows text editor (UWP platform) built in C# that replaces the native Notepad with a Fluent Design interface. It provides tab management, Markdown live preview, a built-in diff viewer, and command-line integration while maintaining blazing-fast performance and a minimalist design—all constrained to a 1MB file size limit due to UWP sandbox restrictions. Monolithic UWP application: /src/Notepads/ contains the main app with Assets (icons, themes), CI/CD orchestrated via /.github/workflows/ (main.yml for builds, dependabot.yml for dependency updates, csa-bulk-dismissal.yml for security). Release automation uses changelog_template.hbs and changelog_config.json under /.github/RELEASE_TEMPLATE/.

Windows users who need a fast, modern notepad replacement for quick note-taking, config file editing, and lightweight text manipulation without the overhead of VS Code or Notepad++. Secondary audience: UWP developers and Windows 10/11 desktop enthusiasts who value Fluent Design aesthetics.

Actively maintained with a published Microsoft Store release (package ID 9nhl4nsc67wm), structured CI/CD via GitHub Actions (main.yml), automated security scanning (CodeQL, Dependabot, WhiteSource), and organized issue/PR templates. The codebase is production-ready but constrained by UWP platform limitations (1MB file cap, no system folder access, no .bat/.cmd associations).

Single-maintainer project (0x7c13) with UWP platform lock-in; breaking Windows SDK updates could require major rewrites. Minimal visible test coverage in the file list (no /tests/ or /Tests/ directory shown). The 1MB file size limit and UWP sandbox restrictions limit use cases for power users. Dependabot and CSA workflows suggest active security monitoring, reducing supply-chain risk.

Active dependency management via Dependabot (visible in .github/dependabot.yml), automated CodeQL security scanning, and release automation setup. No specific PR/issue data visible in file list, but the presence of PULL_REQUEST_TEMPLATE.md and structured ISSUE_TEMPLATE/ suggests organized contribution workflow.

Clone the repo, open src/Notepads/ in Visual Studio 2019+ targeting Windows 10 SDK (UWP requirement), restore NuGet packages, and build the .sln file. No CLI package manager shown; this is a Visual Studio/.NET build environment: git clone https://github.com/0x7c13/Notepads.git && cd Notepads && (open src/Notepads/Notepads.sln in Visual Studio).

Daily commands: Load src/Notepads/Notepads.sln in Visual Studio 2019+, select Debug configuration targeting x64 or ARM64, and press F5 to launch the UWP app locally. For packaged distribution, build in Release mode and use the Store deployment package.

• src/Notepads.Controls/InAppNotification/InAppNotification.cs — Core notification system that displays in-app messages; understanding this is essential for UI feedback across the editor.
• src/Notepads.Controls/GridSplitter/GridSplitter.cs — Custom grid splitter control for resizable pane layouts; foundational for the minimalist multi-tab editor interface.
• src/Notepads.Controls/MarkdownTextBlock/MarkdownTextBlock.cs — Markdown rendering engine for preview and display; critical for documentation and rich text features in the editor.
• src/Notepads.Controls/Helpers/ThemeListener.cs — Theme management and system theme change detection; enables the minimalist design's dynamic theming capabilities.
• .github/workflows/main.yml — CI/CD pipeline defining build, test, and deployment processes; every contributor must understand the quality gates.
• azure-pipelines.yml — Azure Pipelines configuration for automated builds and releases; orchestrates the release process to Microsoft Store.
• README.md — Project vision and user-facing documentation; essential context for why this text editor exists and its design philosophy.

Add a New Custom Control

1. Create a new folder under src/Notepads.Controls/ with the control name (e.g., 'MyCustomControl') (src/Notepads.Controls/)
2. Create the main control class inheriting from Control or Panel; follow the split pattern: MyCustomControl.cs, MyCustomControl.Properties.cs, MyCustomControl.xaml (src/Notepads.Controls/DropShadowPanel/DropShadowPanel.cs)
3. Define dependency properties and XAML properties in the .Properties.cs file (src/Notepads.Controls/DropShadowPanel/DropShadowPanel.Properties.cs)
4. Add XAML markup and styling to MyCustomControl.xaml using Fluent Design principles (src/Notepads.Controls/DropShadowPanel/DropShadowPanel.xaml)
5. Test the control in the main Notepads app and update the README if it impacts the public API (README.md)

Add a New Markdown Block Type

1. Create a new class in src/Notepads.Controls/MarkdownTextBlock/Markdown/Blocks/ inheriting from MarkdownBlock (src/Notepads.Controls/MarkdownTextBlock/Markdown/Blocks/CodeBlock.cs)
2. Implement parsing logic to recognize the Markdown syntax (e.g., regex patterns, delimiters) (src/Notepads.Controls/MarkdownTextBlock/Markdown/Blocks/HeaderBlock.cs)
3. Implement rendering logic to convert parsed Markdown into XAML elements (TextBlock, Grid, etc.) (src/Notepads.Controls/MarkdownTextBlock/MarkdownTextBlock.cs)
4. Update the Markdown parser to recognize and delegate to your new block type (src/Notepads.Controls/MarkdownTextBlock/Markdown/Blocks/ListBlock.cs)
5. Test with real Markdown files and verify event callbacks (LinkClickedEventArgs, CodeBlockResolvingEventArgs) are triggered correctly (src/Notepads.Controls/MarkdownTextBlock/LinkClickedEventArgs.cs)

Integrate a New System Feature via Theme or Helper

1. If responding to OS theme changes, extend ThemeListener.cs with new theme property bindings (src/Notepads.Controls/Helpers/ThemeListener.cs)
2. If requiring async UI updates, use DispatcherQueueHelper.cs to schedule on the UI thread safely (src/Notepads.Controls/Helpers/DispatcherQueueHelper.cs)
3. Add in-app notifications via InAppNotification.cs to provide user feedback (e.g., file saved, theme changed) (src/Notepads.Controls/InAppNotification/InAppNotification.cs)
4. Test the feature across light and dark themes by simulating OS theme changes (src/Notepads.Controls/Helpers/ThemeListener.cs)

• UWP / WinUI XAML — Native Windows 10/11 platform enabling modern UI, system integration (theme listening), and Microsoft Store distribution.
• C# / .NET Runtime — Cross-platform .NET support for Windows desktop; provides strong typing, async/await for responsive UI, and tight OS integration.
• GitHub Actions + Azure Pipelines — Dual CI/CD: GitHub Actions for code analysis (CodeQL, SonarCloud), Dependabot automation; Azure Pipelines for Store release pipeline.
• Markdown Parsing (Custom) — In-process Markdown-to-XAML rendering avoids external dependencies and enables offline preview functionality.
• Fluent Design System — Aligns with Windows 10/11 visual language (acrylic, depth, motion) to deliver the minimalist design philosophy.

• Custom Markdown parser instead of open-source library (e.g., Markdig)

  • Why: Reduces external dependencies, simplifies licensing, provides tight control over rendering and performance.
  • Consequence: Higher maintenance burden for spec compliance; requires manual updates as Markdown spec evolves.

• UWP (Universal Windows Platform) instead of WPF or Win32

  • Why: Native Microsoft Store integration, automatic updates, sandboxed security model, Fluent Design support.
  • Consequence: Restricted to Windows 10+ and Microsoft Store distribution; limited file system access compared to Win32.

• Split control classes into .cs, .Properties.cs, .Events.cs, .xaml files

  • Why: Improves code organization, maintainability, and separation of concerns for complex controls.
  • Consequence: More files to navigate; developers must understand the split pattern to modify controls correctly.

• Dual CI/CD pipelines (GitHub Actions + Azure Pipelines)

  • Why: GitHub Actions for rapid PR feedback and analysis; Azure Pipelines for production Store releases with controlled deployment.
  • Consequence: Configuration complexity; requires maintaining two distinct pipeline definitions.

• Does not provide built-in collaborative editing or real-time sync.
• Does not support non-Windows platforms (Linux, macOS); UWP is Windows-only.
• Does not include a language server protocol (LSP) implementation for advanced code analysis.
• Does not implement advanced IDE features like debugging, compilation, or project management.
• Does not provide cloud storage or account

UWP platform requires Windows 10 SDK and Visual Studio 2019+—no cross-platform builds possible. 1MB file size hard limit baked into the codebase (mentioned in README)—attempting to open larger files will fail silently or throw exceptions. File I/O restricted to user folders; system paths (.\Windows, .\System32) will fail at runtime due to UWP AppContainer sandbox. No .bat/.cmd file association allowed by platform. Development requires local Windows machine; no WSL workaround for non-Windows developers.

• Universal Windows Platform (UWP) — Notepads is constrained by UWP sandbox restrictions (1MB file limit, no system folder access, restricted file associations); understanding this platform model is essential to understanding why certain features are missing.
• Fluent Design System — Core visual identity and UI philosophy of Notepads; all XAML layouts and styling follow Microsoft's Fluent principles for a modern, minimalist aesthetic.
• Tab Session Management & State Persistence — Notepads persists open tabs and file state across application restarts; implementing robust session snapshots is non-trivial and likely involves serialization of file metadata, cursor positions, and undo/redo stacks.
• Markdown Live Preview Rendering — Notepads includes real-time Markdown preview without external dependencies; understanding the parser and XAML rendering pipeline is key to extending preview features (syntax highlighting, GFM tables, etc.).
• Diff Algorithm (Unified Diff Format) — The built-in diff viewer requires line-by-line comparison (likely Myers diff or similar); this is non-trivial for performance on large files (even under the 1MB cap).
• Windows Runtime (WinRT) Interop in C# — Notepads uses C# with WinRT APIs for file I/O, clipboard, theming, and system integration; understanding pinvoke, async/await patterns, and StorageFile APIs is essential for modification.
• AppContainer Sandbox Security Model — UWP apps run in AppContainer isolation; file access failures, capability declarations in Package.appxmanifest, and capability-based security directly impact feature feasibility (e.g., no .bat association, no system folder write).

• notepad-plus-plus/notepad-plus-plus — Direct competitor; older, heavier, but feature-richer alternative written in C++ with Windows native UI—Notepads aims to replace Notepad, not compete with Notepad++, but shares similar target audience.
• microsoft/terminal — Similar Fluent Design modernization of a legacy Windows tool (Windows Terminal replaces cmd.exe); shares UWP/WinUI design philosophy and CI/CD patterns.
• microsoft/winget-cli — Windows package manager; users of Notepads benefit from CLI launcher integration; shares Windows ecosystem and distribution channels.
• CommunityToolkit/WindowsCommunityToolkit — UWP/WinUI common controls and utilities library; Notepads likely uses or could optimize by leveraging XAML helpers from this toolkit.

To work on one of these in Claude Code or Cursor, paste: Implement the "<title>" PR idea from CLAUDE.md, working through the checklist as the task list.

Add unit tests for GridSplitter control component

The GridSplitter control in src/Notepads.Controls/GridSplitter/ is split across multiple files (Data.cs, Events.cs, Helper.cs, Options.cs) but there's no evidence of corresponding unit tests. A new contributor could create a comprehensive test suite covering drag behavior, position calculations, and event handling—critical for a UI component used in the editor's layout.

• [ ] Create src/Notepads.Tests/Controls/GridSplitterTests.cs
• [ ] Add tests for GridSplitter.Helper.cs methods (position validation, bounds checking)
• [ ] Add tests for GridSplitter.Events.cs (drag events, state changes)
• [ ] Add tests for GridSplitter.Options.cs (property initialization and validation)
• [ ] Ensure tests integrate with existing CI/CD pipeline in .github/workflows/main.yml

Create comprehensive DropShadowPanel documentation and property validation tests

The DropShadowPanel control (src/Notepads.Controls/DropShadowPanel/) has a Properties.cs file but no visible validation tests or detailed documentation on shadow behavior, performance characteristics, and usage patterns. A contributor could add property validation tests and update CONTRIBUTING.md with specific guidance on extending custom controls.

• [ ] Create src/Notepads.Tests/Controls/DropShadowPanelTests.cs with property validation tests
• [ ] Test shadow rendering edge cases (negative values, extreme dimensions, disabled states)
• [ ] Add XML documentation comments to DropShadowPanel.Properties.cs for all public properties
• [ ] Update CONTRIBUTING.md with a 'Custom Controls' section referencing these patterns

Implement code coverage reporting in CI/CD pipeline

The repo has .github/workflows/main.yml and azure-pipelines.yml configured, but there's no visible code coverage collection or reporting (no codecov.yml or coverage thresholds). Adding code coverage integration would help contributors understand test quality expectations and identify untested code paths in the text editor core.

• [ ] Add code coverage collection step to .github/workflows/main.yml (using OpenCover or similar .NET tool)
• [ ] Create .github/codecov.yml with coverage thresholds (recommend 70%+ for new code)
• [ ] Add codecov badge to README.md
• [ ] Document coverage expectations in CONTRIBUTING.md for UI controls and core editor logic

• Add unit tests for session snapshot/restore logic (likely missing under /Tests/ or /tests/; critical for reliability given multi-instance support).
• Implement keyboard shortcut customization UI in Settings—currently shortcuts are hard-coded (Ctrl+N/T, Ctrl+L/R, Alt+P, Alt+D); expose these via settings panel.
• Extend Markdown preview to support GitHub Flavored Markdown (GFM) tables and syntax highlighting for code blocks (check if the preview engine currently uses CommonMark-only).

The Notepads repository demonstrates a solid security posture with implemented dependency management (Dependabot, WhiteSource), GitHub Actions workflows, and documented CI/CD processes. However, several improvements are recommended: (1) Ensure lock files are tracked and verified in CI/CD, (2) Review and harden GitHub Actions workflows to follow security best practices, (3) Document security measures in CI/CD explicitly, and (4) Verify that static code analysis tools (CodeQL) are properly configured and results are addressed. The Windows UWP platform and minimalist design reduce the attack surface compared to web-based applications. No hardcoded secrets, injection risks, or Docker misconfigurations are evident from the visible file structure, though a full code review would be needed to confirm the absence of these issues.

• Medium · Dependabot Configuration Present — .github/dependabot.yml. The repository contains a .github/dependabot.yml file, which is good for dependency management. However, without reviewing the actual configuration, it's unclear if all dependency types are being monitored or if there are version constraints that might allow outdated packages. Fix: Ensure dependabot.yml is configured to monitor all package managers used in the project (NuGet for .NET, npm if applicable). Set appropriate update frequency and require pull request reviews before merging dependency updates.
• Medium · Missing Package Lock File Visibility — Root directory / Dependencies. The file structure provided does not show lock files (package-lock.json, packages.lock.json, or similar) being tracked. This makes it difficult to ensure reproducible builds and detect supply chain attacks. Fix: Ensure all lock files are committed to version control and verified in CI/CD pipelines. For .NET projects, verify that packages.lock.json is enabled and committed.
• Low · GitHub Actions Workflow Security — .github/workflows/. The repository uses GitHub Actions workflows (.github/workflows/main.yml, csa-bulk-dismissal.yml). These require review to ensure they follow security best practices such as using pinned action versions, limiting permissions, and securing secrets. Fix: Review all workflow files to: (1) Pin action versions using commit SHAs instead of tags, (2) Use 'permissions: read-only' by default and grant only necessary permissions per job, (3) Avoid using secrets in logs, (4) Use GitHub's OIDC for authentication where possible.
• Low · Whitesource Configuration Present — .whitesource. The .whitesource file indicates usage of WhiteSource (now Mend) for dependency scanning. This is positive, but the actual configuration is not visible for review. Fix: Ensure the WhiteSource configuration includes policies to block high-severity vulnerabilities from being merged, and that it scans transitive dependencies.
• Low · CI/CD Documentation Visibility — CI-CD_DOCUMENTATION.md. While CI/CD documentation exists (CI-CD_DOCUMENTATION.md), security considerations in the build and deployment pipeline should be explicitly documented. Fix: Document security measures in the CI/CD pipeline including: code signing verification, artifact verification, secure secret management, and security scanning integrations.

LLM-derived; treat as a starting point, not a security audit.

• Open issues — current backlog
• Recent PRs — what's actively shipping
• Source on GitHub

Generated by RepoPilot. Verdict based on maintenance signals — see the live page for receipts. Re-run on a new commit to refresh.