CN111382443A - Method and device for determining code quality improvement suggestion and electronic equipment - Google Patents

Method and device for determining code quality improvement suggestion and electronic equipment Download PDF

Info

Publication number
CN111382443A
CN111382443A CN201811644110.6A CN201811644110A CN111382443A CN 111382443 A CN111382443 A CN 111382443A CN 201811644110 A CN201811644110 A CN 201811644110A CN 111382443 A CN111382443 A CN 111382443A
Authority
CN
China
Prior art keywords
code
information
vulnerability
determining
quality improvement
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201811644110.6A
Other languages
Chinese (zh)
Inventor
黄威
张�杰
李雪
张娜
陈琦
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Qihoo Technology Co Ltd
Original Assignee
Beijing Qihoo Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Qihoo Technology Co Ltd filed Critical Beijing Qihoo Technology Co Ltd
Priority to CN201811644110.6A priority Critical patent/CN111382443A/en
Publication of CN111382443A publication Critical patent/CN111382443A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/577Assessing vulnerabilities and evaluating computer system security

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Computing Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Stored Programmes (AREA)

Abstract

The application provides a method and a device for determining a code quality improvement suggestion and electronic equipment, which are applied to the technical field of information processing, wherein the method comprises the following steps: the method comprises the steps of obtaining evaluation information of a target code automatically generated by a code quality evaluation system, wherein the code quality evaluation system is used for automatically generating the evaluation information of the target code comprising at least one of vulnerability detection information, code repetition rate detection information and code complexity information, and then determining corresponding quality improvement suggestion information based on the obtained evaluation information of the target code. According to the evaluation information of the automatically generated target code, the corresponding quality improvement suggestion information for the target code is automatically determined, so that the quality improvement suggestion information of the target code is automatically determined, the efficiency of determining the quality improvement suggestion information for the target code is improved, and the labor cost of determining the quality improvement suggestion for the target code is reduced.

Description

Method and device for determining code quality improvement suggestion and electronic equipment
Technical Field
The application relates to the technical field of information processing, in particular to a method and a device for determining a code quality improvement suggestion and an electronic device.
Background
The code is a text composed of characters, symbols, etc. written according to a certain programming language specification. A program project is often composed of a large amount of codes, and particularly, as the development of the program project is large and complicated, the writing of the codes of the corresponding program project is usually completed by the cooperation of a plurality of program developers, so that more factors affecting the quality of the codes are caused. How to determine quality improvement suggestions for code to improve the quality of written code becomes a problem.
At present, quality improvement suggestions for codes are determined manually, that is, relevant personnel read corresponding codes line by line, determine code lines with quality problems, such as code lines with bugs and code lines with poor code readability due to non-uniform code styles, and then respectively determine corresponding quality improvement suggestions for each line of codes with quality problems. However, according to the existing way of manually determining the quality improvement suggestion for the code, high labor cost and time cost are required, resulting in an extremely inefficient determination of the quality improvement suggestion for the corresponding code. In addition, project programs typically contain a large amount of code, requiring multiple associated personnel to complete the determination of quality improvement recommendations for the corresponding code. Therefore, the existing method for manually determining the quality improvement suggestion for the code has the problems of low efficiency and high labor cost.
Disclosure of Invention
The application provides a method and a device for determining a code quality improvement suggestion and electronic equipment, which are used for improving the efficiency of determining the quality improvement suggestion aiming at a code and reducing the labor cost of determining the quality improvement suggestion aiming at the code, and the technical scheme adopted by the application is as follows:
in a first aspect, a method for determining a code quality improvement suggestion based on code evaluation information is provided, the method comprising,
obtaining evaluation information of a target code automatically generated by a code quality evaluation system, wherein the code quality evaluation system is used for automatically generating the evaluation information of the target code comprising at least one of vulnerability detection information, code repetition rate detection information and code complexity information;
and determining corresponding quality improvement suggestion information based on the acquired evaluation information of the target code.
Further, the vulnerability detection information includes vulnerability code type, and the corresponding quality improvement suggestion information is determined based on the obtained evaluation information of the target code, including:
and respectively determining and pushing corresponding code quality improvement suggestions based on different vulnerability code types.
Further, the vulnerability code type includes at least one of a security vulnerability, a red line vulnerability, a style vulnerability and other vulnerabilities, and the corresponding code quality promotion suggestions are respectively determined to be pushed based on different vulnerability code types, including:
if the vulnerability code type is a security vulnerability or a red line vulnerability, determining to push forcibly modified information;
and if the vulnerability code type is a style vulnerability or other vulnerabilities, determining to push the suggested modified information.
Further, the code repetition rate detection information includes code repetition rate information between the target code and the common library code, and the corresponding quality improvement suggestion information is determined based on the obtained evaluation information of the target code, including:
and determining recommendation information for preferentially using the common library code, wherein the recommendation information for preferentially using the common library code comprises code information of a code of which the target code is repeated with the common library code.
Further, the code complexity information includes at least one of code information of nesting a plurality of functional modules and code information of which the number of code lines exceeds a threshold number, and corresponding quality improvement suggestion information is determined based on the obtained evaluation information of the target code, and includes at least one of the following:
based on code information of a plurality of nested functional modules, pushing suggestion information for splitting the functional modules;
and pushing suggestion information for decomposing the code line number based on the code information of which the code line number exceeds the threshold value number.
In a second aspect, there is provided an apparatus for determining a code quality improvement suggestion based on code evaluation information, the apparatus comprising,
the system comprises an acquisition module, a code quality evaluation system and a judgment module, wherein the acquisition module is used for acquiring evaluation information of a target code automatically generated by the code quality evaluation system, and the code quality evaluation system is used for automatically generating evaluation information of the target code comprising at least one of vulnerability detection information, code repetition rate detection information and code complexity information;
and the determining module is used for determining corresponding quality improvement suggestion information based on the evaluation information of the target code acquired by the acquiring module.
Further, the vulnerability detection information comprises a vulnerability code type, and the determination module comprises a first determination unit;
the first determining unit is used for respectively determining and pushing corresponding code quality improvement suggestions based on different vulnerability code types.
Further, the vulnerability code type comprises at least one of a security vulnerability, a red line vulnerability, a style vulnerability and other vulnerabilities; the first determination unit is further used for determining to push the information of forced modification if the vulnerability code type is a security vulnerability or a red line vulnerability;
and determining to push the suggested modified information if the vulnerability code type is a style vulnerability or other vulnerabilities.
Further, the code repetition rate detection information includes code repetition rate information between the target code and the common library code, and the determination module includes a second determination unit;
a second determination unit for determining recommendation information for preferentially using the common library code, the recommendation information for preferentially using the common library code including code information of a code in which the target code is repeated with the common library code.
Further, the code complexity information comprises at least one of code information nesting a plurality of functional modules and code information with the number of code lines exceeding a threshold number;
the determining module is used for pushing suggestion information for splitting the functional modules based on code information of a plurality of nested functional modules;
and/or pushing recommendation information for decomposing the number of code lines based on the code information that the number of code lines exceeds the threshold number.
In a third aspect, an electronic device is provided, which includes:
one or more processors;
a memory;
one or more application programs, wherein the one or more application programs are stored in the memory and configured to be executed by the one or more processors, the one or more programs configured to: the method for determining a code quality improvement suggestion based on code evaluation information shown in the first aspect is performed.
In a fourth aspect, a computer-readable storage medium is provided, which is used for storing computer instructions, which when run on a computer, make the computer perform the method for determining a code quality improvement suggestion based on code evaluation information shown in the first aspect.
Compared with the prior art that quality improvement suggestions for codes are determined manually, the method and the device for determining the code quality improvement suggestions have the advantages that the evaluation information of the target codes automatically generated by the code quality evaluation system is obtained, wherein the code quality evaluation system is used for automatically generating the evaluation information of the target codes comprising at least one of vulnerability detection information, code repetition rate detection information and code complexity information, and then corresponding quality improvement suggestion information is determined based on the obtained evaluation information of the target codes. According to the evaluation information of the automatically generated target code, the corresponding quality improvement suggestion information aiming at the target code is automatically determined, so that the quality improvement suggestion information of the target code is automatically determined, and the efficiency of determining the quality improvement suggestion information aiming at the target code is improved. In addition, the quality improvement suggestion information for the target code is automatically determined, and the determination of the quality improvement suggestion for the target code can be completed without related personnel, so that the labor cost for determining the quality improvement suggestion for the target code is reduced, subjective influence factors for manually determining the quality improvement suggestion for the target code are reduced, and the accuracy of the quality improvement suggestion for the target code is improved.
Additional aspects and advantages of the present application will be set forth in part in the description which follows and, in part, will be obvious from the description, or may be learned by practice of the present application.
Drawings
The foregoing and/or additional aspects and advantages of the present application will become apparent and readily appreciated from the following description of the embodiments, taken in conjunction with the accompanying drawings of which:
fig. 1 is a schematic flowchart of a method for determining a code quality improvement suggestion based on code evaluation information according to an embodiment of the present application;
fig. 2 is a schematic structural diagram of a device for determining a code quality improvement suggestion based on code evaluation information according to an embodiment of the present application;
fig. 3 is a schematic structural diagram of another apparatus for determining a code quality improvement suggestion based on code evaluation information according to an embodiment of the present application;
fig. 4 is a schematic structural diagram of an electronic device according to an embodiment of the present application.
Detailed Description
Reference will now be made in detail to the embodiments of the present application, examples of which are illustrated in the accompanying drawings, wherein like or similar reference numerals refer to the same or similar elements or elements having the same or similar function throughout. The embodiments described below with reference to the drawings are exemplary only for the purpose of explaining the present application and are not to be construed as limiting the present application.
As used herein, the singular forms "a", "an" and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise. It will be further understood that the terms "comprises" and/or "comprising," when used in this specification, specify the presence of stated features, integers, steps, operations, elements, and/or components, but do not preclude the presence or addition of one or more other features, integers, steps, operations, elements, components, and/or groups thereof. As used herein, the term "and/or" includes all or any element and all combinations of one or more of the associated listed items.
To make the objects, technical solutions and advantages of the present application more clear, embodiments of the present application will be described in further detail below with reference to the accompanying drawings.
The following describes the technical solutions of the present application and how to solve the above technical problems with specific embodiments. The following several specific embodiments may be combined with each other, and details of the same or similar concepts or processes may not be repeated in some embodiments. Embodiments of the present application will be described below with reference to the accompanying drawings.
The embodiment of the application provides a method for determining a code quality improvement suggestion based on code evaluation information, as shown in fig. 1, the method includes:
step S101, obtaining evaluation information of a target code automatically generated by a code quality evaluation system, wherein the code quality evaluation system is used for automatically generating the evaluation information of the target code comprising at least one of vulnerability detection information, code repetition rate detection information and code complexity information;
specifically, the code quality evaluation system is used for correspondingly detecting the input code and automatically generating corresponding evaluation information of the code. The code file corresponding to the target code can be input into a corresponding code quality evaluation system, and the corresponding code quality evaluation system performs corresponding processing and analysis on the target code to automatically generate evaluation information of the target code.
The evaluation information of the target code includes, but is not limited to, vulnerability detection information, code repetition rate detection information, and code complexity information.
And step S102, determining corresponding quality improvement suggestion information based on the acquired evaluation information of the target code.
Specifically, the corresponding quality improvement suggestion information of the target code may be determined based on the acquired evaluation information of the target code through a predetermined correspondence between the evaluation information and the quality improvement suggestion information.
Compared with the prior art that quality improvement suggestions for codes are determined manually, the method for determining the code quality improvement suggestions based on the code evaluation information comprises the steps of obtaining the evaluation information of target codes automatically generated by a code quality evaluation system, wherein the code quality evaluation system is used for automatically generating the evaluation information of the target codes comprising at least one of vulnerability detection information, code repetition rate detection information and code complexity information, and then determining the corresponding quality improvement suggestion information based on the obtained evaluation information of the target codes. According to the evaluation information of the automatically generated target code, the corresponding quality improvement suggestion information aiming at the target code is automatically determined, so that the quality improvement suggestion information of the target code is automatically determined, and the efficiency of determining the quality improvement suggestion information aiming at the target code is improved. In addition, the quality improvement suggestion information for the target code is automatically determined, and the determination of the quality improvement suggestion for the target code can be completed without related personnel, so that the labor cost for determining the quality improvement suggestion for the target code is reduced, subjective influence factors for manually determining the quality improvement suggestion for the target code are reduced, and the accuracy of the quality improvement suggestion for the target code is improved.
The embodiment of the present application provides a possible implementation manner, specifically, the vulnerability detection information includes a vulnerability code type, and step S102 includes:
step S1021 (not shown in the figure), respectively determining to push corresponding code quality improvement suggestions based on different bug code types.
Specifically, the vulnerability detection information includes types of vulnerability codes, and corresponding code quality improvement suggestions corresponding to different vulnerability code types can be determined according to the corresponding relationship between the vulnerability code types and the quality improvement suggestions.
According to the embodiment of the application, the corresponding code quality improvement suggestions are respectively pushed based on different vulnerability code types, so that the corresponding quality improvement suggestion information is automatically determined and pushed according to the code vulnerability types, the efficiency of determining the quality improvement suggestion information aiming at the target code is improved, and the labor cost is reduced.
The embodiment of the present application provides a possible implementation manner, specifically, the vulnerability code type includes at least one of a security vulnerability, a red line vulnerability, a style vulnerability, and other vulnerabilities, and step S1021 includes:
step S10211 (not shown in the figure), if the bug code type is a security bug or a red line bug, determining to push information for forced modification;
step S10212 (not shown), if the type of the bug code is a style bug or other bugs, determining to push the proposed modified information.
Specifically, the code vulnerability type includes, but is not limited to, a security vulnerability referring to a vulnerability related to information security (e.g., may cause leakage of client information), a red line code vulnerability referring to a vulnerability affecting normal operation of the system (e.g., may cause system crash, etc.), and a style specification vulnerability referring to a vulnerability with non-uniform coding style of the program.
Specifically, if the code vulnerability type is a security vulnerability or a red line vulnerability, pushing forced modification information is determined so as to prompt relevant developers to modify corresponding vulnerability codes and improve the quality of the codes; and if the vulnerability code type is a style vulnerability or other vulnerabilities, determining to push suggested modification information so as to suggest relevant developers to modify correspondingly and improve the readability of the code.
For the embodiment of the application, if the code vulnerability type is a security vulnerability or a red line vulnerability, the information of forced modification is determined to be pushed, and if the vulnerability code type is a style vulnerability or other vulnerabilities, the information of suggested modification is determined to be pushed, so that the corresponding quality improvement suggestion information is automatically determined to be pushed according to the code vulnerability type, the efficiency of determining the quality improvement suggestion information for the target code is improved, and the labor cost is reduced.
The embodiment of the present application provides a possible implementation manner, specifically, the code repetition rate detection information includes code repetition rate information between the target code and the common library code, and step S102 includes:
step S1022 (not shown in the figure), it is determined that the recommendation information for preferentially using the common library code includes code information of a code in which the object code is duplicated with the common library code.
Specifically, the code repetition rate detection information includes code repetition rate information between the target code and the common library code, wherein the code repetition rate detection information may be determined by the calculated similarity between the target code and the common library code.
Specifically, if the target code contains a code that is duplicated with a code in the common library, suggestion information for preferentially using the common library code is determined, wherein the suggestion information for preferentially using the common library code includes code information (such as position information of the code) of the code where the target code is duplicated with the common library code.
For the embodiment of the application, if the target code contains a code which is repeated with a code in the public library, the recommendation information which preferentially uses the code of the public library is determined to be pushed so as to reduce the redundancy of the target code.
The embodiment of the present application provides a possible implementation manner, specifically, the code complexity information includes at least one of code information that nesting a plurality of functional modules and code information that the number of code lines exceeds a threshold number, and step S102 includes at least one of the following:
step S1023 (not shown in the figure), based on the code information of the nested multiple functional modules, pushing recommendation information for splitting the functional modules;
step S1024 (not shown in the figure), pushing recommendation information for resolving the code line number based on the code information that the code line number exceeds the threshold number.
Specifically, the code complexity information includes, but is not limited to, code information of nesting a plurality of functional modules and code information of which the number of code lines exceeds a threshold number; the method comprises the following steps that corresponding suggestion information for splitting the functional modules is pushed according to code information of a plurality of nested functional modules so as to reduce codes for nesting the functional modules; and pushing corresponding suggestion information for decomposing the code line number aiming at the code information with the code line number exceeding the threshold number so as to enable the code after decomposition processing to accord with the regulation of the preset threshold number.
For the embodiment of the application, the corresponding processing suggestion information is respectively determined and pushed based on the corresponding code complexity information so as to be used for improving the readability of the target code, the automatic determination of the quality improvement suggestion information of the target code is realized, and the labor cost is reduced.
Fig. 2 is a device for determining a code quality improvement suggestion based on code evaluation information according to an embodiment of the present application, where the device 20 includes: an acquisition module 201 and a determination module 202;
an obtaining module 201, configured to obtain evaluation information of a target code automatically generated by a code quality evaluation system, where the code quality evaluation system is configured to automatically generate evaluation information of the target code including at least one of vulnerability detection information, code repetition rate detection information, and code complexity information;
a determining module 202, configured to determine corresponding quality improvement suggestion information based on the evaluation information of the object code acquired by the acquiring module 201.
Compared with the prior art that quality improvement suggestions for codes are determined manually, the device for determining the code quality improvement suggestions based on the code evaluation information obtains the evaluation information of the target codes automatically generated by the code quality evaluation system, wherein the code quality evaluation system is used for automatically generating the evaluation information of the target codes comprising at least one of vulnerability detection information, code repetition rate detection information and code complexity information, and then determines the corresponding quality improvement suggestion information based on the obtained evaluation information of the target codes. According to the evaluation information of the automatically generated target code, the corresponding quality improvement suggestion information aiming at the target code is automatically determined, so that the quality improvement suggestion information of the target code is automatically determined, and the efficiency of determining the quality improvement suggestion information aiming at the target code is improved. In addition, the quality improvement suggestion information for the target code is automatically determined, and the determination of the quality improvement suggestion for the target code can be completed without related personnel, so that the labor cost for determining the quality improvement suggestion for the target code is reduced, subjective influence factors for manually determining the quality improvement suggestion for the target code are reduced, and the accuracy of the quality improvement suggestion for the target code is improved.
The code quality improvement suggestion determination apparatus based on code evaluation information of this embodiment may execute the code quality improvement suggestion determination method based on code evaluation information provided in the above embodiments of this application, and its implementation principles are similar, and are not described herein again.
Another apparatus for determining a code quality improvement suggestion based on code evaluation information is provided in the embodiment of the present application, as shown in fig. 3, the apparatus 30 of the embodiment includes: an acquisition module 301 and a determination module 302;
an obtaining module 301, configured to obtain evaluation information of a target code automatically generated by a code quality evaluation system, where the code quality evaluation system is configured to automatically generate evaluation information of the target code including at least one of vulnerability detection information, code repetition rate detection information, and code complexity information;
the acquiring module 301 in fig. 3 has the same or similar function as the acquiring module 201 in fig. 2.
A determining module 302, configured to determine corresponding quality improvement suggestion information based on the evaluation information of the object code acquired by the acquiring module 301.
Wherein the determining module 302 in fig. 3 has the same or similar function as the determining module 202 in fig. 2.
The embodiment of the present application provides a possible implementation manner, specifically, the vulnerability detection information includes a vulnerability code type, and the determining module 302 includes a first determining unit 3021;
the first determining unit 3021 is configured to determine to push corresponding code quality improvement suggestions respectively based on different types of vulnerability codes.
According to the embodiment of the application, the corresponding code quality improvement suggestions are respectively pushed based on different vulnerability code types, so that the corresponding quality improvement suggestion information is automatically determined and pushed according to the code vulnerability types, the efficiency of determining the quality improvement suggestion information aiming at the target code is improved, and the labor cost is reduced.
The embodiment of the application provides a possible implementation manner, wherein the vulnerability code type comprises but is not limited to a security vulnerability, a red line vulnerability, a style vulnerability and other vulnerabilities;
specifically, the first determining unit 3021 is further configured to determine to push the information to be forcibly modified if the vulnerability code type is a security vulnerability or a red line vulnerability;
and determining to push the suggested modified information if the vulnerability code type is a style vulnerability or other vulnerabilities.
For the embodiment of the application, if the code vulnerability type is a security vulnerability or a red line vulnerability, the information of forced modification is determined to be pushed, and if the vulnerability code type is a style vulnerability or other vulnerabilities, the information of suggested modification is determined to be pushed, so that the corresponding quality improvement suggestion information is automatically determined to be pushed according to the code vulnerability type, the efficiency of determining the quality improvement suggestion information for the target code is improved, and the labor cost is reduced.
The embodiment of the present application provides a possible implementation manner, where the code repetition rate detection information includes code repetition rate information between the target code and the common library code, and specifically, the determining module 302 includes a second determining unit 3022;
a second determining unit 3022 configured to determine recommendation information for preferentially using the common library code, the recommendation information for preferentially using the common library code including code information of a code in which the target code is duplicated with the common library code.
For the embodiment of the application, if the target code contains a code which is repeated with a code in the public library, the recommendation information which preferentially uses the code of the public library is determined to be pushed so as to reduce the redundancy of the target code.
The embodiment of the application provides a possible implementation manner, wherein the code complexity information includes but is not limited to code information of a plurality of nested functional modules and code information of which the number of code lines exceeds a threshold number;
specifically, the determining module 302 is further configured to push suggestion information for splitting the function module based on code information of a plurality of nested function modules;
and/or pushing recommendation information for decomposing the number of code lines based on the code information that the number of code lines exceeds the threshold number.
For the embodiment of the application, the corresponding processing suggestion information is respectively determined and pushed based on the corresponding code complexity information so as to be used for improving the readability of the target code, the automatic determination of the quality improvement suggestion information of the target code is realized, and the labor cost is reduced.
Compared with the prior art that quality improvement suggestions for codes are determined manually, the device for determining the code quality improvement suggestions based on the code evaluation information obtains the evaluation information of the target codes automatically generated by the code quality evaluation system, wherein the code quality evaluation system is used for automatically generating the evaluation information of the target codes comprising at least one of vulnerability detection information, code repetition rate detection information and code complexity information, and then determines the corresponding quality improvement suggestion information based on the obtained evaluation information of the target codes. According to the evaluation information of the automatically generated target code, the corresponding quality improvement suggestion information aiming at the target code is automatically determined, so that the quality improvement suggestion information of the target code is automatically determined, and the efficiency of determining the quality improvement suggestion information aiming at the target code is improved. In addition, the quality improvement suggestion information for the target code is automatically determined, and the determination of the quality improvement suggestion for the target code can be completed without related personnel, so that the labor cost for determining the quality improvement suggestion for the target code is reduced, subjective influence factors for manually determining the quality improvement suggestion for the target code are reduced, and the accuracy of the quality improvement suggestion for the target code is improved.
The code quality improvement suggestion determination apparatus based on code evaluation information of this embodiment may execute the code quality improvement suggestion determination method based on code evaluation information provided in the above embodiments of this application, and its implementation principles are similar, and are not described herein again.
An embodiment of the present application provides an electronic device, as shown in fig. 4, an electronic device 40 shown in fig. 4 includes: a processor 4001 and a memory 4003. Processor 4001 is coupled to memory 4003, such as via bus 4002. Further, the electronic device 40 may also include a transceiver 4004. In addition, the transceiver 4004 is not limited to one in practical applications, and the structure of the electronic device 400 is not limited to the embodiment of the present application.
The processor 4001 is applied in the embodiment of the present application, and is configured to implement the functions of the obtaining module and the determining module shown in fig. 2 or fig. 3. The transceiver 4004 includes a receiver and a transmitter.
Processor 4001 may be a CPU, general purpose processor, DSP, ASIC, FPGA or other programmable logic device, transistor logic device, hardware component, or any combination thereof. Which may implement or perform the various illustrative logical blocks, modules, and circuits described in connection with the disclosure. The processor 4001 may also be a combination that performs a computational function, including, for example, a combination of one or more microprocessors, a combination of a DSP and a microprocessor, or the like.
Bus 4002 may include a path that carries information between the aforementioned components. Bus 4002 may be a PCI bus, EISA bus, or the like. The bus 4002 may be divided into an address bus, a data bus, a control bus, and the like. For ease of illustration, only one thick line is shown in FIG. 4, but this does not indicate only one bus or one type of bus.
Memory 4003 may be, but is not limited to, a ROM or other type of static storage device that can store static information and instructions, a RAM or other type of dynamic storage device that can store information and instructions, an EEPROM, a CD-ROM or other optical disk storage, an optical disk storage (including compact disk, laser disk, optical disk, digital versatile disk, blu-ray disk, etc.), a magnetic disk storage medium or other magnetic storage device, or any other medium that can be used to carry or store desired program code in the form of instructions or data structures and that can be accessed by a computer.
The memory 4003 is used for storing application codes for executing the scheme of the present application, and the execution is controlled by the processor 4001. The processor 4001 is configured to execute application code stored in the memory 4003 to implement the functions of the code quality improvement suggestion determination device based on the code evaluation information provided by the embodiment shown in fig. 2 or fig. 3.
The embodiment of the application provides an electronic device suitable for the method embodiment. And will not be described in detail herein.
Compared with the prior art that quality improvement suggestions for codes are determined manually, the electronic equipment provided by the embodiment of the application obtains evaluation information of target codes automatically generated by a code quality evaluation system, wherein the code quality evaluation system is used for automatically generating evaluation information of the target codes including at least one of vulnerability detection information, code repetition rate detection information and code complexity information, and then determines corresponding quality improvement suggestion information based on the obtained evaluation information of the target codes. According to the evaluation information of the automatically generated target code, the corresponding quality improvement suggestion information aiming at the target code is automatically determined, so that the quality improvement suggestion information of the target code is automatically determined, and the efficiency of determining the quality improvement suggestion information aiming at the target code is improved. In addition, the quality improvement suggestion information for the target code is automatically determined, and the determination of the quality improvement suggestion for the target code can be completed without related personnel, so that the labor cost for determining the quality improvement suggestion for the target code is reduced, subjective influence factors for manually determining the quality improvement suggestion for the target code are reduced, and the accuracy of the quality improvement suggestion for the target code is improved.
The present application provides a computer-readable storage medium, on which a computer program is stored, and when the program is executed by a processor, the method shown in the above embodiments is implemented.
Compared with the prior art that quality improvement suggestions for codes are determined manually, the quality improvement suggestion determination method based on the code quality comprises the steps of obtaining evaluation information of target codes automatically generated by a code quality evaluation system, wherein the code quality evaluation system is used for automatically generating evaluation information of the target codes comprising at least one of vulnerability detection information, code repetition rate detection information and code complexity information, and then determining corresponding quality improvement suggestion information based on the obtained evaluation information of the target codes. According to the evaluation information of the automatically generated target code, the corresponding quality improvement suggestion information aiming at the target code is automatically determined, so that the quality improvement suggestion information of the target code is automatically determined, and the efficiency of determining the quality improvement suggestion information aiming at the target code is improved. In addition, the quality improvement suggestion information for the target code is automatically determined, and the determination of the quality improvement suggestion for the target code can be completed without related personnel, so that the labor cost for determining the quality improvement suggestion for the target code is reduced, subjective influence factors for manually determining the quality improvement suggestion for the target code are reduced, and the accuracy of the quality improvement suggestion for the target code is improved.
The embodiment of the application provides a computer-readable storage medium which is suitable for the method embodiment. And will not be described in detail herein.
It should be understood that, although the steps in the flowcharts of the figures are shown in order as indicated by the arrows, the steps are not necessarily performed in order as indicated by the arrows. The steps are not performed in the exact order shown and may be performed in other orders unless explicitly stated herein. Moreover, at least a portion of the steps in the flow chart of the figure may include multiple sub-steps or multiple stages, which are not necessarily performed at the same time, but may be performed at different times, which are not necessarily performed in sequence, but may be performed alternately or alternately with other steps or at least a portion of the sub-steps or stages of other steps.
The foregoing is only a partial embodiment of the present application, and it should be noted that, for those skilled in the art, various modifications and decorations can be made without departing from the principle of the present application, and these modifications and decorations should also be regarded as the protection scope of the present application.

Claims (10)

1. A method for determining a code quality improvement suggestion based on code evaluation information is characterized by comprising the following steps:
obtaining evaluation information of a target code automatically generated by a code quality evaluation system, wherein the code quality evaluation system is used for automatically generating the evaluation information of the target code comprising at least one of vulnerability detection information, code repetition rate detection information and code complexity information;
and determining corresponding quality improvement suggestion information based on the acquired evaluation information of the target code.
2. The method according to claim 1, wherein the vulnerability detection information includes a vulnerability code type, and the determining corresponding quality improvement suggestion information based on the obtained evaluation information of the target code includes:
and respectively determining and pushing corresponding code quality improvement suggestions based on different vulnerability code types.
3. The method of claim 2, wherein the vulnerability code types include at least one of security vulnerabilities, red line vulnerabilities, style vulnerabilities, and other vulnerabilities, and wherein determining to push corresponding code quality promotion suggestions based on different vulnerability code types, respectively, comprises:
if the vulnerability code type is a security vulnerability or a red line vulnerability, determining to push forcibly modified information;
and if the vulnerability code type is a style vulnerability or other vulnerabilities, determining to push suggested modified information.
4. The method of claim 1, wherein the code repetition rate detection information comprises code repetition rate information between a target code and a common library code, and wherein the determining corresponding quality improvement suggestion information based on the obtained evaluation information of the target code comprises:
and determining recommendation information for preferentially using the common library code, wherein the recommendation information for preferentially using the common library code comprises code information of a code of which the target code is repeated with the common library code.
5. The method according to claim 1, wherein the code complexity information includes at least one of code information of nesting a plurality of functional modules and code information of which the number of code lines exceeds a threshold number, and the determining of the corresponding quality improvement suggestion information based on the obtained evaluation information of the target code includes at least one of:
based on the code information of the nested functional modules, pushing suggestion information for splitting the functional modules;
and pushing suggestion information for decomposing the code line number based on the code information of which the code line number exceeds the threshold value number.
6. An apparatus for determining a code quality improvement suggestion based on code evaluation information, comprising:
the system comprises an acquisition module, a judgment module and a processing module, wherein the acquisition module is used for acquiring evaluation information of a target code automatically generated by a code quality evaluation system, and the code quality evaluation system is used for automatically generating the evaluation information of the target code comprising at least one of vulnerability detection information, code repetition rate detection information and code complexity information;
and the determining module is used for determining corresponding quality improvement suggestion information based on the evaluation information of the target code acquired by the acquiring module.
7. The apparatus of claim 6, wherein the vulnerability detection information comprises a vulnerability code type, and wherein the determination module comprises a first determination unit;
the first determining unit is used for respectively determining and pushing corresponding code quality improvement suggestions based on different vulnerability code types.
8. The apparatus of claim 7, wherein the vulnerability code type comprises at least one of a security vulnerability, a red line vulnerability, a style vulnerability, other vulnerabilities;
the first determining unit is further configured to determine to push forcibly modified information if the vulnerability code type is a security vulnerability or a red line vulnerability;
and if the vulnerability code type is a style vulnerability or other vulnerabilities, determining to push suggested modified information.
9. An electronic device, comprising:
one or more processors;
a memory;
one or more applications, wherein the one or more applications are stored in the memory and configured to be executed by the one or more processors, the one or more programs configured to: executing the method for determining a code quality improvement suggestion based on code evaluation information according to any one of claims 1 to 5.
10. A computer-readable storage medium for storing computer instructions which, when executed on a computer, enable the computer to perform the method for determining a code quality improvement suggestion based on code evaluation information of any one of the preceding claims 1 to 5.
CN201811644110.6A 2018-12-29 2018-12-29 Method and device for determining code quality improvement suggestion and electronic equipment Pending CN111382443A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201811644110.6A CN111382443A (en) 2018-12-29 2018-12-29 Method and device for determining code quality improvement suggestion and electronic equipment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201811644110.6A CN111382443A (en) 2018-12-29 2018-12-29 Method and device for determining code quality improvement suggestion and electronic equipment

Publications (1)

Publication Number Publication Date
CN111382443A true CN111382443A (en) 2020-07-07

Family

ID=71216626

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201811644110.6A Pending CN111382443A (en) 2018-12-29 2018-12-29 Method and device for determining code quality improvement suggestion and electronic equipment

Country Status (1)

Country Link
CN (1) CN111382443A (en)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101261604A (en) * 2008-04-09 2008-09-10 中兴通讯股份有限公司 Software quality evaluation apparatus and software quality evaluation quantitative analysis method
CN106598842A (en) * 2016-11-10 2017-04-26 乐视控股(北京)有限公司 Code detection method and device and electronic equipment
CN107239396A (en) * 2017-05-11 2017-10-10 东南大学 A kind of Software Evolution appraisal procedure measured based on code cyclomatic complexity
CN108804323A (en) * 2018-06-06 2018-11-13 中国平安人寿保险股份有限公司 Code quality monitoring method, equipment and storage medium

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101261604A (en) * 2008-04-09 2008-09-10 中兴通讯股份有限公司 Software quality evaluation apparatus and software quality evaluation quantitative analysis method
CN106598842A (en) * 2016-11-10 2017-04-26 乐视控股(北京)有限公司 Code detection method and device and electronic equipment
CN107239396A (en) * 2017-05-11 2017-10-10 东南大学 A kind of Software Evolution appraisal procedure measured based on code cyclomatic complexity
CN108804323A (en) * 2018-06-06 2018-11-13 中国平安人寿保险股份有限公司 Code quality monitoring method, equipment and storage medium

Similar Documents

Publication Publication Date Title
US20200134046A1 (en) Compression of Log Data Using Field Types
US20200134029A1 (en) Compression of Log Data Using Pattern Recognition
CN108228443B (en) Web application testing method and device
CN106648839B (en) Data processing method and device
CN111258905A (en) Defect positioning method and device, electronic equipment and computer readable storage medium
US10990073B2 (en) Program editing device, program editing method, and computer readable medium
CN111897711A (en) Method and device for positioning bug in code, electronic equipment and readable storage medium
CN113468905B (en) Graphic code identification method, graphic code identification device, computer equipment and storage medium
CN110727691A (en) Data analysis and verification method and device
US8769498B2 (en) Warning of register and storage area assignment errors
US9880813B2 (en) RTE code generating method and apparatus performing the same
CN111382052A (en) Code quality evaluation method and device and electronic equipment
CN110162729B (en) Method and device for establishing browser fingerprint and identifying browser type
CN111898759A (en) Knowledge base updating method and device, electronic equipment and readable storage medium
US20130103718A1 (en) Memory pattern searching via displaced-read memory addressing
CN111382443A (en) Method and device for determining code quality improvement suggestion and electronic equipment
US9436587B2 (en) Test context generation
CN114897723B (en) Image generation and noise adding method based on generation type countermeasure network
US9256398B2 (en) Device and method of increasing dynamically-typed software efficiency
CN115509904A (en) Assertion generation method and device of interface test case
CN110716866A (en) Code quality scanning method and device, computer equipment and storage medium
CN106293620B (en) The method of parameter in intel detection of platform Flash Rom
CN109634844B (en) JS code testing method and device and electronic equipment
CN109213526B (en) Method and apparatus for determining processor operation
CN111078574A (en) Method and device for generating influence analysis report

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination