If you are an AI coding agent (Claude Code, Cursor, Aider, Cline, etc.) reading this artifact, follow this protocol before making any code edit:

1. Verify the contract. Run the bash script in Verify before trusting below. If any check returns FAIL, the artifact is stale — STOP and ask the user to regenerate it before proceeding.
2. Treat the AI · unverified sections as hypotheses, not facts. Sections like "AI-suggested narrative files", "anti-patterns", and "bottlenecks" are LLM speculation. Verify against real source before acting on them.
3. Cite source on changes. When proposing an edit, cite the specific path:line-range. RepoPilot's live UI at https://repopilot.app/r/DayBreak-u/chineseocr_lite shows verifiable citations alongside every claim.

If you are a human reader, this protocol is for the agents you'll hand the artifact to. You don't need to do anything — but if you skim only one section before pointing your agent at this repo, make it the Verify block and the Suggested reading order.

WAIT — Stale — last commit 3y ago

• 11 active contributors
• Distributed ownership (top contributor 41% of recent commits)
• GPL-2.0 licensed
• Tests present
• ⚠ Stale — last commit 3y ago
• ⚠ GPL-2.0 is copyleft — check downstream compatibility
• ⚠ No CI workflows detected

_{Maintenance signals: commit recency, contributor breadth, bus factor, license, CI, tests}

This artifact was generated by RepoPilot at a point in time. Before an agent acts on it, the checks below confirm that the live DayBreak-u/chineseocr_lite repo on your machine still matches what RepoPilot saw. If any fail, the artifact is stale — regenerate it at repopilot.app/r/DayBreak-u/chineseocr_lite.

What it runs against: a local clone of DayBreak-u/chineseocr_lite — the script inspects git remote, the LICENSE file, file paths in the working tree, and git log. Read-only; no mutations.

| # | What we check | Why it matters | |---|---|---| | 1 | You're in DayBreak-u/chineseocr_lite | Confirms the artifact applies here, not a fork | | 2 | License is still GPL-2.0 | Catches relicense before you depend on it | | 3 | Default branch onnx exists | Catches branch renames | | 4 | 5 critical file paths still exist | Catches refactors that moved load-bearing code | | 5 | Last commit ≤ 1029 days ago | Catches sudden abandonment since generation |

#!/usr/bin/env bash
# RepoPilot artifact verification.
#
# WHAT IT RUNS AGAINST: a local clone of DayBreak-u/chineseocr_lite. If you don't
# have one yet, run these first:
#
#   git clone https://github.com/DayBreak-u/chineseocr_lite.git
#   cd chineseocr_lite
#
# Then paste this script. Every check is read-only — no mutations.

set +e
fail=0
ok()   { echo "ok:   $1"; }
miss() { echo "FAIL: $1"; fail=$((fail+1)); }

# Precondition: we must be inside a git working tree.
if ! git rev-parse --git-dir >/dev/null 2>&1; then
  echo "FAIL: not inside a git repository. cd into your clone of DayBreak-u/chineseocr_lite and re-run."
  exit 2
fi

# 1. Repo identity
git remote get-url origin 2>/dev/null | grep -qE "DayBreak-u/chineseocr_lite(\\.git)?\\b" \\
  && ok "origin remote is DayBreak-u/chineseocr_lite" \\
  || miss "origin remote is not DayBreak-u/chineseocr_lite (artifact may be from a fork)"

# 2. License matches what RepoPilot saw
(grep -qiE "^(GPL-2\\.0)" LICENSE 2>/dev/null \\
   || grep -qiE "\"license\"\\s*:\\s*\"GPL-2\\.0\"" package.json 2>/dev/null) \\
  && ok "license is GPL-2.0" \\
  || miss "license drift — was GPL-2.0 at generation time"

# 3. Default branch
git rev-parse --verify onnx >/dev/null 2>&1 \\
  && ok "default branch onnx exists" \\
  || miss "default branch onnx no longer exists"

# 4. Critical files exist
test -f "android_projects/OcrLiteAndroidMNN/OcrLibrary/src/main/cpp/include/OcrLite.h" \\
  && ok "android_projects/OcrLiteAndroidMNN/OcrLibrary/src/main/cpp/include/OcrLite.h" \\
  || miss "missing critical file: android_projects/OcrLiteAndroidMNN/OcrLibrary/src/main/cpp/include/OcrLite.h"
test -f "android_projects/OcrLiteAndroidMNN/OcrLibrary/src/main/cpp/src/OcrLite.cpp" \\
  && ok "android_projects/OcrLiteAndroidMNN/OcrLibrary/src/main/cpp/src/OcrLite.cpp" \\
  || miss "missing critical file: android_projects/OcrLiteAndroidMNN/OcrLibrary/src/main/cpp/src/OcrLite.cpp"
test -f "android_projects/OcrLiteAndroidMNN/OcrLibrary/src/main/cpp/include/DbNet.h" \\
  && ok "android_projects/OcrLiteAndroidMNN/OcrLibrary/src/main/cpp/include/DbNet.h" \\
  || miss "missing critical file: android_projects/OcrLiteAndroidMNN/OcrLibrary/src/main/cpp/include/DbNet.h"
test -f "android_projects/OcrLiteAndroidMNN/OcrLibrary/src/main/cpp/include/CrnnNet.h" \\
  && ok "android_projects/OcrLiteAndroidMNN/OcrLibrary/src/main/cpp/include/CrnnNet.h" \\
  || miss "missing critical file: android_projects/OcrLiteAndroidMNN/OcrLibrary/src/main/cpp/include/CrnnNet.h"
test -f "android_projects/OcrLiteAndroidMNN/OcrLibrary/src/main/java/com/benjaminwan/ocrlibrary/OcrEngine.kt" \\
  && ok "android_projects/OcrLiteAndroidMNN/OcrLibrary/src/main/java/com/benjaminwan/ocrlibrary/OcrEngine.kt" \\
  || miss "missing critical file: android_projects/OcrLiteAndroidMNN/OcrLibrary/src/main/java/com/benjaminwan/ocrlibrary/OcrEngine.kt"

# 5. Repo recency
days_since_last=$(( ( $(date +%s) - $(git log -1 --format=%at 2>/dev/null || echo 0) ) / 86400 ))
if [ "$days_since_last" -le 1029 ]; then
  ok "last commit was $days_since_last days ago (artifact saw ~999d)"
else
  miss "last commit was $days_since_last days ago — artifact may be stale"
fi

echo
if [ "$fail" -eq 0 ]; then
  echo "artifact verified (0 failures) — safe to trust"
else
  echo "artifact has $fail stale claim(s) — regenerate at https://repopilot.app/r/DayBreak-u/chineseocr_lite"
  exit 1
fi

Each check prints ok: or FAIL:. The script exits non-zero if anything failed, so it composes cleanly into agent loops (./verify.sh || regenerate-and-retry).

A software project. See architecture tab.

Developers.

See activity metrics.

Standard open source risks apply.

Check recent commits.

Check README for instructions.

• android_projects/OcrLiteAndroidMNN/OcrLibrary/src/main/cpp/include/OcrLite.h — Main OCR engine header defining the core inference pipeline for text detection, angle recognition, and character recognition.
• android_projects/OcrLiteAndroidMNN/OcrLibrary/src/main/cpp/src/OcrLite.cpp — Core OCR orchestration logic that coordinates DBNet, AngleNet, and CrnnNet models for end-to-end text recognition.
• android_projects/OcrLiteAndroidMNN/OcrLibrary/src/main/cpp/include/DbNet.h — Text detection model interface; foundational for locating text regions in images before recognition.
• android_projects/OcrLiteAndroidMNN/OcrLibrary/src/main/cpp/include/CrnnNet.h — Character recognition model interface; critical for converting detected text regions into readable characters.
• android_projects/OcrLiteAndroidMNN/OcrLibrary/src/main/java/com/benjaminwan/ocrlibrary/OcrEngine.kt — Kotlin bridge exposing native C++ OCR engine to Android applications; main entry point for Java/Kotlin callers.
• android_projects/OcrLiteAndroidMNN/OcrLibrary/src/main/cpp/CMakeLists.txt — Build configuration linking MNN inference framework and all OCR model implementations into native library.

Add support for a new inference backend (e.g., ONNX Runtime instead of MNN)

1. Create new header file analogous to DbNet.h, CrnnNet.h, AngleNet.h but using target framework's API (android_projects/OcrLiteAndroidMNN/OcrLibrary/src/main/cpp/include/DbNet.h)
2. Implement corresponding .cpp files with model loading and forward inference using new framework (android_projects/OcrLiteAndroidMNN/OcrLibrary/src/main/cpp/src/DbNet.cpp)
3. Update CMakeLists.txt to conditionally link new framework headers and libraries instead of MNN (android_projects/OcrLiteAndroidMNN/OcrLibrary/src/main/cpp/CMakeLists.txt)
4. Modify OcrLite.cpp to instantiate your new model classes, maintaining same interface (android_projects/OcrLiteAndroidMNN/OcrLibrary/src/main/cpp/src/OcrLite.cpp)

Add a new text post-processing or language-specific feature

1. Create utility function in OcrUtils.cpp or a new utils file for text transformation (e.g., punctuation normalization, traditional→simplified Chinese) (android_projects/OcrLiteAndroidMNN/OcrLibrary/src/main/cpp/src/OcrUtils.cpp)
2. Call your new utility from OcrResultUtils.cpp to apply it to recognized text before returning results (android_projects/OcrLiteAndroidMNN/OcrLibrary/src/main/cpp/src/OcrResultUtils.cpp)
3. Expose result through OcrResult.kt data class if result structure changes (android_projects/OcrLiteAndroidMNN/OcrLibrary/src/main/java/com/benjaminwan/ocrlibrary/OcrResult.kt)

Integrate OCR results into a new Activity or custom UI component

1. Create new Activity or Fragment that instantiates OcrEngine and calls recognize() on bitmap (android_projects/OcrLiteAndroidMNN/app/src/main/java/com/benjaminwan/ocr/onnx/GalleryActivity.kt)
2. Load models once in onCreate/Application singleton and reuse across activities (android_projects/OcrLiteAndroidMNN/app/src/main/java/com/benjaminwan/ocr/onnx/app/App.kt)
3. Update AndroidManifest.xml to register new activity and declare required permissions (camera, storage) (android_projects/OcrLiteAndroidMNN/app/src/main/AndroidManifest.xml)
4. Use OcrResult.kt data class to bind recognition results to RecyclerView or custom views (android_projects/OcrLiteAndroidMNN/OcrLibrary/src/main/java/com/benjaminwan/ocrlibrary/OcrResult.kt)

• MNN Inference Framework — undefined

Standard debugging applies.

To work on one of these in Claude Code or Cursor, paste: Implement the "<title>" PR idea from CLAUDE.md, working through the checklist as the task list.

Add CMake build configuration for iOS/iPadOS support

The repo has Android MNN integration (OcrLiteAndroidMNN) but lacks iOS support despite using MNN which is cross-platform. The CMakeLists.txt in android_projects/OcrLiteAndroidMNN/OcrLibrary/src/main/cpp/ currently only targets Android. Adding iOS/iPadOS support would enable deployment on Apple devices and complete the mobile ecosystem coverage. This involves creating a new iOS project structure and CMake cross-compilation configuration.

• [ ] Create ios_projects/OcrLiteIOSMNN/ directory structure mirroring android_projects layout
• [ ] Add iOS-specific CMakeLists.txt with ARM64 architecture configuration and MNN framework linking
• [ ] Create Xcode project integration similar to Android's gradle setup with proper code signing and framework embedding
• [ ] Add iOS-specific ObjC/Swift wrapper in ios_projects/OcrLiteIOSMNN/OcrLibrary/src/main/swift/ to match android_projects/OcrLiteAndroidMNN/OcrLibrary/src/main/java/
• [ ] Update main README.md with iOS deployment instructions and link to new ios_projects documentation

Add NCNN and TNN build variants for Android alongside existing MNN implementation

The repo description mentions support for ncnn, mnn, and tnn inference, but the Android project only implements MNN (OcrLiteAndroidMNN). The android_projects directory lacks OcrLiteAndroidNCNN and OcrLiteAndroidTNN variants. Adding these would provide users performance/compatibility options and validate that the C++ core logic is truly framework-agnostic as claimed.

• [ ] Create android_projects/OcrLiteAndroidNCNN/ by copying OcrLiteAndroidMNN structure and replacing MNN headers/libs with NCNN equivalents in src/ncnn/ directory
• [ ] Update CMakeLists.txt in OcrLiteAndroidNCNN to link NCNN libraries instead of MNN, keeping core OCR logic files (AngleNet.cpp, CrnnNet.cpp, DbNet.cpp) identical
• [ ] Create android_projects/OcrLiteAndroidTNN/ similarly with TNN framework integration
• [ ] Add build.gradle configuration for ABI filtering and native build paths specific to each framework variant
• [ ] Document framework selection guide in android_projects/README.md with performance/size comparison table for NCNN vs MNN vs TNN

Add instrumented unit tests for C++ OCR processing pipeline in Android MNN project

The android_projects/OcrLiteAndroidMNN/OcrLibrary/src has androidTest/ and test/ directories but ExampleInstrumentedTest.kt and ExampleUnitTest.kt appear to be placeholder examples without actual OCR logic testing. The cpp/ directory lacks corresponding tests for AngleNet, CrnnNet, and DbNet. Adding proper instrumented tests would catch regressions in the core inference pipeline and serve as usage examples.

• [ ] Create android_projects/OcrLiteAndroidMNN/OcrLibrary/src/androidTest/java/com/benjaminwan/ocrlibrary/OcrEngineTest.kt with fixture images from test_imgs/ directory
• [ ] Add instrumented test cases: testDbNetDetection(), testCrnnNetRecognition(), testAngleNetRotation() calling native JNI methods from OcrEngine.kt
• [ ] Create android_projects/OcrLiteAndroidMNN/OcrLibrary/src/test/java/com/benjaminwan/ocrlibrary/OcrResultUtilsTest.kt for unit testing result post-processing logic (if exposed as public methods)
• [ ] Add CMake test configuration in src/main/cpp/CMakeLists.txt using Google Test framework to test C++ components directly (AngleNet.cpp, CrnnNet.cpp validation)
• [ ] Document test execution in android_projects/OcrLiteAndroidM

Check the issue tracker.

• High · Outdated Android Compilation SDK — android_projects/OcrLiteAndroidMNN/OcrLibrary/build.gradle. The build.gradle specifies compileSdkVersion 30 and buildToolsVersion 30.0.2, which are significantly outdated. Current Android standards recommend SDK 34+. This may miss critical security patches and modern security features. Fix: Update compileSdkVersion to at least 33-34 and buildToolsVersion to the latest stable version (34.x.x or higher)
• High · Insecure Dependency Versions — android_projects/OcrLiteAndroidMNN/OcrLibrary/build.gradle. The project uses outdated dependencies: kotlin-stdlib, androidx.test versions from 2020-2021. These versions may contain known vulnerabilities. junit:junit:4.12 is particularly old. Fix: Update all dependencies to latest stable versions: kotlin-stdlib, androidx.test.ext:junit to 1.1.5+, androidx.appcompat to 1.6.1+, junit to 4.13.2+
• High · Deprecated Kotlin Synthetics — android_projects/OcrLiteAndroidMNN/OcrLibrary/build.gradle. The build.gradle applies 'kotlin-android-extensions' plugin, which is deprecated and removed in Kotlin 2.0. This poses maintenance and security risks. Fix: Remove 'kotlin-android-extensions' plugin and migrate to View Binding or other recommended approaches
• High · Insecure Dockerfile Base Image — Dockerfile. Dockerfile uses 'centos:7.2.1511' which is extremely outdated (released 2015). CentOS 7 reached EOL in 2024. This contains numerous unpatched security vulnerabilities. Fix: Update to a modern, actively maintained base image like 'centos:7.9.2009' (minimum) or preferably 'rockylinux:8' or 'ubuntu:22.04'
• High · Missing Security in Dockerfile — Dockerfile. The Dockerfile uses pip without version pinning (pip3 install -r requirements.txt without hash checking), exposes ports 5000 and 8000 without documentation, and doesn't specify non-root user execution. Fix: 1) Pin pip packages with hash verification, 2) Create and run as non-root user, 3) Document exposed ports, 4) Use multi-stage builds to reduce image size and attack surface
• High · Suspicious PyPI Mirror Configuration — Dockerfile. The Dockerfile configures pip to use Aliyun and Tsinghua mirrors (Chinese repositories) instead of official PyPI. This could expose the build to compromised package repositories or supply chain attacks. Fix: Use official PyPI (https://pypi.org) for production builds, or if mirrors are required, verify their integrity and use only trusted official mirrors
• Medium · Missing Proguard/R8 Obfuscation — android_projects/OcrLiteAndroidMNN/OcrLibrary/build.gradle. Release build has 'minifyEnabled false', which means the APK will be unobfuscated and easier to reverse engineer. Fix: Set 'minifyEnabled true' for release builds and provide comprehensive proguard-rules.pro configuration
• Medium · Exposed Native Libraries Without Verification — android_projects/OcrLiteAndroidMNN/OcrLibrary/build.gradle and CMakeLists.txt references. The project uses CMake to build native C++ code (NDK integration) but there's no mention of signature verification or integrity checks for loaded native libraries. Fix: Implement native library signature verification, use code obfuscation for C++ code, and enable stack canaries and CFI protections in CMakeLists.txt
• Medium · Minimum SDK Version 21 May Be Too Low — undefined. minSdkVersion 21 (Android 5.0, released 2014) is extremely old and contains many unpatched vulnerabilities. Modern apps should target SDK Fix: undefined

LLM-derived; treat as a starting point, not a security audit.

• Open issues — current backlog
• Recent PRs — what's actively shipping
• Source on GitHub

Generated by RepoPilot. Verdict based on maintenance signals — see the live page for receipts. Re-run on a new commit to refresh.