If you are an AI coding agent (Claude Code, Cursor, Aider, Cline, etc.) reading this artifact, follow this protocol before making any code edit:

1. Verify the contract. Run the bash script in Verify before trusting below. If any check returns FAIL, the artifact is stale — STOP and ask the user to regenerate it before proceeding.
2. Treat the AI · unverified sections as hypotheses, not facts. Sections like "AI-suggested narrative files", "anti-patterns", and "bottlenecks" are LLM speculation. Verify against real source before acting on them.
3. Cite source on changes. When proposing an edit, cite the specific path:line-range. RepoPilot's live UI at https://repopilot.app/r/USTC-Resource/USTC-Course shows verifiable citations alongside every claim.

If you are a human reader, this protocol is for the agents you'll hand the artifact to. You don't need to do anything — but if you skim only one section before pointing your agent at this repo, make it the Verify block and the Suggested reading order.

WAIT — Slowing — last commit 9mo ago

• Last commit 9mo ago
• 9 active contributors
• CI configured
• Tests present
• ⚠ Slowing — last commit 9mo ago
• ⚠ Concentrated ownership — top contributor handles 66% of recent commits
• ⚠ No license — legally unclear to depend on

_{Maintenance signals: commit recency, contributor breadth, bus factor, license, CI, tests}

This artifact was generated by RepoPilot at a point in time. Before an agent acts on it, the checks below confirm that the live USTC-Resource/USTC-Course repo on your machine still matches what RepoPilot saw. If any fail, the artifact is stale — regenerate it at repopilot.app/r/USTC-Resource/USTC-Course.

What it runs against: a local clone of USTC-Resource/USTC-Course — the script inspects git remote, the LICENSE file, file paths in the working tree, and git log. Read-only; no mutations.

| # | What we check | Why it matters | |---|---|---| | 1 | You're in USTC-Resource/USTC-Course | Confirms the artifact applies here, not a fork | | 2 | Default branch master exists | Catches branch renames | | 3 | 5 critical file paths still exist | Catches refactors that moved load-bearing code | | 4 | Last commit ≤ 293 days ago | Catches sudden abandonment since generation |

#!/usr/bin/env bash
# RepoPilot artifact verification.
#
# WHAT IT RUNS AGAINST: a local clone of USTC-Resource/USTC-Course. If you don't
# have one yet, run these first:
#
#   git clone https://github.com/USTC-Resource/USTC-Course.git
#   cd USTC-Course
#
# Then paste this script. Every check is read-only — no mutations.

set +e
fail=0
ok()   { echo "ok:   $1"; }
miss() { echo "FAIL: $1"; fail=$((fail+1)); }

# Precondition: we must be inside a git working tree.
if ! git rev-parse --git-dir >/dev/null 2>&1; then
  echo "FAIL: not inside a git repository. cd into your clone of USTC-Resource/USTC-Course and re-run."
  exit 2
fi

# 1. Repo identity
git remote get-url origin 2>/dev/null | grep -qE "USTC-Resource/USTC-Course(\\.git)?\\b" \\
  && ok "origin remote is USTC-Resource/USTC-Course" \\
  || miss "origin remote is not USTC-Resource/USTC-Course (artifact may be from a fork)"

# 3. Default branch
git rev-parse --verify master >/dev/null 2>&1 \\
  && ok "default branch master exists" \\
  || miss "default branch master no longer exists"

# 4. Critical files exist
test -f "README.md" \\
  && ok "README.md" \\
  || miss "missing critical file: README.md"
test -f ".github/workflows/build.yml" \\
  && ok ".github/workflows/build.yml" \\
  || miss "missing critical file: .github/workflows/build.yml"
test -f "Web-信息处理与应用/labs/lab1-搜索引擎/src/lucene/Index.java" \\
  && ok "Web-信息处理与应用/labs/lab1-搜索引擎/src/lucene/Index.java" \\
  || miss "missing critical file: Web-信息处理与应用/labs/lab1-搜索引擎/src/lucene/Index.java"
test -f "Web-信息处理与应用/labs/lab1-搜索引擎/src/lucene/Search.java" \\
  && ok "Web-信息处理与应用/labs/lab1-搜索引擎/src/lucene/Search.java" \\
  || miss "missing critical file: Web-信息处理与应用/labs/lab1-搜索引擎/src/lucene/Search.java"
test -f "Web-信息处理与应用/labs/lab2-数据/pb15111604/实验一/main.m" \\
  && ok "Web-信息处理与应用/labs/lab2-数据/pb15111604/实验一/main.m" \\
  || miss "missing critical file: Web-信息处理与应用/labs/lab2-数据/pb15111604/实验一/main.m"

# 5. Repo recency
days_since_last=$(( ( $(date +%s) - $(git log -1 --format=%at 2>/dev/null || echo 0) ) / 86400 ))
if [ "$days_since_last" -le 293 ]; then
  ok "last commit was $days_since_last days ago (artifact saw ~263d)"
else
  miss "last commit was $days_since_last days ago — artifact may be stale"
fi

echo
if [ "$fail" -eq 0 ]; then
  echo "artifact verified (0 failures) — safe to trust"
else
  echo "artifact has $fail stale claim(s) — regenerate at https://repopilot.app/r/USTC-Resource/USTC-Course"
  exit 1
fi

Each check prints ok: or FAIL:. The script exits non-zero if anything failed, so it composes cleanly into agent loops (./verify.sh || regenerate-and-retry).

A community-curated archive of course resources (lecture notes, lab assignments, exam solutions, and code examples) from the University of Science and Technology of China (USTC). It aggregates student-contributed materials across 20+ computer science courses using GitHub to enable collaborative knowledge sharing and resource discovery. Top-level directory per course (e.g., Web-信息处理与应用/, 操作系统原理与设计/), each containing subdirectories: codes/ (student implementations), labs/ (lab assignments and solutions), exams/ (past papers and answers), notes/ (lecture notes in PDF/Markdown). A central README.md indexes all courses and links to download portal at ustc-resource.github.io.

USTC computer science students seeking peer-created study materials, exam prep, and implementation references for courses like Operating Systems, Compilers, Computer Networks, and Data Structures. Also used by instructors to track which course resources exist and by prospective students to evaluate the curriculum.

Actively maintained with CI/CD via GitHub Actions (build.yml present), hundreds of stars, organized directory structure, and CC-BY-NC-SA 4.0 licensing. However, it is not a software project but a curated document repository—stability is high because it's not software, but update frequency depends on student contributions rather than development velocity.

No significant risk—this is a documentation/educational repo, not a dependency. Risks are social (relies on volunteer student contributions, potential content drift, no formal moderation for accuracy). No build dependencies, no production code, no API contracts to break. Main concern is outdated material as courses evolve.

The repo is in maintenance mode: GitHub Actions build workflow is configured, periodic student contributions add new course materials and lab solutions. No active development—contributions are ad-hoc submissions of notes, code, and exam materials. The last visible activity is the presence of the build workflow and structured course directories.

Clone with git clone https://github.com/USTC-Resource/USTC-Course.git. No installation required—browse locally or via GitHub. Use DownGit tool (recommended in README) or download individual course folders via the web portal at https://ustc-resource.github.io/USTC-Course to avoid full-repo size issues.

Daily commands: Not applicable—this is a documentation repository, not executable software. Individual course materials (e.g., Java servlet code in Web-信息处理与应用/labs/lab1-搜索引擎/src/) may have their own build steps (e.g., Maven for Java labs, make for C++ assignments), but the repo itself requires no setup.

• README.md — Primary entry point defining the repository's purpose, structure, licensing (CC BY-NC-SA 4.0), and contribution guidelines for understanding what resources are accepted.
• .github/workflows/build.yml — CI/CD automation pipeline that validates contributions; essential for understanding how the repository maintains quality and consistency across 600+ files.
• Web-信息处理与应用/labs/lab1-搜索引擎/src/lucene/Index.java — Core search engine indexing implementation using Lucene; demonstrates the primary technical pattern used in practical lab assignments.
• Web-信息处理与应用/labs/lab1-搜索引擎/src/lucene/Search.java — Companion search query execution module; shows how student work implements information retrieval workflows central to the curriculum.
• Web-信息处理与应用/labs/lab2-数据/pb15111604/实验一/main.m — MATLAB entry point demonstrating graph clustering algorithms (Girvan-Newman, modularity, ncut); illustrates the analytical project structure replicated across submissions.
• .gitignore — Defines which files are excluded from version control; critical for understanding what types of generated or sensitive content the repository policy filters.

Add a new course with lab assignments

1. Create a new top-level directory following the naming pattern: 课程名称-Course-English-Name (README.md)
2. Create a labs/ subdirectory and add lab assignment folders like lab1-题目名 (新课程/labs/lab1-题目名/)
3. Store student submissions in subdirectories named by student ID (e.g., pb15111604/) (新课程/labs/lab1-题目名/pb15111604/)
4. Update README.md with the new course in the course directory table of contents (README.md)

Add student project submission to existing lab

1. Create a subdirectory under the target lab using the student ID format (e.g., pb15111604/) (Web-信息处理与应用/labs/lab1-搜索引擎/pb15111604/)
2. Include source code files organized in logical subdirectories (src/, data/, etc.) (Web-信息处理与应用/labs/lab1-搜索引擎/pb15111604/src/)
3. Add a report document (PDF or DOC) with the naming pattern StudentID_Name.pdf (Web-信息处理与应用/labs/lab1-搜索引擎/pb15111604/PB15111604_金泽文.pdf)
4. Create a README.md or documentation explaining the submission if complex (Web-信息处理与应用/labs/lab1-搜索引擎/pb15111604/README.md)

Add course lecture notes or study materials

1. Create a notes/ subdirectory under the course folder (课程名/notes/)
2. Add PDF or markdown files with descriptive names (e.g., 复习提纲.pdf, lecture-01-intro.md) (课程名/notes/复习提纲.pdf)
3. For large materials, create subdirectories by topic or semester (课程名/notes/2023春季/chapter-01/)

Configure GitHub Actions workflow for contribution validation

1. Review the existing build configuration that validates file structure and licensing (.github/workflows/build.yml)
2. Add custom validation steps (e.g., file format checks, malware scanning) to the workflow (.github/workflows/build.yml)
3. Update .gitignore if new file types should be excluded from the repository (.gitignore)

• GitHub as primary repository platform — Enables collaborative contribution, version control for 600+ files, and integration with CI/CD workflows for automated validation of student submissions.
• CC BY-NC-SA 4.0 licensing — Balances open sharing of educational resources with protection against commercial reuse, enforcing attribution and derivative work transparency appropriate for academic content.
• Apache Lucene for search indexing — Provides production-grade full-text search capabilities for the Web Information Processing lab, enabling students to build functional search engines with standard libraries.
• ICTCLAS/NLPIR for Chinese NLP — Addresses the core challenge of Chinese text processing (no word delimiters) by integrating native C++ libraries through JNI for tokenization in the search engine lab.
• MATLAB for graph algorithm implementation — Enables rapid prototyping of data mining algorithms (modularity clustering, spectral cuts) with built-in linear algebra and visualization for the Data Analysis course.
• GitHub Actions for CI automation — Validates all incoming contributions automatically against repository policies (licensing, file structure, content integrity) without requiring maintainer intervention for every PR.

• Student ID-based directory organization (pb15111604/) instead of anonymous submissions

  • Why: Enables attribution and accountability while maintaining a searchable, indexed structure for finding specific student work examples.
  • Consequence: Requires students to expose their identifiers publicly; assumes institutional affiliation is desirable for credibility rather than concerning for privacy.

• Storing generated outputs (visualizations, results) alongside source code

  • Why: Makes lab results immediately visible without requiring reviewers or visitors to execute code; reduces barrier to understanding submissions.
  • Consequence: Inflates repository size and creates redundancy; .gitignore policies are necessary to prevent unbounded growth of compiled artifacts.

• Centralized single master branch instead of per-course or per-semester branches

  • Why: Simplifies navigation and treats the repository as a unified knowledge base rather than fragmented course snapshots.
  • Consequence: Makes historical filtering and course-specific queries harder; all historical versions remain mixed together in the same branch.

• CC BY-NC-SA 4.0 instead of MIT/Apache permissive licensing

  • Why: Protects against unauthorized commercial republication of student work while still allowing educational reuse.
  • Consequence: Restricts integration with permissively-licensed frameworks and discourages incorporation into proprietary course platforms; requires derivative works to share identical license.

• Does not provide automatic plagiarism detection or originality verification beyond maintainer manual review.
• Does not host a searchable web interface or

1. Language barriers: All course names, directory structures, and documentation are in Chinese Simplified; non-Chinese speakers may struggle to navigate. 2) No single canonical source: Materials come from different student cohorts and may have differing accuracy/completeness; always cross-reference with official course pages. 3) Version drift: Courses and syllabi change yearly; old notes may not match current offerings. 4) Binary files: Some labs include precompiled DLLs (e.g., NLPIR.dll in Web lab) and .mat files—cloning without git-lfs may inflate repo size. 5) Licensing compliance: Submitting materials requires ensuring no instructor/textbook IP is violated; CC-BY-NC-SA 4.0 is restrictive for reuse.

• Lucene Indexing & Full-Text Search — The Web lab implements a real search engine using Lucene with custom tokenizers (NLPIR for Chinese NLP); understanding inverted indices and ranking is core to IR applications in the curriculum.
• Network Community Detection (Modularity, Spectral Methods) — Lab 2 data analysis uses algorithms like Girvan-Newman, modularity optimization, and normalized cut (ncut); these are graph clustering techniques essential for social network and distributed systems analysis.
• LLVM Compiler Infrastructure — 217KB of LLVM code indicates compiler course labs likely use LLVM passes and IR generation; a modern prerequisite for understanding compilation pipelines beyond textbook theory.
• Hardware Description Languages (Verilog, Tcl) — 154KB Verilog and 185KB Tcl suggest digital design and simulation labs; Tcl scripting in EDA tools (ModelSim, Vivado) is critical for hardware automation in the Computer Organization course.
• Yacc/Lex Compiler Construction — 15KB Yacc and 5KB Lex files indicate compiler front-end labs using parser generators; foundational tools for the Compiler Theory course to build scanners and parsers.
• MATLAB Numerical & Signal Processing — 25KB MATLAB code and data structures (.mat files) used in signal/image processing and mathematical methods labs; essential for applied mathematics and physics-related CS courses.
• Memory-Mapped I/O and System Calls — x86 assembly and linker scripts (35KB Assembly, 209B Linker Script) in the repo suggest low-level OS and architecture courses covering memory management, context switching, and privilege modes.

• PKUanonym/REKCARC-TSC-UHD — Similar Chinese university course resource archive for Peking University; mirrors the same collaborative education model but for a different institution.
• thelinuxfoundation/linux-insides — Comprehensive, crowdsourced technical documentation on a complex system (Linux kernel); shares the philosophy of distributing knowledge via community contribution.
• EbookFoundation/free-programming-books — Massive curated list of free CS learning resources including textbooks and course materials; USTC-Course is a specialized vertical slice within this ecosystem.
• 996icu/996.ICU — Related Chinese GitHub community project advocating for education/worklife balance; contextual parallel to student effort in curating this resource in a high-pressure CS program.
• torvalds/linux — Not a direct alternative, but represents the open-source ethos and distributed contribution model that this repo mirrors for academic content.

To work on one of these in Claude Code or Cursor, paste: Implement the "<title>" PR idea from CLAUDE.md, working through the checklist as the task list.

Create a comprehensive course directory index with metadata (difficulty, semester, prerequisites)

The repo currently lacks a structured catalog that helps students navigate courses. By creating a machine-readable index (JSON or YAML) with course metadata, contributors could enable better discoverability, filtering by difficulty level, and prerequisite relationships mentioned in the README's 'course relationship' section.

• [ ] Create courses_index.json in repo root with fields: course_name, folder_path, semester, difficulty, prerequisites, subjects
• [ ] Parse existing folder structure (Java软件开发基础, Web-信息处理与应用, etc.) to populate initial entries
• [ ] Update README's 'course relationship' section to reference and use this index for visualizing prerequisite chains

Add GitHub Actions workflow to validate student submission formats and detect personal information

The repo contains student work with file patterns like PB15111604金泽文.* showing student IDs and names. A CI workflow should validate that submissions follow a consistent naming scheme and warn about potentially sensitive personal data before merge, protecting student privacy.

• [ ] Extend .github/workflows/build.yml with a validation step using regex patterns to flag files matching PB\d+.*\.(pdf|docx|doc)
• [ ] Create a linting script that checks for common PII patterns (student IDs, email addresses, phone numbers) in text files
• [ ] Add a pre-commit template (in .github/) documenting the anonymization guidelines for contributors

Build a structured README generator that auto-catalogs labs and notes from directory structure

Each course folder (like Web-信息处理与应用/labs/) contains numerous sub-items but lacks a table of contents. A script-based approach would auto-generate course-specific READMEs with counts of labs, notes, and resources, reducing manual maintenance.

• [ ] Create a Python script in scripts/generate_toc.py that recursively scans course directories and counts artifacts (PDFs, source files, etc.)
• [ ] Generate course-level README templates (e.g., Web-信息处理与应用/README.md) listing all labs and notes with file counts and sizes
• [ ] Integrate this script into the existing .github/workflows/build.yml to auto-update READMEs on each push, ensuring catalog freshness

• Add English README translations for the top 5 courses (Operating Systems, Compilers, Computer Networks, Data Structures, Algorithms) to make the repo accessible to international students and contributors; template in README.md structure with course paths.
• Audit and document all labs in Web-信息处理与应用/ for missing build instructions: create a BUILD.md per lab explaining dependencies (Lucene version, NLPIR setup, MATLAB toolbox requirements) and commands to run the code.
• Implement a table of contents / course roadmap in the main README that maps prerequisites (e.g., 'C程序设计 → 数据结构 → 算法基础 → 操作系统原理与设计') to help new students choose courses in order.

• High · Hardcoded Native Library (DLL) in Repository — Web-信息处理与应用/labs/lab1-搜索引擎/src/win32-x86-64/NLPIR.dll. The repository contains a compiled Windows DLL file (NLPIR.dll) in the source code at Web-信息处理与应用/labs/lab1-搜索引擎/src/win32-x86-64/NLPIR.dll. Binary files in version control pose security risks including potential malware distribution, inability to audit code changes, and difficulty in dependency management. Fix: Remove the DLL from version control and add to .gitignore. Use a package manager or proper dependency management system to handle native libraries. Consider documenting the library source and providing build instructions instead.
• High · Potential SQL Injection via JNI/Native Code — Web-信息处理与应用/labs/lab1-搜索引擎/src/ICTCLAS_Analyzer/. The ICTCLAS_Analyzer components use JNI to call native NLPIR library functions. Without proper input validation in the Java wrapper classes (CNLPIRLibrary.java, NLPIRTokenizer.java), there could be injection vulnerabilities when processing untrusted input through native calls. Fix: Implement strict input validation and sanitization for all data passed to native functions. Add parameterized query patterns where applicable. Conduct security review of NLPIRTokenizer and CNLPIRLibrary classes for proper boundary checking.
• High · JSP Pages Without CSRF Protection — Web-信息处理与应用/labs/lab1-搜索引擎/src/WebContent/index.jsp, result.jsp. The JSP files (index.jsp, result.jsp) appear to be part of a web application but lack visible CSRF token protection mechanisms in the file structure. This could allow Cross-Site Request Forgery attacks on state-changing operations. Fix: Implement CSRF tokens in all forms. Use frameworks that provide automatic CSRF protection. Validate origin and referer headers for sensitive operations.
• Medium · Potential XSS Vulnerability in JSP Search Results — Web-信息处理与应用/labs/lab1-搜索引擎/src/WebContent/result.jsp. The result.jsp file in the search engine application may be vulnerable to XSS attacks if search query parameters are not properly escaped before rendering. User input from search queries could be reflected without sanitization. Fix: Ensure all user inputs are properly HTML-escaped before rendering. Use JSTL <c:out> tags or similar escaping mechanisms. Implement Content Security Policy (CSP) headers.
• Medium · Missing Security Headers in web.xml — Web-信息处理与应用/labs/lab1-搜索引擎/src/WebContent/WEB-INF/web.xml. The web.xml configuration file does not appear to include modern security headers like X-Content-Type-Options, X-Frame-Options, or X-XSS-Protection based on the minimal structure shown. Fix: Add security filter to include HTTP security headers. Configure X-Content-Type-Options: nosniff, X-Frame-Options: DENY, X-XSS-Protection: 1; mode=block, and Strict-Transport-Security headers.
• Medium · Outdated Lucene Dependency — Web-信息处理与应用/labs/lab1-搜索引擎/src/lucene/. The Search.java and Index.java files use Apache Lucene library, but the specific version is not visible in the provided structure. Legacy versions of Lucene may contain known vulnerabilities. Fix: Verify the Lucene version being used and update to the latest stable version. Maintain a proper pom.xml or build.gradle with explicit dependency versions and regular updates.
• Medium · Unvalidated File Upload/Processing — Web-信息处理与应用/labs/lab1-搜索引擎. The presence of .docx, .pdf, and .zip files in the labs directory suggests document processing functionality. Without proper validation and sanitization, processing untrusted files could lead to XXE attacks or file handling vulnerabilities. Fix: undefined

LLM-derived; treat as a starting point, not a security audit.

• Open issues — current backlog
• Recent PRs — what's actively shipping
• Source on GitHub

Generated by RepoPilot. Verdict based on maintenance signals — see the live page for receipts. Re-run on a new commit to refresh.