CN111967017A - Method and device for generating dependency relationship, terminal equipment and storage medium - Google Patents
Method and device for generating dependency relationship, terminal equipment and storage medium Download PDFInfo
- Publication number
- CN111967017A CN111967017A CN202010740003.4A CN202010740003A CN111967017A CN 111967017 A CN111967017 A CN 111967017A CN 202010740003 A CN202010740003 A CN 202010740003A CN 111967017 A CN111967017 A CN 111967017A
- Authority
- CN
- China
- Prior art keywords
- component
- components
- dependency relationship
- dependency
- information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/40—Transformation of program code
- G06F8/41—Compilation
- G06F8/43—Checking; Contextual analysis
- G06F8/433—Dependency analysis; Data or control flow analysis
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D10/00—Energy efficient computing, e.g. low power processors, power management or thermal management
Landscapes
- Engineering & Computer Science (AREA)
- General Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Computing Systems (AREA)
- Stored Programmes (AREA)
Abstract
The application provides a method and a device for generating a dependency relationship, terminal equipment and a storage medium, relates to the technical field of computers, and can effectively identify unknown components so as to generate the dependency relationship. The method comprises the following steps: identifying a plurality of components of the application program according to a preset identification strategy; if the component is identified successfully, acquiring the dependency relationship information of the component; if the component is identified to fail, analyzing the component by using a preset analysis strategy to acquire the dependency relationship information of the component; and generating a component dependency relationship library of the application program based on the dependency relationship information of the plurality of components.
Description
Technical Field
The present application belongs to the field of computer technologies, and in particular, to a method and an apparatus for generating a dependency relationship, a terminal device, and a storage medium.
Background
With the development of computer technology, various applications are often used to provide powerful functions to meet the needs of users. For this reason, there will be an intricate dependency relationship among the multiple components included in the application. Generally, in order to locate the dependency relationships of components found to contain a leak, some building tools are usually used to analyze the dependency relationships among multiple components existing in an application, for example, a building tool maven through which a specific command is executed to generate a text file identifying the dependency relationships among the components.
However, the existing building tool can only identify components existing in the public component library to generate corresponding dependency relationship information, but when an unknown component exists in a plurality of components to be identified, the building tool cannot identify the unknown component to generate a dependency relationship. Therefore, the existing dependency relationship identification mode cannot effectively identify unknown components, so that the dependency relationship cannot be generated, and the problem of small application range exists.
Disclosure of Invention
The embodiment of the application provides a method and a device for generating a dependency relationship, a terminal device and a storage medium, and aims to solve the problems that an existing dependency relationship identification mode cannot effectively identify an unknown component, so that the dependency relationship cannot be generated, and the application range is small.
In a first aspect, an embodiment of the present application provides a method for generating a dependency relationship, including:
identifying a plurality of components of the application program according to a preset identification strategy;
if the component is identified successfully, acquiring the dependency relationship information of the component;
if the component is identified to fail, analyzing the component by using a preset analysis strategy to acquire the dependency relationship information of the component;
and generating a component dependency relationship library of the application program based on the dependency relationship information of the plurality of components.
When the method for generating the dependency relationship is adopted and a plurality of components of the application program are identified according to a preset identification strategy, if the components are identified successfully, the dependency relationship information of the components is obtained; if the identification of the component fails, analyzing the component by using a preset analysis strategy, and effectively identifying an unknown component, so that the dependency relationship information of the unknown component can be obtained, and further, a component dependency relationship library of the application program is generated based on the dependency relationship information of a plurality of components. Therefore, the method for generating the dependency relationship can effectively identify the unknown component, so that the dependency relationship library is finally generated, and the application range is wider.
Optionally, before identifying the plurality of components of the application according to the preset identification policy, the method further includes:
confirming whether a target file exists in the application program; the target file is used for recording the dependency relationship among a plurality of components in the application program.
Optionally, the identifying a plurality of components of the application program according to the preset identification policy includes:
if the target file exists, identifying the dependency relationship among the components recorded in the target file according to the preset identification strategy;
and if the target file does not exist, traversing the plurality of components in the application program, and identifying the plurality of components according to the preset identification strategy.
Optionally, if the component is identified as failing, analyzing the component by using a preset analysis policy to obtain the dependency relationship information of the component, including:
if the component is identified to fail, analyzing the rest of the components by using a preset analysis strategy to obtain the dependency relationship information of the rest of the components; the remaining components include the component that failed to be identified and the component to be identified.
Optionally, before analyzing the component by using a preset analysis policy and acquiring the dependency relationship information of the component, the method further includes:
if the component is identified to fail, inquiring whether the component exists in a component dependency library or not through the component information of the component;
and if the component exists, acquiring the dependency relationship information of the component.
Optionally, the generating a component dependency relationship library of the application program based on the dependency relationship information of the plurality of components includes:
determining dependency relationship information of a plurality of the components with component conflict according to the component information of each component;
processing the component conflict by using a preset conflict processing strategy to obtain the dependency relationship information of a plurality of components without component conflict;
and generating a component dependency relationship library of the application program based on the dependency relationship information of the components without component conflict.
Optionally, the processing the component conflict by using a preset conflict processing policy includes:
acquiring the length of a dependency path of each component in each component dependency relationship information with component conflict;
determining the component with the minimum dependent path length in each group of conflict components as a target component;
and reconstructing the component dependency relationship with component conflict based on the target component to obtain the dependency relationship information of a plurality of components without component conflict.
In a second aspect, an embodiment of the present application provides an apparatus for generating a dependency relationship, including:
the identification module is used for identifying a plurality of components of the application program according to a preset identification strategy;
the first acquisition module is used for acquiring the dependency relationship information of the component if the component is identified successfully;
the second acquisition module is used for analyzing the component by using a preset analysis strategy to acquire the dependency relationship information of the component if the component is identified to be failed;
and the generating module is used for generating a component dependency relationship library of the application program based on the dependency relationship information of the components.
In a third aspect, an embodiment of the present application provides a terminal device, including: a memory, a processor and a computer program stored in the memory and executable on the processor, the processor implementing the method of generating dependencies when executing the computer program.
In a fourth aspect, an embodiment of the present application provides a computer-readable storage medium, including: the computer-readable storage medium stores a computer program which, when executed by a processor, implements the method of generating dependencies.
In a fifth aspect, an embodiment of the present application provides a computer program product, which, when run on a terminal device, causes the terminal device to execute the method for generating a dependency relationship in any one of the above first aspects.
It is understood that the beneficial effects of the second aspect to the fifth aspect can be referred to the related description of the first aspect, and are not described herein again.
Drawings
In order to more clearly illustrate the technical solutions in the embodiments of the present application, the drawings needed to be used in the embodiments or the prior art descriptions will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present application, and it is obvious for those skilled in the art to obtain other drawings based on these drawings without inventive exercise.
Fig. 1 is a flowchart illustrating a method for generating a dependency relationship according to an embodiment of the present application.
FIG. 2 is a diagram of an example dependency tree provided by an embodiment of the present application.
Fig. 3 is a schematic structural diagram of an apparatus for generating a dependency relationship according to an embodiment of the present application.
Fig. 4 is a schematic structural diagram of a terminal device according to an embodiment of the present application.
Detailed Description
In the following description, for purposes of explanation and not limitation, specific details are set forth, such as particular system structures, techniques, etc. in order to provide a thorough understanding of the embodiments of the present application. It will be apparent, however, to one skilled in the art that the present application may be practiced in other embodiments that depart from these specific details. In other instances, detailed descriptions of well-known systems, devices, circuits, and methods are omitted so as not to obscure the description of the present application with unnecessary detail.
As used in this specification and the appended claims, the term "if" may be interpreted contextually as "when", "upon" or "in response to" determining "or" in response to detecting ". Similarly, the phrase "if it is determined" or "if a [ described condition or event ] is detected" may be interpreted contextually to mean "upon determining" or "in response to determining" or "upon detecting [ described condition or event ]" or "in response to detecting [ described condition or event ]".
Furthermore, in the description of the present application and the appended claims, the terms "first," "second," "third," and the like are used for distinguishing between descriptions and not necessarily for describing or implying relative importance.
Reference throughout this specification to "one embodiment" or "some embodiments," or the like, means that a particular feature, structure, or characteristic described in connection with the embodiment is included in one or more embodiments of the present application. Thus, appearances of the phrases "in one embodiment," "in some embodiments," "in other embodiments," or the like, in various places throughout this specification are not necessarily all referring to the same embodiment, but rather "one or more but not all embodiments" unless specifically stated otherwise. The terms "comprising," "including," "having," and variations thereof mean "including, but not limited to," unless expressly specified otherwise.
In order to explain the technical solution described in the present application, the following description will be given by way of specific examples.
Referring to fig. 1, fig. 1 is a flowchart illustrating an implementation of a method for generating a dependency relationship according to an embodiment of the present application. In this embodiment, the main execution body of the method for generating the dependency relationship is the terminal device.
As shown in fig. 1, the method provided by the embodiment of the present application includes the following steps:
s101: and identifying a plurality of components of the application program according to a preset identification strategy.
In step S101, a preset identification policy is used to describe the order or manner of identifying the plurality of components. For example, when a build tool is present, the build tool executes build commands, such as the command mvn dependency: tree, in a certain order, by executing the commands to identify multiple components of an application in order to obtain all dependencies of the components. Or, for example, when a build tool is present, traverse multiple components of the application, querying whether each component is present in the component dependency library.
An application is a computer program that is developed to run in an operating system to accomplish a specific task.
A component is a functional module that is reusable in an application framework and can be implemented through a file compiled from a computer language. For example, it is implemented by JAR files (Java Archive files).
Each component file comprises a plurality of byte code files (Class files), each byte code file is stored according to a compiling file name, and each byte code file comprises a corresponding package name and all package names which are depended by the byte code file. Therefore, the package name corresponding to each bytecode file in the component is the package name corresponding to the component, and all the package names on which the bytecode files depend are the package names corresponding to the components on which the component depends.
The byte code information corresponding to each component comprises the package name corresponding to the component and the package name corresponding to the dependent component. And obtaining the dependency relationship between the two components according to the byte code information corresponding to the components.
It can be understood that, after receiving the instruction for identifying the multiple components of the application program, the terminal device identifies the multiple components of the application program according to a preset identification policy, and identifies the bytecode information in each component.
For example, the terminal device identifies the bytecode information corresponding to each of the plurality of components according to a preset identification policy.
It should be noted that, because multiple components of the application are identified according to the preset identification policy, an environment for identifying the components of the application needs to be configured in advance, for example, a configuration tool maven is configured on the terminal device, so that a specific command is executed by the maven to obtain dependency information between the components.
In this embodiment, a plurality of components of an application program are identified according to a preset identification policy, and since the dependency relationship existing between two components can be obtained according to the bytecode information corresponding to the components, the bytecode information of the identified components can obtain the dependency relationship information of the components, and a constructed dependency relationship basis can be better provided for generating a dependency relationship tree. It should be understood that in all embodiments of the present application, the plurality of components of the application are identified, in effect, the bytecode information for each of the plurality of components being identified based on the bytecode information for each of the components in the component library that has been published.
When the plurality of components of the application are identified according to the preset identification policy, the following two scenarios may be included, but not limited to.
Scene 1: when an instruction for detecting the vulnerability of the application program is received, a plurality of components of the application program are identified according to a preset identification strategy.
For example, an application program which is developed and popularized is attacked by an illegal user using a specific computer program, so that the application program is in a state of stopping running, and therefore, in order to avoid being attacked next time, the application program is in the state of stopping running again, bugs existing in the application program need to be monitored, dependency relationships among multiple components need to be analyzed, and the terminal device identifies the multiple components of the application program according to a preset identification strategy and confirms the dependency bugs among the components.
Scene 2: at the end of compiling the application program, in order to eliminate component conflict between the dependency relationship information of each component, a plurality of components of the application program are identified according to a preset identification strategy.
For example, when the application program is compiled, the application program includes two versions of the component a, such as the 1.0 version and the 2.0 version of the component a, and one application program does not allow the same component a to appear, so that the dependency relationships of multiple components in the application program need to be analyzed, that is, multiple components of the application program need to be identified according to a preset identification policy, so as to obtain the dependency relationships of the components and analyze existing component conflicts.
It should be understood that in actual practice, each application program will include a plurality of components, such as a plurality of known components and a plurality of unknown components. Known components are open source components which are stored in the internet in a public manner and can be freely downloaded by a user, for example, components recorded on a public community website, and when a building tool identifies the components according to a preset identification strategy, the identification is usually successful; and a part of unknown components are self-developed by a user for upgrading the functions of the application programs, the part of components are not stored in the internet in a public way, and the building tool usually fails to identify the part of components according to a preset identification strategy.
S102: if the component is identified successfully, acquiring the dependency relationship information of the component; and if the component is failed to be identified, analyzing the component by using a preset analysis strategy to acquire the dependency relationship information of the component.
In step S102, the dependency relationship information is used to describe the dependency relationship between the components. For example, the dependency information describes the dependency between the component a and the component B, such as the dependency may be in the form of "component a → component B" for representing the dependency between the component a and the component B, where the component a is a dependent party and the component B is a depended party.
The preset analysis strategy is used for describing a logic process of analyzing and identifying the failed component to obtain the corresponding dependency relationship information. For example, if the component C fails to be identified, the component C is analyzed by using a preset component information program, and the relevant dependency relationship information of the component C is obtained.
Illustratively, one application includes 10 components, of which 1 is an unknown component and the remaining 9 are published components. If the construction tool executes a specific command to identify the 9 public components according to a preset identification strategy, the 9 public components are successfully identified, so that the dependency relationship information corresponding to each public component is obtained. However, when an unknown component is identified, since the component is not yet disclosed, and cannot be identified for the building tool if not uploaded to the community site of the building tool, the operation of analyzing the component dependency relationship of the application program is continued, and the component is analyzed by using a preset analysis policy.
S103: and generating a component dependency relationship library of the application program based on the dependency relationship information of the plurality of components.
In step S103, the component dependency relationship library is a set describing dependency relationships among a plurality of components.
Exemplarily, as shown in fig. 2, the dependency relationship information of the component a, the component B, and the component C is obtained, wherein the component a depends on the component B based on the dependency relationship information of the component a; knowing, based on the dependency information of component C, that component C depends on component B; based on the dependency relationship information of the component B, the component B is known to be depended on by the component A and the component C. Therefore, based on the dependency information of component a, component B, and component C, a dependency tree as shown in fig. 2 is generated.
When the method for generating the dependency relationship is adopted and a plurality of components of the application program are identified according to a preset identification strategy, if the components are identified successfully, the dependency relationship information of the components is obtained; if the identification of the components fails, analyzing the components by using a preset analysis strategy, and effectively identifying the unknown components, so that the dependency relationship information of the unknown components can be obtained, and then a component dependency relationship library of the application program is generated based on the dependency relationship information of the multiple components. Therefore, the method for generating the dependency relationship can effectively identify the unknown component, so that the dependency relationship library is finally generated, and the application range is wider.
In an embodiment of the present application, before identifying the plurality of components of the application according to the preset identification policy, the method further includes:
confirming whether a target file exists in the application program; the object file is used for recording the dependency relationship among a plurality of components in the application program.
In this embodiment, the target file is a configuration file of the application program. The dependencies between the components of the target file record are direct dependencies from component to component.
It can be understood that the terminal device checks the description information of each configuration file of the application program to determine whether the description information of the target file exists, and if the description information of the target file exists, it determines that the target file exists in the application program. The description information is symbolic information of the configuration file, for example, a name of the configuration file, a summary of contents described by the configuration file, and the like.
In an example, if the name of the target file is pom.xml, it is determined whether a file with the name of pom.xml exists in the application program, and if so, it indicates that the target file exists.
It should be noted that, if the application is developed through a building tool, there may be a target file, such as a pom. However, if the application is not developed by a build tool, there is no target file generated by the build tool.
In some embodiments, whether the target file exists in the application program is confirmed according to a preset target file confirmation strategy.
In this embodiment, the preset target file validation policy is a logical process or manner for describing validation of the target file. For example, a plurality of configuration files of the application program are traversed, and whether a file with the same file name as the target file exists in the plurality of configuration files is confirmed.
In some embodiments, whether files with the same name exist in the application program is determined according to the name of the target file, and if files with the same name exist, the target file exists in the application program.
In an embodiment of the present application, identifying a plurality of components of an application according to a preset identification policy includes:
and if the target file exists, identifying the dependency relationship among the components recorded in the target file according to a preset identification strategy.
And if the target file does not exist, traversing the plurality of components in the application program, and identifying the plurality of components according to a preset identification strategy.
In this embodiment, because the target file already records the dependency relationship among the components in the application program, if the terminal device determines that the target file exists in the application program, the terminal device may directly identify the dependency relationship among the components recorded in the target file according to a preset identification policy.
On the contrary, if the terminal device confirms that the target file does not exist in the application program, the target file indicates that the application program does not explicitly record files of a plurality of components of the application program, and the plurality of components in the application program need to be traversed to confirm the plurality of components existing in the application program, so that the plurality of components can be identified based on the preset identification policy. For example, if a component in an application program is a compiled package, the component can be directly searched in a traversal manner, so that the component can be identified by using a preset identification strategy; if the component is in the form of a source code packet, the source code of the source code packet needs to be analyzed to identify the component, so that the component can be identified by using a preset identification strategy.
In an embodiment of the present application, there is a possible scenario that, in the process of identifying multiple components of an application according to a preset identification policy, for a component that is successfully identified and a component that is identified, different policies for obtaining dependency information need to be switched frequently, so that the overall component identification efficiency is reduced.
Therefore, if the component is failed to be identified, analyzing the component by using a preset analysis strategy to acquire the dependency relationship information of the component, including:
if the identification of the components fails, analyzing the rest components by using a preset analysis strategy to obtain the dependency relationship information of the rest components; the remaining components include the component that failed the identification and the component to be identified.
In this embodiment, when one component fails to be identified, the remaining components are analyzed by using a preset analysis policy. For example, when identifying a component fails, when identifying each remaining component, querying one by one whether a corresponding component exists in the component dependency library, if so, obtaining dependency relationship information of the component, and if not, invoking a preset component information program to analyze the component to obtain corresponding dependency relationship information.
In some embodiments, if the component is failed to be identified, the remaining components are analyzed one by using a preset analysis strategy to obtain the dependency relationship information of the remaining components.
In an embodiment of the present application, there is a possible scenario that dependency relationship information of a component that fails to be identified is already stored in a component dependency library when a plurality of components of an application are identified according to a preset identification policy, and if the component that fails to be identified is still analyzed by using a preset analysis policy at this time, and dependency relationship information of the component is obtained, the overall component identification efficiency may be reduced.
Therefore, before analyzing the component by using a preset analysis strategy and acquiring the dependency relationship information of the component, the method further includes:
if the component is identified to fail, inquiring whether the component exists in the component dependency library or not through the component information of the component;
and if the component exists, acquiring the dependency relationship information of the component.
In this embodiment, the dependency relationship information of a plurality of components is recorded in the component dependency library. The component information is the symbolic information of the component, and the symbolic information of each component is different. E.g., name, version of the component.
For example, whether a component with the same name exists in the component dependency library is queried through the name of the component, and if so, the dependency relationship information of the component is obtained.
In some embodiments, if the component fails to be identified, whether the dependency relationship information of the component exists in the component dependency library is queried, and if the dependency relationship information of the component exists, the dependency relationship information of the component is acquired.
In an embodiment of the present application, there is a possible scenario that, during the development process of an application, multiple identical components or multiple components of different versions may be configured in the application, so that there is a component conflict between dependency information of multiple components. If an application including component conflicts is allowed to run, the application is often abnormally run, and the user experience is also poor.
Therefore, the embodiment of the present application provides a method for generating a dependency relationship, which mainly relates to a process of resolving a component conflict. The method comprises the following steps:
generating a component dependency relationship library of an application based on dependency relationship information of a plurality of components, comprising:
determining dependency relationship information of a plurality of components with component conflict according to the component information of each component;
processing component conflicts by using a preset conflict processing strategy to obtain dependency relationship information of a plurality of components without component conflicts;
and generating a component dependency relationship library of the application program based on the dependency relationship information of the plurality of components without component conflict.
In the present embodiment, the component information is unique identifier information of the component, for example, the name and version of the component. The preset conflict handling strategy is used for describing a logic process for handling the component conflict.
Illustratively, there are component a, component B, component C, component D, and component E in the application. Wherein, based on the dependency relationship information of the component a, the component a depends on the 1.0 version of the component C. Based on the dependency information of component B, component B depends on version 2.0 of component C. Based on the dependency information of component D, component D depends on component E, and component E depends on the 2.0 version of component C. It can be seen that there are 2 components C in the same application, which are respectively the 1.0 version of component C and the 2.0 version of component C, i.e. it is determined that there is a component conflict between the dependency information of the dependency information component B of the component a.
Further, determining a component C with a reserved 2.0 version by using a preset conflict processing strategy to obtain new dependency relationships, wherein the 1 st dependency relationship is the component C with the component A depending on the 2.0 version; the 2 nd dependency relationship is that component B depends on the 2.0 version of component C; the 3 rd dependency is that component D depends on component E, which depends on the 2.0 version of component C. And generating a component dependency relation library of the application program according to the 3 dependency relations.
In some embodiments, a component dependency tree of an application is generated.
As a possible implementation manner of this embodiment, processing component conflicts by using a preset conflict processing policy includes:
acquiring the length of a dependency path of each component in each component dependency relationship information with component conflict;
determining the component with the minimum dependent path length in each group of conflict components as a target component;
and reconstructing the component dependency relationship with the component conflict based on the target component to obtain the dependency relationship information of a plurality of components without component conflict.
In the present embodiment, the dependent path length is used to describe the length between each component and the dependent source component. For example, if component a depends on component B and component B depends on component C, it is known that the dependent path length of component B is 1 and the dependent path length of component C is 2.
Illustratively, there are component a, component B, component C, component D, and component E in the application. Where component a relies on version 2.0 of component C. Component B relies on version 2.0 of component C. Component D relies on component E, which relies on version 1.0 of component C. As can be seen, since the dependent path length of the component C of version 2.0 is 1 and the dependent path length of the component C of version 1.0 is 2, the component C of version 2.0 is determined to be the target component. Reconstructing the dependency relationship of the components with component conflicts based on the components C of the 2.0 version to obtain the dependency relationship of 3 components without component conflicts, wherein the 1 st dependency relationship is the component C of which the component A depends on the 2.0 version; the 2 nd dependency relationship is that component B depends on the 2.0 version of component C; the 3 rd dependency is that component D depends on component E, which depends on the 2.0 version of component C.
It should be understood that, the sequence numbers of the steps in the foregoing embodiments do not imply an execution sequence, and the execution sequence of each process should be determined by its function and inherent logic, and should not constitute any limitation to the implementation process of the embodiments of the present application.
Fig. 3 shows a block diagram of a device for generating a dependency relationship provided in the embodiment of the present application, corresponding to the method for generating a dependency relationship in the above embodiment, and only shows a part related to the embodiment of the present application for convenience of explanation.
Referring to fig. 3, the apparatus includes:
the identification module 101 is used for identifying a plurality of components of the application program according to a preset identification strategy;
a first obtaining module 102, configured to obtain dependency relationship information of a component if the component is successfully identified;
the second obtaining module 103 is configured to, if the component fails to be identified, analyze the component by using a preset analysis policy to obtain dependency relationship information of the component;
and the generating module 104 is configured to generate a component dependency relationship library of the application program based on the dependency relationship information of the plurality of components.
Optionally, the apparatus further comprises: and a confirmation module.
The confirming module is used for confirming whether the target file exists in the application program; the object file is used for recording the dependency relationship among a plurality of components in the application program.
Optionally, the identification module 101 further includes a first identification unit and a second identification unit.
The first identification unit is further used for identifying the dependency relationship among the components recorded in the target file according to a preset identification strategy if the target file exists;
the second identification unit is further used for traversing the plurality of components in the application program and identifying the plurality of components according to a preset identification strategy if the target file does not exist.
Optionally, the second obtaining module 103 is further configured to, if the component is failed to be identified, analyze the remaining components by using a preset analysis policy to obtain dependency relationship information of the remaining components; the remaining components include the component that failed the identification and the component to be identified.
Optionally, the second obtaining module 103 is further configured to, if the component is identified as failed, query whether a component exists in the component dependency library through component information of the component; and if the component exists, acquiring the dependency relationship information of the component.
Optionally, the generating module 104 further includes a conflict determining unit, a conflict processing unit, and a generating unit.
The conflict determination unit is used for determining the dependency relationship information of a plurality of assemblies with component conflicts according to the assembly information of each assembly;
the conflict processing unit is used for processing component conflicts by utilizing a preset conflict processing strategy to obtain dependency relationship information of a plurality of components without component conflicts;
and the generating unit is used for generating a component dependency relationship library of the application program based on the dependency relationship information of the plurality of components without component conflict.
Optionally, the conflict processing unit is further configured to obtain a dependent path length of each component in each component dependency relationship information where the component conflict exists; determining the component with the minimum dependent path length in each group of conflict components as a target component; and reconstructing the component dependency relationship with the component conflict based on the target component to obtain the dependency relationship information of a plurality of components without component conflict.
Fig. 4 is a schematic structural diagram of a terminal device according to an embodiment of the present application. As shown in fig. 4, the terminal device 4 of this embodiment includes: at least one processor 40 (only one processor is shown in fig. 4), a memory 41, and a computer program 42 stored in the memory 41 and executable on the at least one processor 40, the steps in any of the various above-described method embodiments of generating a dependency tree being implemented by the processor 40 when the computer program 42 is executed by the processor.
The terminal device 4 may be a desktop computer, a notebook, a palm computer, a cloud server, or other computing devices. The terminal device may include, but is not limited to, a processor 40, a memory 41. Those skilled in the art will appreciate that fig. 4 is merely an example of the terminal device 4, and does not constitute a limitation of the terminal device 4, and may include more or less components than those shown, or combine some components, or different components, such as an input-output device, a network access device, and the like.
The Processor 40 may be a Central Processing Unit (CPU), and the Processor 40 may also be other general purpose processors, Digital Signal Processors (DSPs), Application Specific Integrated Circuits (ASICs), off-the-shelf Programmable Gate arrays (FPGAs) or other Programmable logic devices, discrete Gate or transistor logic devices, discrete hardware components, etc. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like.
The memory 41 may in some embodiments be an internal storage unit of the terminal device 4, such as a hard disk or a memory of the terminal device 4. The memory 41 may be an external storage device of the terminal device 4 in other embodiments, such as a plug-in hard disk provided on the terminal device 4, a Smart Media Card (SMC), a Secure Digital (SD) Card, a Flash memory Card (Flash Card), and the like. Further, the memory 41 may also include both an internal storage unit of the terminal device 4 and an external storage device. The memory 41 is used for storing an operating system, an application program, a BootLoader (BootLoader), data, and other programs, such as program codes of a computer program. The memory 41 may also be used to temporarily store data that has been output or is to be output.
It should be noted that, for the information interaction, execution process, and other contents between the above-mentioned devices/units, the specific functions and technical effects thereof are based on the same concept as those of the embodiment of the method of the present application, and specific reference may be made to the part of the embodiment of the method, which is not described herein again.
It will be apparent to those skilled in the art that, for convenience and brevity of description, only the above-mentioned division of the functional units and modules is illustrated, and in practical applications, the above-mentioned function distribution may be performed by different functional units and modules according to needs, that is, the internal structure of the apparatus is divided into different functional units or modules, so as to perform all or part of the functions described above. Each functional unit and module in the embodiments may be integrated in one processing unit, or each unit may exist alone physically, or two or more units are integrated in one unit, and the integrated unit may be implemented in a form of hardware, or in a form of software functional unit. In addition, specific names of the functional units and modules are only for convenience of distinguishing from each other, and are not used for limiting the protection scope of the present application. The specific working processes of the units and modules in the system may refer to the corresponding processes in the foregoing method embodiments, and are not described herein again.
An embodiment of the present application further provides a terminal device, where the terminal device includes: at least one processor, a memory, and a computer program stored in the memory and executable on the at least one processor, the processor implementing the steps of any of the various method embodiments described above when executing the computer program.
The embodiments of the present application further provide a computer-readable storage medium, where a computer program is stored, and when the computer program is executed by a processor, the computer program implements the steps that can be implemented in the above method embodiments.
The embodiments of the present application provide a computer program product, which when running on a terminal device, enables the terminal device to implement the steps in the above method embodiments when executed.
The integrated unit, if implemented in the form of a software functional unit and sold or used as a stand-alone product, may be stored in a computer readable storage medium. Based on such understanding, all or part of the processes in the methods of the embodiments described above can be implemented by a computer program, which can be stored in a computer readable storage medium and used by a processor to implement the steps of the embodiments of the methods described above. Wherein the computer program comprises computer program code, which may be in the form of source code, object code, an executable file or some intermediate form, etc. The computer readable medium may include at least: any entity or device capable of carrying computer program code to a photographing apparatus/terminal apparatus, a recording medium, computer Memory, Read-Only Memory (ROM), Random Access Memory (RAM), an electrical carrier signal, a telecommunications signal, and a software distribution medium. Such as a usb-disk, a removable hard disk, a magnetic or optical disk, etc. In certain jurisdictions, computer-readable media may not be an electrical carrier signal or a telecommunications signal in accordance with legislative and patent practice.
In the above embodiments, the descriptions of the respective embodiments have respective emphasis, and reference may be made to the related descriptions of other embodiments for parts that are not described or illustrated in a certain embodiment.
Those of ordinary skill in the art will appreciate that the various illustrative elements and algorithm steps described in connection with the embodiments disclosed herein may be implemented as electronic hardware or combinations of computer software and electronic hardware. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the implementation. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present application.
In the embodiments provided in the present application, it should be understood that the disclosed apparatus/network device and method may be implemented in other ways. For example, the above-described apparatus/network device embodiments are merely illustrative, and for example, a module or a unit may be divided into only one logical function, and may be implemented in other ways, for example, a plurality of units or components may be combined or integrated into another system, or some features may be omitted or not executed. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection through some interfaces, devices or units, and may be in an electrical, mechanical or other form.
Units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment.
The above embodiments are only used to illustrate the technical solutions of the present application, and not to limit the same; although the present application has been described in detail with reference to the foregoing embodiments, it should be understood by those of ordinary skill in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some technical features may be equivalently replaced; such modifications and substitutions do not substantially depart from the spirit and scope of the embodiments of the present application and are intended to be included within the scope of the present application.
Claims (10)
1. A method of generating dependencies, the method comprising:
identifying a plurality of components of the application program according to a preset identification strategy;
if the component is identified successfully, acquiring the dependency relationship information of the component;
if the component is identified to fail, analyzing the component by using a preset analysis strategy to acquire the dependency relationship information of the component;
and generating a component dependency relationship library of the application program based on the dependency relationship information of the plurality of components.
2. The method of claim 1, wherein prior to identifying the plurality of components of the application according to the predetermined identification policy, further comprising:
confirming whether a target file exists in the application program; the target file is used for recording the dependency relationship among a plurality of components in the application program.
3. The method of claim 2, wherein identifying the plurality of components of the application according to the predetermined identification policy comprises:
if the target file exists, identifying the dependency relationship among the components recorded in the target file according to the preset identification strategy;
and if the target file does not exist, traversing the plurality of components in the application program, and identifying the plurality of components according to the preset identification strategy.
4. The method of claim 1, wherein if the component is identified as failing, parsing the component by using a preset parsing policy to obtain the dependency information of the component comprises:
if the component is identified to fail, analyzing the rest of the components by using a preset analysis strategy to obtain the dependency relationship information of the rest of the components; the remaining components include the component that failed to be identified and the component to be identified.
5. The method of claim 1, wherein before analyzing the component by using a preset analysis policy and obtaining the dependency information of the component, the method further comprises:
if the component is identified to fail, inquiring whether the component exists in a component dependency library or not through the component information of the component;
and if the component exists, acquiring the dependency relationship information of the component.
6. The method of claim 1, wherein generating a component dependency library for the application based on dependency information for a plurality of the components comprises:
determining dependency relationship information of a plurality of the components with component conflict according to the component information of each component;
processing the component conflict by using a preset conflict processing strategy to obtain the dependency relationship information of a plurality of components without component conflict;
and generating a component dependency relationship library of the application program based on the dependency relationship information of the components without component conflict.
7. The method of claim 6, wherein said processing the component conflict using a preset conflict handling policy comprises:
acquiring the length of a dependency path of each component in each component dependency relationship information with component conflict;
determining the component with the minimum dependent path length in each group of conflict components as a target component;
and reconstructing the component dependency relationship with component conflict based on the target component to obtain the dependency relationship information of a plurality of components without component conflict.
8. An apparatus for generating dependencies, comprising:
the identification module is used for identifying a plurality of components of the application program according to a preset identification strategy;
the first acquisition module is used for acquiring the dependency relationship information of the component if the component is identified successfully;
the second acquisition module is used for analyzing the component by using a preset analysis strategy to acquire the dependency relationship information of the component if the component is identified to be failed;
and the generating module is used for generating a component dependency relationship library of the application program based on the acquired dependency relationship information of the plurality of components.
9. A terminal device comprising a memory, a processor and a computer program stored in the memory and executable on the processor, the processor implementing the method of any one of claims 1 to 7 when executing the computer program.
10. A computer-readable storage medium, characterized in that the computer-readable storage medium stores a computer program which, when executed by a processor, implements the method of any one of claims 1 to 7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010740003.4A CN111967017B (en) | 2020-07-28 | 2020-07-28 | Method, device, terminal equipment and storage medium for generating dependency relationship |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010740003.4A CN111967017B (en) | 2020-07-28 | 2020-07-28 | Method, device, terminal equipment and storage medium for generating dependency relationship |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN111967017A true CN111967017A (en) | 2020-11-20 |
| CN111967017B CN111967017B (en) | 2023-06-02 |
Family
ID=73362920
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010740003.4A Active CN111967017B (en) | 2020-07-28 | 2020-07-28 | Method, device, terminal equipment and storage medium for generating dependency relationship |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111967017B (en) |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112506129A (en) * | 2020-12-15 | 2021-03-16 | 北京东土科技股份有限公司 | Method, device and equipment for converting ladder diagram and storage medium |
| CN112711438A (en) * | 2021-01-13 | 2021-04-27 | 苏州棱镜七彩信息科技有限公司 | Dependent component information extraction method, dependent component information extraction device, and computer-readable storage medium |
| CN112800430A (en) * | 2021-02-01 | 2021-05-14 | 苏州棱镜七彩信息科技有限公司 | Safety and compliance management method suitable for open source assembly |
| CN113536316A (en) * | 2021-06-17 | 2021-10-22 | 深圳开源互联网安全技术有限公司 | Detection method and device for component dependence information |
| CN114546534A (en) * | 2022-02-28 | 2022-05-27 | 百果园技术(新加坡)有限公司 | Application page starting method, device, equipment and medium |
| WO2022199160A1 (en) * | 2021-03-25 | 2022-09-29 | 京东科技控股股份有限公司 | Method for resolving component version conflict, device, and storage medium |
Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103810172A (en) * | 2012-11-06 | 2014-05-21 | 金蝶软件(中国)有限公司 | Method and device for generating module dependence relationship graph |
| CN104077140A (en) * | 2014-07-04 | 2014-10-01 | 用友软件股份有限公司 | Automatic compiling method and compiling device for continuous integration |
| CN105760184A (en) * | 2014-12-18 | 2016-07-13 | 深圳云之家网络有限公司 | Method and device for loading component |
| US20190243865A1 (en) * | 2018-02-07 | 2019-08-08 | Sas Institute Inc. | Identification and visualization of data set relationships in online library systems |
| CN110750245A (en) * | 2019-10-17 | 2020-02-04 | 杭州涂鸦信息技术有限公司 | Application program development method, system and equipment |
| CN110874730A (en) * | 2018-09-04 | 2020-03-10 | Oppo广东移动通信有限公司 | Information processing method, information processing device and mobile terminal |
| CN111162953A (en) * | 2019-12-31 | 2020-05-15 | 四川省公安科研中心 | Data processing method, system upgrading method and server |
| CN111324333A (en) * | 2018-12-17 | 2020-06-23 | 中移(杭州)信息技术有限公司 | Software development method and device based on componentization |
-
2020
- 2020-07-28 CN CN202010740003.4A patent/CN111967017B/en active Active
Patent Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103810172A (en) * | 2012-11-06 | 2014-05-21 | 金蝶软件(中国)有限公司 | Method and device for generating module dependence relationship graph |
| CN104077140A (en) * | 2014-07-04 | 2014-10-01 | 用友软件股份有限公司 | Automatic compiling method and compiling device for continuous integration |
| CN105760184A (en) * | 2014-12-18 | 2016-07-13 | 深圳云之家网络有限公司 | Method and device for loading component |
| US20190243865A1 (en) * | 2018-02-07 | 2019-08-08 | Sas Institute Inc. | Identification and visualization of data set relationships in online library systems |
| CN110874730A (en) * | 2018-09-04 | 2020-03-10 | Oppo广东移动通信有限公司 | Information processing method, information processing device and mobile terminal |
| CN111324333A (en) * | 2018-12-17 | 2020-06-23 | 中移(杭州)信息技术有限公司 | Software development method and device based on componentization |
| CN110750245A (en) * | 2019-10-17 | 2020-02-04 | 杭州涂鸦信息技术有限公司 | Application program development method, system and equipment |
| CN111162953A (en) * | 2019-12-31 | 2020-05-15 | 四川省公安科研中心 | Data processing method, system upgrading method and server |
Non-Patent Citations (2)
| Title |
|---|
| 李凤桐等: "微软企业库组件Unity使用浅析", 《软件研发与应用》 * |
| 王莉等: "基于组件依赖的测试序列优化模型", 《北京邮电大学学报》 * |
Cited By (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112506129A (en) * | 2020-12-15 | 2021-03-16 | 北京东土科技股份有限公司 | Method, device and equipment for converting ladder diagram and storage medium |
| CN112506129B (en) * | 2020-12-15 | 2022-02-22 | 北京东土科技股份有限公司 | Method, device and equipment for converting ladder diagram and storage medium |
| CN112711438A (en) * | 2021-01-13 | 2021-04-27 | 苏州棱镜七彩信息科技有限公司 | Dependent component information extraction method, dependent component information extraction device, and computer-readable storage medium |
| CN112711438B (en) * | 2021-01-13 | 2024-04-16 | 苏州棱镜七彩信息科技有限公司 | Method, apparatus and computer readable storage medium for extracting dependency component information |
| CN112800430A (en) * | 2021-02-01 | 2021-05-14 | 苏州棱镜七彩信息科技有限公司 | Safety and compliance management method suitable for open source assembly |
| WO2022199160A1 (en) * | 2021-03-25 | 2022-09-29 | 京东科技控股股份有限公司 | Method for resolving component version conflict, device, and storage medium |
| CN113536316A (en) * | 2021-06-17 | 2021-10-22 | 深圳开源互联网安全技术有限公司 | Detection method and device for component dependence information |
| CN113536316B (en) * | 2021-06-17 | 2023-08-11 | 深圳开源互联网安全技术有限公司 | Method and device for detecting component dependency information |
| CN114546534A (en) * | 2022-02-28 | 2022-05-27 | 百果园技术(新加坡)有限公司 | Application page starting method, device, equipment and medium |
| CN114546534B (en) * | 2022-02-28 | 2023-11-24 | 百果园技术(新加坡)有限公司 | Application page starting method, device, equipment and medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN111967017B (en) | 2023-06-02 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111967017A (en) | Method and device for generating dependency relationship, terminal equipment and storage medium | |
| US11663110B2 (en) | Analysis to check web API code usage and specification | |
| CN110941528B (en) | Log buried point setting method, device and system based on fault | |
| US10223080B2 (en) | Method and system for automated, static instrumentation for applications designed for execution in environments with restricted resources | |
| US8141035B2 (en) | Method for accessing internal states of objects in object oriented programming | |
| CN111144839B (en) | Project construction method, continuous integration system and terminal equipment | |
| US20230036357A1 (en) | Method and apparatus for authority control, computer device and storage medium | |
| CN111309335B (en) | Compiling method and device of plug-in application and computer readable storage medium | |
| CN113835713B (en) | Source code packet downloading method, device, computer equipment and storage medium | |
| CN109271789B (en) | Malicious process detection method and device, electronic equipment and storage medium | |
| CN110968437A (en) | Method, device, equipment and medium for parallel execution of single contract based on Java intelligent contract | |
| CN112463303A (en) | JAVA virtual machine class loading method and system | |
| CN111124486A (en) | Method, system and storage medium for discovering android application to refer to third-party tool | |
| CN112099880B (en) | Method and system for reducing application program driven by scene | |
| CN111124480A (en) | Application package generation method and device, electronic equipment and storage medium | |
| US9116714B2 (en) | Methods and systems for file processing | |
| US9064042B2 (en) | Instrumenting computer program code by merging template and target code methods | |
| CN111352631B (en) | Interface compatibility detection method and device | |
| CN112445706A (en) | Program abnormal code acquisition method and device, electronic equipment and storage medium | |
| CN110334031B (en) | Memory allocation code detection method and device, computer equipment and storage medium | |
| CN116841906A (en) | Intelligent contract detection method and device and electronic equipment | |
| US9396239B2 (en) | Compiling method, storage medium and compiling apparatus | |
| CN110737438A (en) | data processing method and device | |
| CN113821486B (en) | Method and device for determining dependency relationship between pod libraries and electronic equipment | |
| CN106778270B (en) | Malicious application detection method and system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |