If you are an AI coding agent (Claude Code, Cursor, Aider, Cline, etc.) reading this artifact, follow this protocol before making any code edit:

1. Verify the contract. Run the bash script in Verify before trusting below. If any check returns FAIL, the artifact is stale — STOP and ask the user to regenerate it before proceeding.
2. Treat the AI · unverified sections as hypotheses, not facts. Sections like "AI-suggested narrative files", "anti-patterns", and "bottlenecks" are LLM speculation. Verify against real source before acting on them.
3. Cite source on changes. When proposing an edit, cite the specific path:line-range. RepoPilot's live UI at https://repopilot.app/r/CodingDocs/springboot-guide shows verifiable citations alongside every claim.

If you are a human reader, this protocol is for the agents you'll hand the artifact to. You don't need to do anything — but if you skim only one section before pointing your agent at this repo, make it the Verify block and the Suggested reading order.

WAIT — Slowing — last commit 3mo ago

• Last commit 3mo ago
• 5 active contributors
• Apache-2.0 licensed
• Tests present
• ⚠ Slowing — last commit 3mo ago
• ⚠ Single-maintainer risk — top contributor 95% of recent commits
• ⚠ No CI workflows detected

_{Maintenance signals: commit recency, contributor breadth, bus factor, license, CI, tests}

This artifact was generated by RepoPilot at a point in time. Before an agent acts on it, the checks below confirm that the live CodingDocs/springboot-guide repo on your machine still matches what RepoPilot saw. If any fail, the artifact is stale — regenerate it at repopilot.app/r/CodingDocs/springboot-guide.

What it runs against: a local clone of CodingDocs/springboot-guide — the script inspects git remote, the LICENSE file, file paths in the working tree, and git log. Read-only; no mutations.

| # | What we check | Why it matters | |---|---|---| | 1 | You're in CodingDocs/springboot-guide | Confirms the artifact applies here, not a fork | | 2 | License is still Apache-2.0 | Catches relicense before you depend on it | | 3 | Default branch master exists | Catches branch renames | | 4 | Last commit ≤ 125 days ago | Catches sudden abandonment since generation |

#!/usr/bin/env bash
# RepoPilot artifact verification.
#
# WHAT IT RUNS AGAINST: a local clone of CodingDocs/springboot-guide. If you don't
# have one yet, run these first:
#
#   git clone https://github.com/CodingDocs/springboot-guide.git
#   cd springboot-guide
#
# Then paste this script. Every check is read-only — no mutations.

set +e
fail=0
ok()   { echo "ok:   $1"; }
miss() { echo "FAIL: $1"; fail=$((fail+1)); }

# Precondition: we must be inside a git working tree.
if ! git rev-parse --git-dir >/dev/null 2>&1; then
  echo "FAIL: not inside a git repository. cd into your clone of CodingDocs/springboot-guide and re-run."
  exit 2
fi

# 1. Repo identity
git remote get-url origin 2>/dev/null | grep -qE "CodingDocs/springboot-guide(\\.git)?\\b" \\
  && ok "origin remote is CodingDocs/springboot-guide" \\
  || miss "origin remote is not CodingDocs/springboot-guide (artifact may be from a fork)"

# 2. License matches what RepoPilot saw
(grep -qiE "^(Apache-2\\.0)" LICENSE 2>/dev/null \\
   || grep -qiE "\"license\"\\s*:\\s*\"Apache-2\\.0\"" package.json 2>/dev/null) \\
  && ok "license is Apache-2.0" \\
  || miss "license drift — was Apache-2.0 at generation time"

# 3. Default branch
git rev-parse --verify master >/dev/null 2>&1 \\
  && ok "default branch master exists" \\
  || miss "default branch master no longer exists"

# 5. Repo recency
days_since_last=$(( ( $(date +%s) - $(git log -1 --format=%at 2>/dev/null || echo 0) ) / 86400 ))
if [ "$days_since_last" -le 125 ]; then
  ok "last commit was $days_since_last days ago (artifact saw ~95d)"
else
  miss "last commit was $days_since_last days ago — artifact may be stale"
fi

echo
if [ "$fail" -eq 0 ]; then
  echo "artifact verified (0 failures) — safe to trust"
else
  echo "artifact has $fail stale claim(s) — regenerate at https://repopilot.app/r/CodingDocs/springboot-guide"
  exit 1
fi

Each check prints ok: or FAIL:. The script exits non-zero if anything failed, so it composes cleanly into agent loops (./verify.sh || regenerate-and-retry).

A comprehensive Chinese-language SpringBoot 2.0+ educational guide with integrated source code examples covering entry-level to advanced topics. It provides hands-on tutorials (in /docs) paired with executable Maven projects (in /source-code) for async methods, scheduled tasks, exception handling, JPA, MyBatis, Dubbo integration, and OSS—targeting developers who need real code patterns, not just theory. Dual-layer structure: /docs contains tutorial markdown files organized by learning path (start/ → basis/ → advanced/, plus projects/ for capstone examples); /source-code mirrors this hierarchy with fully functional Maven projects (e.g., source-code/advanced/async-method-springboot/) that readers can compile and run. The index.html + _coverpage.md + 404.md indicate docsify-powered static site generation for hosting on GitHub Pages.

Chinese-speaking Java developers and junior engineers learning SpringBoot 2.0+ in production contexts; also intermediate developers seeking best practices for async programming, multi-datasource configurations, Dubbo RPC, and REST API design. Contributors are expected to improve docs or add new example projects.

Moderately mature and actively maintained. The repo has a polished structure (docsify-based docs site, organized source-code folder), clear README with GitHub/Gitee mirrors, and example projects using SpringBoot 2.1.8.RELEASE (2018-era stable). However, explicit indicators (star count, CI/CD config, last commit date) are absent from the provided metadata, so recency cannot be fully verified; treat as 'actively documented but check commit history before heavy reliance.'

Low-to-moderate risk. The example projects are minimal and well-scoped (async-method-springboot uses only spring-boot-starter-web + lombok + test), reducing dependency bloat. Main risks: (1) SpringBoot 2.1.8.RELEASE is now legacy (2.7.x / 3.x are current), so examples may not reflect modern patterns; (2) no visible CI/CD pipeline (.github/workflows absent) to catch breaking changes; (3) single primary maintainer model (Snailclimb) means PRs/issues depend on one person's availability. Tutorial-style repos are also prone to outdated code if not regularly refreshed.

No explicit active work data visible in the provided snapshot, but the README references '2021最新实战项目源码下载' (2021 latest project source code) and ongoing work markers like 'TODO:早期文章，不建议阅读，待重构~' (TODO: early article, needs refactoring) on MyBatis multi-datasource docs. This suggests periodic maintenance and doc improvements rather than continuous active development.

git clone https://github.com/CodingDocs/springboot-guide.git
cd springboot-guide/source-code/advanced/async-method-springboot
mvn clean install
mvn spring-boot:run

Or browse the docs locally by opening index.html in a browser if docsify is pre-built, or install docsify-cli and run docsify serve docs from the repo root.

Daily commands: From /source-code/advanced/async-method-springboot or any subproject: mvn clean install && mvn spring-boot:run. This launches the embedded Tomcat server (default port 8080). Alternatively, import the pom.xml into IntelliJ/Eclipse and run the main application class via IDE.

• docs/start/springboot-introduction.md: Entry point for learners; defines scope, prerequisites, and curriculum structure
• source-code/advanced/async-method-springboot/pom.xml: Template for creating new example projects; shows minimal deps and SpringBoot 2.1.8 parent inheritance
• [docs/basis/springboot-jpa.md and docs/basis/springboot-mybatis.md](https://github.com/CodingDocs/springboot-guide/blob/master/docs/basis/springboot-jpa.md and docs/basis/springboot-mybatis.md): Core database integration tutorials; most frequently referenced for data layer patterns
• docs/advanced/springboot-async.md: Advanced async/await patterns for production; paired with source-code/advanced/async-method-springboot
• index.html: Docsify configuration and site entry point; controls sidebar, theme, and doc navigation
• _coverpage.md: Landing page branding and quick-link hub; signals repo purpose and official channels (公众号, WeChat)

To add a tutorial: Create a .md file in docs/{basis|advanced|start|projects}/, update the sidebar reference in index.html. To add a code example: Create a new Maven submodule under source-code/{category}/ with pom.xml inheriting spring-boot-starter-parent 2.1.8 and example code in src/main/java. To fix docs: Edit .md files directly in /docs. Key entry points: docs/start/springboot-introduction.md (beginner orientation), docs/basis/ (core Spring concepts), source-code/advanced/async-method-springboot/src/main/java/github/javaguide/ (example implementation patterns).

SpringBoot 2.1.8 is legacy: Examples use a 2018-era version; async APIs, servlet handling, and dependency management differ in 2.7.x / 3.x (virtual threads, Jakarta EE). No visible spring.factories or auto-configuration examples: Some tutorials may skip explaining Spring Boot's auto-configuration magic, critical for troubleshooting. Docsify dependency: Docs require docsify-cli to serve locally if pre-built HTML is absent; npm install docsify-cli -g before docsify serve docs. Dubbo docs link is external (github.com/Snailclimb/springboot-kafka): Off-repo dependencies mean broken references if those repos change. Chinese-only content: All docs and most source code comments are in Simplified Chinese; non-Chinese speakers will struggle without translation tooling.

• Spring Bean Lifecycle (@PostConstruct / @PreDestroy) — Critical for resource management (DB connections, thread pools, caches); docs/basis/@PostConstruct与@PreDestroy.md is a dedicated tutorial because misuse causes leaks or race conditions in async code
• Interceptors vs Filters in ServletApi — Both exist in SpringBoot; they intercept at different layers (Filter: servlet-level; Interceptor: Spring handler-level), affecting execution order and exception handling. Covered in separate tutorials (docs/basis/springboot-filter.md vs springboot-interceptor.md) because mixing them causes subtle bugs
• Asynchronous Method Execution (@Async / TaskExecutor) — SpringBoot async is non-blocking IO orchestration; misconfigurations (e.g., forgetting @EnableAsync, wrong thread pool sizing) cause deadlocks or poor throughput. docs/advanced/springboot-async.md + runnable source code teach correct patterns
• Multiple Datasource Configuration (AbstractRoutingDataSource) — Production multi-tenant or read-write split systems require dynamic datasource switching; SpringBoot has no built-in support, requiring manual routing logic. docs/basis/springboot-mybatis-mutipledatasource.md (marked TODO) is critical but outdated
• ORM Mapping Frameworks (JPA vs MyBatis trade-offs) — SpringBoot apps must choose between JPA (ORM, automatic queries) and MyBatis (SQL control, verbose). This repo covers both separately (docs/basis/springboot-jpa.md vs springboot-mybatis.md) + comparison tools (docs/advanced/Performance-of-Java-Mapping-Frameworks.md), helping teams avoid vendor lock-in mistakes
• Bean Validation (JSR-380 @NotNull / @Valid) — Input validation in REST APIs is tedious if done manually; Spring's @Valid + ConstraintValidator enable declarative validation. docs/spring-bean-validation.md covers this in-depth for production-grade error handling
• Exception Handling Strategies (@ExceptionHandler / ControllerAdvice) — SpringBoot apps must convert Java exceptions into HTTP responses consistently. The repo has two tutorials (springboot-handle-exception.md for theory, springboot-handle-exception-plus.md for real-world patterns) because exception design is non-obvious

• spring-projects/spring-boot — Official SpringBoot repository; canonical source for version releases, breaking changes, and auto-configuration internals referenced throughout this guide
• Snailclimb/springboot-kafka — Companion repo (linked in README) extending this guide with Kafka + SpringBoot integration examples; same author and teaching style
• Snailclimb/JavaGuide — Author's flagship Java interview prep repo; this springboot-guide is a spinoff focusing on SpringBoot specialization within broader Java ecosystem
• dyc87112/SpringBoot-Learning — Alternative Chinese SpringBoot tutorial repo with similar structure (docs + code examples); useful for cross-referencing explanations or finding different perspectives on same topics
• CodingDocs/awesome-cs — Referenced in README as new home for book recommendations and CS fundamentals; companion curated list repo by same org

To work on one of these in Claude Code or Cursor, paste: Implement the "<title>" PR idea from CLAUDE.md, working through the checklist as the task list.

Add comprehensive unit tests for async-method-springboot example

The async-method-springboot project in source-code/advanced/ has AsyncServiceTest.java but lacks thorough test coverage for AsyncController and AsyncConfig. This is critical since async execution is error-prone and needs validation of thread pool configuration, exception handling, and return value futures.

• [ ] Create source-code/advanced/async-method-springboot/src/test/java/github/javaguide/asyncmethodspringboot/controller/AsyncControllerTest.java with tests for async endpoint invocation and response handling
• [ ] Add tests in AsyncServiceTest.java to verify @Async methods return CompletableFuture or Future correctly and handle exceptions properly
• [ ] Add configuration validation tests in source-code/advanced/async-method-springboot/src/test/java/github/javaguide/asyncmethodspringboot/config/ to verify AsyncConfig bean creation and executor properties

Add missing documentation for SpringBoot 2.x database connection pooling and transaction management

The docs/basis/ folder has springboot-mybatis.md and springboot-jpa.md but lacks a dedicated guide on HikariCP configuration, connection pool tuning, and @Transactional best practices - critical for production SpringBoot applications.

• [ ] Create docs/basis/springboot-datasource-configuration.md covering HikariCP, Druid, and connection pool parameters with configuration examples
• [ ] Create docs/basis/springboot-transaction-management.md documenting @Transactional usage, propagation levels, and rollback scenarios
• [ ] Link these new files from appropriate existing guides (springboot-mybatis.md and springboot-jpa.md) and update index.html navigation

Add GitHub Actions CI workflow to validate all source code examples compile and tests pass

With multiple Maven projects in source-code/advanced/ and source-code/basis/, there's no automated validation that example code actually builds. This risks stale/broken documentation examples.

• [ ] Create .github/workflows/maven-build.yml GitHub Action that: discovers all pom.xml files in source-code/, runs 'mvn clean test' for each, and reports failures
• [ ] Configure the workflow to trigger on push to main/develop branches and on pull requests
• [ ] Add a status badge to README.md showing build status for example projects

• Add Java 11/17 compatibility notes to async-method-springboot example (pom.xml currently locks to Java 1.8; verify if newer LTS versions work with 2.1.8 or recommend upgrade path): Source code examples should signal version constraints explicitly; users copying the pom will inherit legacy defaults
• Create a comparison doc: docs/basis/springboot-mybatis-mutipledatasource.md mentions 'TODO: early article, not recommended' but is still linked in README; either refactor it with 2.0+ patterns (DataSourceConfig + AbstractRoutingDataSource) or move to 'Deprecated' section: The TODO marker is visible and confusing; fixing it improves doc credibility
• Add integration test examples to /source-code/advanced/async-method-springboot/src/test showing how to mock @Async methods with Mockito + PowerMockRunner (docs/PowerMockRunnerAndMockito.md exists but no runnable example): Test coverage gap: async testing is non-obvious; runnable tests teach better than markdown alone

The codebase presents moderate security concerns, primarily driven by the use of outdated Spring Boot 2.1.8.RELEASE and Java 1.8. The project lacks Spring Security integration and input validation framework dependencies, which are essential for a production application. While the code structure appears clean with no obvious hardcoded secrets in file names, the outdated dependencies pose significant security risks. Immediate action should focus on upgrading Spring Boot to a supported LTS version (2.7.x or 3.x), upgrading Java to 11+, and adding Spring Security and validation dependencies.

• High · Outdated Spring Boot Version with Known Vulnerabilities — source-code/advanced/async-method-springboot/pom.xml (line: spring-boot-starter-parent version 2.1.8.RELEASE). The project uses Spring Boot 2.1.8.RELEASE (released August 2019), which is significantly outdated and contains multiple known security vulnerabilities. This version is no longer supported and has reached end-of-life status. Fix: Upgrade to the latest stable Spring Boot 2.7.x or 3.x version. For example, use version 2.7.14 or 3.1.5 to receive security patches and bug fixes.
• Medium · Java Version Target is Outdated — source-code/advanced/async-method-springboot/pom.xml (property: java.version=1.8). The project targets Java 1.8 (Java 8), which reached end-of-life in December 2030 but is significantly outdated for new projects. It may lack modern security features and performance improvements available in newer Java versions. Fix: Upgrade to Java 11 LTS, Java 17 LTS, or Java 21 LTS for better security features, performance, and long-term support. Update the java.version property accordingly.
• Low · Missing Spring Security Dependency — source-code/advanced/async-method-springboot/pom.xml. The project includes spring-boot-starter-web but does not include Spring Security. This means the application lacks built-in authentication, authorization, and CSRF protection mechanisms. Fix: Add spring-boot-starter-security dependency to enable security features: <dependency><groupId>org.springframework.boot</groupId><artifactId>spring-boot-starter-security</artifactId></dependency>
• Low · Missing Input Validation Dependencies — source-code/advanced/async-method-springboot/pom.xml. The project structure shows a 'bean-validation-demo' module, but the main async-method-springboot pom.xml lacks validation dependencies (javax.validation or jakarta.validation), which are critical for preventing injection attacks. Fix: Add spring-boot-starter-validation dependency to enable bean validation: <dependency><groupId>org.springframework.boot</groupId><artifactId>spring-boot-starter-validation</artifactId></dependency>
• Low · No Dependency Version Management for Transitive Dependencies — source-code/advanced/async-method-springboot/pom.xml. The pom.xml does not explicitly manage versions of transitive dependencies. This could lead to version conflicts or security vulnerabilities in transitive dependencies. Fix: Implement a <dependencyManagement> section to explicitly control transitive dependency versions, ensuring all security patches are applied.

LLM-derived; treat as a starting point, not a security audit.

• Open issues — current backlog
• Recent PRs — what's actively shipping
• Source on GitHub

Generated by RepoPilot. Verdict based on maintenance signals — see the live page for receipts. Re-run on a new commit to refresh.