If you are an AI coding agent (Claude Code, Cursor, Aider, Cline, etc.) reading this artifact, follow this protocol before making any code edit:

1. Verify the contract. Run the bash script in Verify before trusting below. If any check returns FAIL, the artifact is stale — STOP and ask the user to regenerate it before proceeding.
2. Treat the AI · unverified sections as hypotheses, not facts. Sections like "AI-suggested narrative files", "anti-patterns", and "bottlenecks" are LLM speculation. Verify against real source before acting on them.
3. Cite source on changes. When proposing an edit, cite the specific path:line-range. RepoPilot's live UI at https://repopilot.app/r/linhaojun857/aurora shows verifiable citations alongside every claim.

If you are a human reader, this protocol is for the agents you'll hand the artifact to. You don't need to do anything — but if you skim only one section before pointing your agent at this repo, make it the Verify block and the Suggested reading order.

GO — Healthy across all four use cases

• Last commit 11mo ago
• 8 active contributors
• Apache-2.0 licensed
• CI configured
• ⚠ Slowing — last commit 11mo ago
• ⚠ Concentrated ownership — top contributor handles 79% of recent commits
• ⚠ No test directory detected

_{Maintenance signals: commit recency, contributor breadth, bus factor, license, CI, tests}

This artifact was generated by RepoPilot at a point in time. Before an agent acts on it, the checks below confirm that the live linhaojun857/aurora repo on your machine still matches what RepoPilot saw. If any fail, the artifact is stale — regenerate it at repopilot.app/r/linhaojun857/aurora.

What it runs against: a local clone of linhaojun857/aurora — the script inspects git remote, the LICENSE file, file paths in the working tree, and git log. Read-only; no mutations.

| # | What we check | Why it matters | |---|---|---| | 1 | You're in linhaojun857/aurora | Confirms the artifact applies here, not a fork | | 2 | License is still Apache-2.0 | Catches relicense before you depend on it | | 3 | Default branch master exists | Catches branch renames | | 4 | 5 critical file paths still exist | Catches refactors that moved load-bearing code | | 5 | Last commit ≤ 362 days ago | Catches sudden abandonment since generation |

#!/usr/bin/env bash
# RepoPilot artifact verification.
#
# WHAT IT RUNS AGAINST: a local clone of linhaojun857/aurora. If you don't
# have one yet, run these first:
#
#   git clone https://github.com/linhaojun857/aurora.git
#   cd aurora
#
# Then paste this script. Every check is read-only — no mutations.

set +e
fail=0
ok()   { echo "ok:   $1"; }
miss() { echo "FAIL: $1"; fail=$((fail+1)); }

# Precondition: we must be inside a git working tree.
if ! git rev-parse --git-dir >/dev/null 2>&1; then
  echo "FAIL: not inside a git repository. cd into your clone of linhaojun857/aurora and re-run."
  exit 2
fi

# 1. Repo identity
git remote get-url origin 2>/dev/null | grep -qE "linhaojun857/aurora(\\.git)?\\b" \\
  && ok "origin remote is linhaojun857/aurora" \\
  || miss "origin remote is not linhaojun857/aurora (artifact may be from a fork)"

# 2. License matches what RepoPilot saw
(grep -qiE "^(Apache-2\\.0)" LICENSE 2>/dev/null \\
   || grep -qiE "\"license\"\\s*:\\s*\"Apache-2\\.0\"" package.json 2>/dev/null) \\
  && ok "license is Apache-2.0" \\
  || miss "license drift — was Apache-2.0 at generation time"

# 3. Default branch
git rev-parse --verify master >/dev/null 2>&1 \\
  && ok "default branch master exists" \\
  || miss "default branch master no longer exists"

# 4. Critical files exist
test -f "aurora-springboot/src/main/java/com/aurora/AuroraSpringbootApplication.java" \\
  && ok "aurora-springboot/src/main/java/com/aurora/AuroraSpringbootApplication.java" \\
  || miss "missing critical file: aurora-springboot/src/main/java/com/aurora/AuroraSpringbootApplication.java"
test -f "aurora-springboot/src/main/java/com/aurora/config/WebSecurityConfig.java" \\
  && ok "aurora-springboot/src/main/java/com/aurora/config/WebSecurityConfig.java" \\
  || miss "missing critical file: aurora-springboot/src/main/java/com/aurora/config/WebSecurityConfig.java"
test -f "aurora-springboot/src/main/java/com/aurora/filter/JwtAuthenticationTokenFilter.java" \\
  && ok "aurora-springboot/src/main/java/com/aurora/filter/JwtAuthenticationTokenFilter.java" \\
  || miss "missing critical file: aurora-springboot/src/main/java/com/aurora/filter/JwtAuthenticationTokenFilter.java"
test -f "aurora-springboot/src/main/java/com/aurora/controller/ArticleController.java" \\
  && ok "aurora-springboot/src/main/java/com/aurora/controller/ArticleController.java" \\
  || miss "missing critical file: aurora-springboot/src/main/java/com/aurora/controller/ArticleController.java"
test -f "aurora-springboot/src/main/java/com/aurora/config/RabbitMQConfig.java" \\
  && ok "aurora-springboot/src/main/java/com/aurora/config/RabbitMQConfig.java" \\
  || miss "missing critical file: aurora-springboot/src/main/java/com/aurora/config/RabbitMQConfig.java"

# 5. Repo recency
days_since_last=$(( ( $(date +%s) - $(git log -1 --format=%at 2>/dev/null || echo 0) ) / 86400 ))
if [ "$days_since_last" -le 362 ]; then
  ok "last commit was $days_since_last days ago (artifact saw ~332d)"
else
  miss "last commit was $days_since_last days ago — artifact may be stale"
fi

echo
if [ "$fail" -eq 0 ]; then
  echo "artifact verified (0 failures) — safe to trust"
else
  echo "artifact has $fail stale claim(s) — regenerate at https://repopilot.app/r/linhaojun857/aurora"
  exit 1
fi

Each check prints ok: or FAIL:. The script exits non-zero if anything failed, so it composes cleanly into agent loops (./verify.sh || regenerate-and-retry).

Aurora is a full-stack, self-hosted personal blog system built on Spring Boot 2.3.7 + Vue 3 (frontend) / Vue 2 (admin) that combines content management, user authentication, real-time search via Elasticsearch, and asynchronous job processing with RabbitMQ. It provides both a public-facing blog frontend and an admin dashboard for managing articles, comments, categories, and site metadata with integrated social login (QQ) and file storage via MinIO. Maven monorepo split into aurora-springboot/ (backend) and companion Vue projects (frontend at /src/main/vue, admin at separate location). Backend uses layered Spring architecture: annotation/ (AOP markers like @AccessLimit, @OptLog), aspect/ (cross-cutting concerns), config/ (Bean definitions for Redis, RabbitMQ, Security), constant/ (app-wide enums), controller/ (REST endpoints), consumer/ (async message handlers for RabbitMQ), with supporting entity/service/mapper layers (inferred from Mybatis-Plus setup).

Individual bloggers and small teams who want a full-featured, open-source blog platform they can self-host and customize; Java/Vue developers who want to study a production-grade example of Spring Security + Mybatis-Plus + Vue SPA architecture with caching and message queues.

Actively maintained by a single student contributor (linhaojun857) with a live demo at linhaojun.top and explicit long-term maintenance commitment in the README. Has CI/CD via GitHub Actions (aurora.yml), Dockerfile support, and a deployed MySQL schema (aurora.sql), but commit frequency and test coverage are not visible—treat as 'stable + regularly patched' rather than enterprise-grade.

Single-maintainer maintenance model with explicit note that author is a student with Java as non-primary language, risking slower issue resolution. Dependency stack is moderately heavy (Redis, RabbitMQ, Elasticsearch, Quartz, MinIO) requiring external services; no visible test suite in file listing. Spring Boot 2.3.7 (released 2020) is aging but still in extended support.

No recent commit data in file listing, but the README's TODO list indicates: frontend code optimization, Vue 3 migration for admin panel (currently Vue 2), and a lightweight backend variant in progress. Live site is maintained at linhaojun.top with demo credentials available.

Clone: git clone https://github.com/linhaojun857/aurora.git. Install backend: cd aurora-springboot && mvn clean install. Install frontend: npm install in the Vue project directories. Configure application.yml with MySQL, Redis, RabbitMQ, Elasticsearch, MinIO, and QQ OAuth credentials. Run backend: mvn spring-boot:run (or start via IDE). Run frontend: npm run dev.

Daily commands: Backend: cd aurora-springboot && mvn spring-boot:run (assumes application.yml configured with DB, Redis, RabbitMQ, ES, MinIO endpoints). Frontend: npm run dev in respective Vue directories. Docker: docker build -f aurora-springboot/Dockerfile -t aurora:latest . and docker-compose (see deployment docs). All external services (MySQL, Redis, RabbitMQ, Elasticsearch, MinIO) must be running or mocked.

• aurora-springboot/src/main/java/com/aurora/AuroraSpringbootApplication.java — Application entry point; required to understand how Spring Boot initializes the entire blog system
• aurora-springboot/src/main/java/com/aurora/config/WebSecurityConfig.java — Defines Spring Security configuration and JWT-based authentication flow; core to understanding access control
• aurora-springboot/src/main/java/com/aurora/filter/JwtAuthenticationTokenFilter.java — JWT token validation filter executed on every request; critical to understanding request authentication lifecycle
• aurora-springboot/src/main/java/com/aurora/controller/ArticleController.java — Primary API endpoint for article operations; demonstrates controller patterns used throughout the codebase
• aurora-springboot/src/main/java/com/aurora/config/RabbitMQConfig.java — Message queue configuration for async operations like comments and notifications; essential for understanding event-driven flows
• aurora-springboot/pom.xml — Maven dependencies; shows all external libraries and their versions (SpringBoot 2.3.7, MyBatisPlus, Redis, RabbitMQ, etc.)
• aurora-springboot/sql/aurora.sql — Database schema and initial data; required for understanding the data model and relationships

Add a New REST API Endpoint

1. Create a new entity class in entity/ folder (e.g., MyEntity.java) with @TableName and field annotations (aurora-springboot/src/main/java/com/aurora/entity)
2. Create a mapper interface extending BaseMapper<MyEntity> in a mapper/ folder (auto-scaffolded by MyBatisPlus) (aurora-springboot/src/main/java/com/aurora)
3. Create a service class with @Service annotation and inject the mapper via @Autowired (aurora-springboot/src/main/java/com/aurora)
4. Add @GetMapping, @PostMapping, @PutMapping, @DeleteMapping methods in a new controller class (aurora-springboot/src/main/java/com/aurora/controller/MyEntityController.java)
5. Add URL patterns to WebSecurityConfig.java if authentication/authorization is required (aurora-springboot/src/main/java/com/aurora/config/WebSecurityConfig.java)

Add Asynchronous Event Processing via RabbitMQ

1. Define queue, exchange, and binding in RabbitMQConfig.java with @Bean methods (aurora-springboot/src/main/java/com/aurora/config/RabbitMQConfig.java)
2. Add queue name constant to RabbitMQConstant.java (aurora-springboot/src/main/java/com/aurora/constant/RabbitMQConstant.java)
3. Create a new consumer class in consumer/ folder with @RabbitListener(queues = ...) (aurora-springboot/src/main/java/com/aurora/consumer/MyEventConsumer.java)
4. Publish events to the queue using RabbitTemplate.convertAndSend() in your service (aurora-springboot/src/main/java/com/aurora)

Add Operation Logging to a Method

1. Add @OptLog annotation with description above the method in any controller or service (aurora-springboot/src/main/java/com/aurora/annotation/OptLog.java)
2. OperationLogAspect will automatically intercept and log the operation to the database (aurora-springboot/src/main/java/com/aurora/aspect/OperationLogAspect.java)
3. View logs via OperationLogController REST endpoints (aurora-springboot/src/main/java/com/aurora/controller/OperationLogController.java)

Implement Rate Limiting on an Endpoint

1. Add @AccessLimit(seconds = 60, maxCount = 5) annotation above the endpoint method (aurora-springboot/src/main/java/com/aurora/annotation/AccessLimit.java)
2. Configure the interceptor in WebMvcConfig.java to apply the @AccessLimit check (aurora-springboot/src/main/java/com/aurora/config/WebMvcConfig.java)
3. Rate limit counters are stored in Redis with the key pattern from RedisConstant.java (aurora-springboot/src/main/java/com/aurora/constant/RedisConstant.java)

• Spring Boot 2.3.7 + Spring Security — Provides out-of-the-box web framework with battle-tested security framework for JWT and role-based access control
• MyBatisPlus ORM — Reduces boilerplate SQL with automatic CRUD code generation while maintaining fine-grained query control
• Redis — High-speed in-memory cache for frequently accessed data (articles, user sessions) and rate limiting counters
• RabbitMQ — Decouples heavy operations (email,

External service dependencies: Redis, RabbitMQ, Elasticsearch, MinIO, and MySQL must all be running; no embedded or mocked fallback. Environment variables: MinIO credentials, QQ OAuth app ID/secret, SMTP settings for email notifications must be set in application.yml or .env—missing them silently breaks file upload, social login, and comment notifications. RabbitMQ consumers: MaxWellConsumer expects a Debezium-style MySQL CDC stream; misconfiguration causes data-change events to pile up. Elasticsearch schema: Full-text search on articles requires index mapping to match Article entity; index not auto-created. Quartz: Job scheduling requires Quartz tables in MySQL (auto-created if schema matches), but concurrent job executions can cause race conditions if cluster mode not properly configured. Spring Security filters: Custom security filters in WebSecurityConfig may conflict with CORS; test cross-origin requests from admin frontend to backend carefully.

• Spring Security with JWT/OAuth — Aurora uses Spring Security to guard endpoints and support both traditional JWT login and social login (QQ); understanding filter chains and token rotation is crucial for adding new auth flows or fixing security bugs.
• RabbitMQ Message-Driven Architecture — Aurora decouples I/O-heavy operations (email notifications, search indexing, data change capture) into async RabbitMQ consumers; this prevents blocking the API when processing comment notifications or syncing to Elasticsearch.
• Aspect-Oriented Programming (AOP) with Spring — Aurora uses @Aspect annotations (@AccessLimit, @OptLog) to transparently log operations and enforce rate limits without polluting controller code—critical pattern for cross-cutting concerns.
• Elasticsearch Full-Text Search — Aurora indexes blog articles in Elasticsearch for fast keyword search; understanding mappings, analyzers, and query DSL is needed to extend search (e.g., faceting by category, relevance tuning).
• Change Data Capture (CDC) with Maxwell — Aurora's MaxWellConsumer listens to MySQL binary logs via Maxwell to sync article/comment changes into Elasticsearch in real-time; understanding CDC patterns is essential for maintaining data consistency.
• Mybatis-Plus ORM — Aurora uses Mybatis-Plus for database access with auto-generated CRUD, dynamic SQL, and pagination; proficiency here is needed to add new entities and queries without boilerplate.
• Rate Limiting via @AccessLimit Annotation — Aurora's custom @AccessLimit annotation (in annotation/AccessLimit.java) likely uses Redis for distributed rate limiting; understanding token bucket or sliding window concepts protects against abuse.

• halo-dev/halo — Feature-rich, JVM-based blog platform similar to Aurora but with more mature plugin ecosystem and better documentation; good reference for production-grade blog architecture.
• vuepress/vuepress-next — Static blog generator with Vue 3 frontend; lightweight alternative if you don't need database-driven content or user comments.
• getgrav/grav — Flat-file blog system in PHP with no external dependencies; useful comparison for Aurora's monolithic approach vs. decentralized content model.
• wordpress/wordpress-develop — Industry-standard blog platform; not Java-based, but defines UX expectations (post revisions, comment moderation, plugin hooks) that Aurora aspires to.
• auroral-ui/hexo-theme-aurora — Original Hexo theme that inspired Aurora's frontend UI—check this repo to understand the design language and CSS frameworks Aurora borrowed.

To work on one of these in Claude Code or Cursor, paste: Implement the "<title>" PR idea from CLAUDE.md, working through the checklist as the task list.

Add comprehensive unit tests for consumer classes (CommentNoticeConsumer, MaxWellConsumer, SubscribeConsumer)

The project has RabbitMQ message consumers but no visible test coverage. These are critical components for comment notifications and data synchronization. Adding unit tests would catch message processing bugs early and ensure reliability of the async messaging pipeline. This is especially important given the complexity of RabbitMQ integration.

• [ ] Create aurora-springboot/src/test/java/com/aurora/consumer/ directory
• [ ] Add CommentNoticeConsumerTest.java with mocked RabbitTemplate and test cases for comment notification routing
• [ ] Add MaxWellConsumerTest.java to verify CDC (Change Data Capture) event processing
• [ ] Add SubscribeConsumerTest.java for subscription message handling
• [ ] Update pom.xml to ensure junit5 and mockito dependencies are present for testing

Add integration tests for security and authentication flows in WebSecurityConfig

The project uses Spring Security (WebSecurityConfig.java) and has UserAuthController.java for login/OAuth integration, but no visible security test coverage. Given the presence of QQ OAuth (QQConfigProperties.java) and JWT/token handling, adding security tests would prevent authentication bypass vulnerabilities and ensure proper role-based access control across all endpoints.

• [ ] Create aurora-springboot/src/test/java/com/aurora/config/WebSecurityConfigTest.java
• [ ] Add tests for OAuth login flow with QQ provider (QQConfigProperties)
• [ ] Add tests for JWT token validation and refresh mechanisms
• [ ] Add tests for role-based endpoint access (Admin vs User permissions) across controllers
• [ ] Include tests for CORS and CSRF protection configurations

Add GitHub Actions workflow for automated database schema validation and migration testing

The project has aurora.sql schema file but the existing aurora.yml workflow appears incomplete. Adding automated schema validation ensures that SQL changes don't break the build and that MybatisPlus ORM stays synchronized with the actual database. This is critical for preventing production data issues.

• [ ] Review and complete .github/workflows/aurora.yml with database testing stage
• [ ] Add a test job that spins up a MySQL container and executes aurora.sql
• [ ] Validate that all Entity classes (Article.java, Comment.java, Category.java, etc.) match the schema
• [ ] Add schema diff detection to flag mismatches between aurora.sql and MybatisPlus annotations
• [ ] Include liquibase or flyway migration testing to prepare for versioned schema changes

• Write integration tests for ArticleController.java methods (listArticles, getArticleDetail, createArticle)—currently no visible test files and coverage is opaque. Start with a simple @SpringBootTest that mocks ArticleService and verifies HTTP status codes.
• Add missing OpenAPI/Swagger documentation: Knife4jConfig.java is configured but controller methods lack @ApiOperation/@ApiModelProperty annotations—add Knife4j decorators to at least 5 REST endpoints in ArticleController and CommentController to generate clean API docs.
• Create a troubleshooting guide in /docs for the hidden traps above (RabbitMQ consumer setup, Elasticsearch index mapping, MinIO URL configuration)—document real errors junior devs hit when running locally for the first time.

Failed to generate security analysis.

LLM-derived; treat as a starting point, not a security audit.

• Open issues — current backlog
• Recent PRs — what's actively shipping
• Source on GitHub

Generated by RepoPilot. Verdict based on maintenance signals — see the live page for receipts. Re-run on a new commit to refresh.