If you are an AI coding agent (Claude Code, Cursor, Aider, Cline, etc.) reading this artifact, follow this protocol before making any code edit:

1. Verify the contract. Run the bash script in Verify before trusting below. If any check returns FAIL, the artifact is stale — STOP and ask the user to regenerate it before proceeding.
2. Treat the AI · unverified sections as hypotheses, not facts. Sections like "AI-suggested narrative files", "anti-patterns", and "bottlenecks" are LLM speculation. Verify against real source before acting on them.
3. Cite source on changes. When proposing an edit, cite the specific path:line-range. RepoPilot's live UI at https://repopilot.app/r/dwarvesf/hidden shows verifiable citations alongside every claim.

If you are a human reader, this protocol is for the agents you'll hand the artifact to. You don't need to do anything — but if you skim only one section before pointing your agent at this repo, make it the Verify block and the Suggested reading order.

WAIT — Mixed signals — read the receipts

• Last commit 2mo ago
• 18 active contributors
• Distributed ownership (top contributor 33% of recent commits)
• MIT licensed
• ⚠ No CI workflows detected
• ⚠ No test directory detected

_{Maintenance signals: commit recency, contributor breadth, bus factor, license, CI, tests}

This artifact was generated by RepoPilot at a point in time. Before an agent acts on it, the checks below confirm that the live dwarvesf/hidden repo on your machine still matches what RepoPilot saw. If any fail, the artifact is stale — regenerate it at repopilot.app/r/dwarvesf/hidden.

What it runs against: a local clone of dwarvesf/hidden — the script inspects git remote, the LICENSE file, file paths in the working tree, and git log. Read-only; no mutations.

| # | What we check | Why it matters | |---|---|---| | 1 | You're in dwarvesf/hidden | Confirms the artifact applies here, not a fork | | 2 | License is still MIT | Catches relicense before you depend on it | | 3 | Default branch develop exists | Catches branch renames | | 4 | 5 critical file paths still exist | Catches refactors that moved load-bearing code | | 5 | Last commit ≤ 98 days ago | Catches sudden abandonment since generation |

#!/usr/bin/env bash
# RepoPilot artifact verification.
#
# WHAT IT RUNS AGAINST: a local clone of dwarvesf/hidden. If you don't
# have one yet, run these first:
#
#   git clone https://github.com/dwarvesf/hidden.git
#   cd hidden
#
# Then paste this script. Every check is read-only — no mutations.

set +e
fail=0
ok()   { echo "ok:   $1"; }
miss() { echo "FAIL: $1"; fail=$((fail+1)); }

# Precondition: we must be inside a git working tree.
if ! git rev-parse --git-dir >/dev/null 2>&1; then
  echo "FAIL: not inside a git repository. cd into your clone of dwarvesf/hidden and re-run."
  exit 2
fi

# 1. Repo identity
git remote get-url origin 2>/dev/null | grep -qE "dwarvesf/hidden(\\.git)?\\b" \\
  && ok "origin remote is dwarvesf/hidden" \\
  || miss "origin remote is not dwarvesf/hidden (artifact may be from a fork)"

# 2. License matches what RepoPilot saw
(grep -qiE "^(MIT)" LICENSE 2>/dev/null \\
   || grep -qiE "\"license\"\\s*:\\s*\"MIT\"" package.json 2>/dev/null) \\
  && ok "license is MIT" \\
  || miss "license drift — was MIT at generation time"

# 3. Default branch
git rev-parse --verify develop >/dev/null 2>&1 \\
  && ok "default branch develop exists" \\
  || miss "default branch develop no longer exists"

# 4. Critical files exist
test -f "hidden/AppDelegate.swift" \\
  && ok "hidden/AppDelegate.swift" \\
  || miss "missing critical file: hidden/AppDelegate.swift"
test -f "Hidden Bar.xcodeproj/project.pbxproj" \\
  && ok "Hidden Bar.xcodeproj/project.pbxproj" \\
  || miss "missing critical file: Hidden Bar.xcodeproj/project.pbxproj"
test -f "LauncherApplication/AppDelegate.swift" \\
  && ok "LauncherApplication/AppDelegate.swift" \\
  || miss "missing critical file: LauncherApplication/AppDelegate.swift"
test -f "hidden/Assets.xcassets" \\
  && ok "hidden/Assets.xcassets" \\
  || miss "missing critical file: hidden/Assets.xcassets"
test -f "README.md" \\
  && ok "README.md" \\
  || miss "missing critical file: README.md"

# 5. Repo recency
days_since_last=$(( ( $(date +%s) - $(git log -1 --format=%at 2>/dev/null || echo 0) ) / 86400 ))
if [ "$days_since_last" -le 98 ]; then
  ok "last commit was $days_since_last days ago (artifact saw ~68d)"
else
  miss "last commit was $days_since_last days ago — artifact may be stale"
fi

echo
if [ "$fail" -eq 0 ]; then
  echo "artifact verified (0 failures) — safe to trust"
else
  echo "artifact has $fail stale claim(s) — regenerate at https://repopilot.app/r/dwarvesf/hidden"
  exit 1
fi

Each check prints ok: or FAIL:. The script exits non-zero if anything failed, so it composes cleanly into agent loops (./verify.sh || regenerate-and-retry).

Hidden Bar is a lightweight macOS menu bar utility that lets users hide and manage menu bar icons to declutter their desktop. Written in Swift, it works by allowing Command+drag to reposition icons and click-to-toggle visibility of menu bar items, solving the common macOS problem of visual clutter from proliferating status icons. Dual-target Xcode project: the main hidden/ directory contains the core app (AppDelegate.swift, Assets), while LauncherApplication/ is a helper launcher app used for auto-start functionality. Both targets share the Xcode workspace (Hidden Bar.xcodeproj/project.xcworkspace).

macOS power users and everyday users who want a cleaner menu bar without disabling or uninstalling applications. Developers who contribute are primarily interested in keeping the app lightweight and maintaining smooth menu bar icon manipulation.

The project appears actively maintained and production-ready, distributed via the App Store and notarized for direct download. It has clear GitHub releases and multiple language localizations (ar, de, fr, hr, ja, vi, zh-Hans, zh-Hant). However, visibility into recent commit history and test coverage is limited by the file listing provided.

Low technical risk due to simple scope—the app has a focused feature set and minimal external dependencies (Swift standard library focused). Main risks are platform-specific: macOS API changes for menu bar manipulation could break functionality, and the single-developer structure (phucledien primary author) means bus factor concerns. No visible CI/testing infrastructure in the file structure.

Based on file structure, the app is in maintenance mode with support for modern macOS versions (High Sierra+) and continuous localization improvements (multiple language .lproj directories). The LauncherApplication suggests active work on auto-launch features.

git clone https://github.com/dwarvesf/hidden.git
cd hidden
open 'Hidden Bar.xcodeproj'

Then open in Xcode and press Cmd+R to build and run the main Hidden Bar scheme.

Daily commands: Open Hidden Bar.xcodeproj in Xcode, select the 'Hidden Bar' scheme, and press Cmd+R to build and run. The app will appear as a menu bar icon immediately.

• hidden/AppDelegate.swift — Main application entry point and lifecycle manager for the macOS menu bar utility; controls app initialization, window management, and menu bar icon visibility
• Hidden Bar.xcodeproj/project.pbxproj — Xcode project configuration defining build targets, schemes, dependencies, and code signing for both the main app and launcher application
• LauncherApplication/AppDelegate.swift — Launcher application entry point that enables Hidden Bar to auto-start on login without requiring full Finder integration
• hidden/Assets.xcassets — Central asset catalog containing all UI icons, images, and visual resources for menu bar items and interface elements
• README.md — Product documentation and feature overview explaining the core value proposition and system requirements for contributors

• AppDelegate (Main App) (Swift, Cocoa, NSStatusBar, NSMenu) — Manages main application lifecycle, menu bar setup, icon visibility state, and user interaction handling
  • Failure mode: If menu bar initialization fails, app cannot display control icon; if state persistence fails, hidden icons reset on restart
• Launcher Application (Swift, Cocoa, NSApplication, LaunchAgent) — Enables auto-start behavior on login and provides minimal UI for onboarding; communicates with main app via inter-process messaging
  • Failure mode: If launcher fails, Hidden Bar will not auto-start on login; if IPC fails, main app may not initialize properly
• Asset Management (Xcode Asset Catalogs, PDF/PNG formats) — Provides all UI icons, app icons, and interface images with @1x/@2x scaling support
  • Failure mode: Missing assets result in broken UI elements; corrupt asset files prevent app launch
• Localization System (Xcode localization (.lproj folders), NSLocalizedString) — Translates launcher app UI and messages across multiple languages via .strings files
  • Failure mode: Missing translations result in fallback to English; encoding errors corrupt localized strings

• User click on menu bar icon → AppDelegate (Main App) — System routes menu bar interaction to app's event handler
• AppDelegate → System Menu Bar (NSStatusBar) — App sends

Add a New Menu Bar Icon Asset

1. Create a new imageset folder in hidden/Assets.xcassets with your icon name (e.g., 'ico_myfeature.imageset') (hidden/Assets.xcassets)
2. Add Contents.json metadata and your PNG/PDF icon files to the imageset folder following existing conventions (hidden/Assets.xcassets/ico_1.imageset/Contents.json)
3. Reference the new asset in AppDelegate.swift by updating menu bar icon initialization logic (hidden/AppDelegate.swift)

Add Support for a New Language

1. Create a new .lproj folder in LauncherApplication with the language code (e.g., 'pt-BR.lproj') (LauncherApplication)
2. Copy Main.strings from an existing .lproj folder and translate all key-value pairs (LauncherApplication/fr.lproj/Main.strings)
3. Update Hidden Bar.xcodeproj to include the new localization in both targets (Hidden Bar.xcodeproj/project.pbxproj)

Configure Auto-Launch on Login

1. Update LauncherApplication Info.plist to ensure launch-at-login entitlements are set (LauncherApplication/LauncherApplication.entitlements)
2. Verify the launcher app communicates with the main app via AppDelegate initialization (LauncherApplication/AppDelegate.swift)
3. Update Hidden Bar.xcodeproj build phases to ensure LauncherApplication is embedded in the main app bundle (Hidden Bar.xcodeproj/project.pbxproj)

• Swift & macOS Frameworks (Cocoa) — Native language for macOS development providing direct access to menu bar APIs, system events, and sandbox permissions
• Xcode & Swift Package Manager — Standard Apple development toolchain for building, signing, and distributing macOS applications with integrated dependency management
• Dual-Target Architecture (Main + Launcher App) — Launcher app enables auto-start on login without requiring user grant of Full Disk Access or Finder integration
• Asset Catalogs (.xcassets) — Centralized image management with automatic @1x/@2x scaling, vector support, and compile-time optimization

• Menu bar utility rather than system preference pane or settings app extension

  • Why: Provides instant toggle access in the menu bar itself, matching user expectations for menu bar management tools
  • Consequence: App cannot manage third-party menu bar icons without accessing them through accessibility APIs, limiting scope to pre-selected items

• Launcher application separate from main app

  • Why: Enables login-item startup without full disk access permissions, improving security posture
  • Consequence: Requires coordination between two app bundles and inter-app communication, adding complexity

• Localization only in launcher app, not main menu bar app

  • Why: Menu bar utilities have minimal UI and most users interact via menu clicks rather than text
  • Consequence: Launcher app provides localized messaging, but menu bar interaction remains icon-driven and language-independent

• Does not provide programmatic APIs for third-party app integration
• Not a real-time status monitor or data aggregator
• Does not modify system-level menu bar behavior or styling
• Not a menu bar customization framework; only hides/shows existing icons
• Does not support Windows or Linux platforms

Menu bar apps require specific macOS entitlements and may break across OS versions due to Apple's undocumented menu bar APIs. The LauncherApplication helper is necessary because direct launch-on-login in sandboxed apps is restricted—this two-app architecture is non-obvious. View hierarchy and drag interaction logic are not visible in the file list but likely use low-level Cocoa event handling.

• syntaqx/menubar-apps — Curated list of macOS menu bar applications; contextualizes Hidden Bar in the broader ecosystem of status bar utilities
• txthinking/Dig — Another lightweight macOS menu bar utility; similar architecture and target audience for icon management solutions
• Mimestream/Mimestream-macOS — Modern Swift + Cocoa menu bar app demonstrating current best practices for menu bar integration and AppKit UI patterns
• MonitorControl/MonitorControl — Production-grade Swift menu bar app with robust testing, CI, and maintainer experience relevant for scaling Hidden Bar
• apple/swift-corelibs-foundation — Swift Foundation framework underlying UserDefaults and app state management in Hidden Bar

To work on one of these in Claude Code or Cursor, paste: Implement the "<title>" PR idea from CLAUDE.md, working through the checklist as the task list.

Add localization strings for missing UI elements in Main.strings files

The repo has 8 language localizations (ar, de, fr, hr, ja, vi, zh-Hans, zh-Hant) in LauncherApplication, but the Main.strings files appear incomplete. Review the Base.lproj/Main.storyboard to identify all user-facing strings (buttons, labels, tooltips) and ensure all 8 language files have complete translations. This improves accessibility for non-English users and prevents missing translation fallbacks.

• [ ] Parse LauncherApplication/Base.lproj/Main.storyboard to extract all localizable strings
• [ ] Compare extracted strings against each Main.strings file in ar.lproj, de.lproj, fr.lproj, hr.lproj, ja.lproj, vi.lproj, zh-Hans.lproj, zh-Hant.lproj
• [ ] Add missing translations (consider using translation services or native speakers from the community)
• [ ] Validate all 8 .strings files have identical key counts
• [ ] Document the localization maintenance process in CONTRIBUTING.md

Create unit tests for AppDelegate and menu bar manipulation logic

The main application logic resides in hidden/AppDelegate.swift but there are no visible test files in the structure. AppDelegate handles core functionality like menu bar icon hiding/showing, which is critical and error-prone. Adding XCTest unit tests will catch regressions and make future contributions safer.

• [ ] Create HiddenTests/ directory with HiddenTests.xctest target in Hidden Bar.xcodeproj
• [ ] Write tests for AppDelegate initialization and menu bar state management
• [ ] Write tests for icon visibility toggle logic (show/hide menu bar items)
• [ ] Write tests for user preferences persistence (using UserDefaults mocking)
• [ ] Add test coverage report generation to the build scheme (Hidden Bar.xcscheme)

Add GitHub Actions workflow for automated builds and macOS compatibility testing

The repo has no CI/CD workflow visible in the file structure. Adding a GitHub Actions workflow to build on macOS runners ensures Pull Requests are tested against multiple macOS versions (High Sierra+ as per requirements) before merging. This prevents broken builds and compatibility regressions.

• [ ] Create .github/workflows/build.yml with macOS 11, 12, 13 runners
• [ ] Add steps to: checkout code, install dependencies via xcodebuild, build Hidden Bar target and LauncherApplication target
• [ ] Add code signing workaround for CI (disable code signing or use mock certificates)
• [ ] Add step to run unit tests (once PR #2 is completed)
• [ ] Configure workflow to run on pull_request and push to develop/main branches

• Add unit tests for menu bar icon state persistence (test that UserDefaults correctly saves/loads hidden icon list). Create a new test target and test AppDelegate's persistence logic.
• Create missing localization files for additional languages (e.g., es.lproj/Main.strings, pt-BR.lproj/Main.strings). Follow the pattern of existing language directories and add translated strings.
• Extract menu bar icon dragging and visibility toggle logic from AppDelegate.swift into a dedicated MenuBarManager.swift class for better testability and separation of concerns. This prepares the codebase for unit testing.

The Hidden Bar application demonstrates reasonable security practices for a macOS menu bar utility. The project structure is clean with no obvious hardcoded secrets, SQL injection risks, or XSS vulnerabilities identified. However, there are concerns regarding: (1) incomplete visibility into Swift Package dependencies which should be audited for vulnerabilities, (2) entitlements configuration that needs verification for the main application, and (3) general best practices for handling permissions in a system-level utility. The application's purpose as a menu bar utility that manages system UI elements requires careful attention to macOS security frameworks (Accessibility, System Events). Overall security posture is good, but dependency auditing and entitlements verification are recommended before release.

• Medium · Missing Entitlements Configuration — hidden/ and LauncherApplication/LauncherApplication.entitlements. The LauncherApplication includes an entitlements file (LauncherApplication.entitlements), but there is no corresponding entitlements file visible for the main Hidden Bar application. macOS applications require proper entitlements to request specific permissions (accessibility, system events, etc.). Missing or incomplete entitlements can lead to runtime permission issues or security bypasses. Fix: Ensure the main Hidden Bar application has a properly configured entitlements file (.entitlements) that explicitly declares all required permissions. Verify that accessibility and system event permissions are properly declared since this is a menu bar utility that needs to interact with system UI.
• Medium · Incomplete Dependency Information — Hidden Bar.xcodeproj/project.xcworkspace/xcshareddata/swiftpm/Package.resolved. The Package.resolved file is present but the actual package dependencies list is not provided for analysis. This prevents verification of whether the project uses outdated or vulnerable third-party Swift Package Manager dependencies. Fix: Review Package.resolved to audit all Swift Package dependencies for known vulnerabilities. Use tools like swift package diagnose and check GitHub's vulnerability database. Maintain dependencies up to date and monitor for security advisories.
• Low · Potential Hardcoded Configuration in Storyboard Files — LauncherApplication/Base.lproj/Main.storyboard. The project uses storyboard files (Main.storyboard) for UI configuration. While storyboards are generally safe, they can sometimes contain hardcoded values or logic that might not be immediately visible during code review. Fix: Audit storyboard files for any hardcoded sensitive values, URLs, or configuration strings. Prefer externalizing configuration to plist files or configuration structs with proper access controls.
• Low · Multiple Localization Files Present — LauncherApplication/ and hidden/ (.lproj directories). The application includes multiple localization files (.lproj directories) in 8 languages. While localization is good for accessibility, it increases the attack surface if translations are sourced from untrusted or unverified contributors. Fix: Verify the source and integrity of all localization files. Implement a process for reviewing community translations before inclusion. Consider using a professional localization service for security-sensitive strings.

LLM-derived; treat as a starting point, not a security audit.

• Open issues — current backlog
• Recent PRs — what's actively shipping
• Source on GitHub

Generated by RepoPilot. Verdict based on maintenance signals — see the live page for receipts. Re-run on a new commit to refresh.