CN113672512A - Code inspection rule generating method, code inspection method, device and medium - Google Patents

Code inspection rule generating method, code inspection method, device and medium Download PDF

Info

Publication number
CN113672512A
CN113672512A CN202110963180.3A CN202110963180A CN113672512A CN 113672512 A CN113672512 A CN 113672512A CN 202110963180 A CN202110963180 A CN 202110963180A CN 113672512 A CN113672512 A CN 113672512A
Authority
CN
China
Prior art keywords
code
rule
defect
repair
original
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202110963180.3A
Other languages
Chinese (zh)
Inventor
邹丰阳
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Taikang Insurance Group Co Ltd
Taikang Online Property Insurance Co Ltd
Original Assignee
Taikang Insurance Group Co Ltd
Taikang Online Property Insurance Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Taikang Insurance Group Co Ltd, Taikang Online Property Insurance Co Ltd filed Critical Taikang Insurance Group Co Ltd
Priority to CN202110963180.3A priority Critical patent/CN113672512A/en
Publication of CN113672512A publication Critical patent/CN113672512A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/36Preventing errors by testing or debugging software
    • G06F11/362Software debugging
    • G06F11/3628Software debugging of optimised code
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F8/00Arrangements for software engineering
    • G06F8/40Transformation of program code
    • G06F8/41Compilation
    • G06F8/42Syntactic analysis
    • G06F8/427Parsing

Abstract

The disclosure relates to the technical field of computers, and provides a code inspection rule generation method and device, a code inspection method and device, a computer readable storage medium and an electronic device. The code inspection rule generation method comprises the following steps: acquiring an original code and a repair code corresponding to the code defect based on the code defect in the code test result; performing code difference analysis on an original code and a repaired code corresponding to the code defect, and determining a code difference type corresponding to the code defect; and according to the code difference type, performing character scanning on the original code or the repair code corresponding to the code defect to generate a code inspection rule. According to the code defect detection method and device, the code detection rules can be automatically generated based on the codes before and after the repair corresponding to the obtained code defects, and therefore the code detection efficiency and accuracy are improved.

Description

Code inspection rule generating method, code inspection method, device and medium
Technical Field
The present disclosure relates to the field of computer technologies, and in particular, to a code inspection rule generation method, a code inspection rule generation apparatus, a code inspection method, a code inspection apparatus, a computer-readable storage medium, and an electronic device.
Background
In software testing, in order to reduce the cost of finding code defects during testing, code inspection (i.e., code scanning) is usually performed before performing testing, and the code scanning is to match system source codes according to predefined code rules, so as to find code defects or codes that do not meet specifications.
In the related art, the rules of code scanning mainly derive from code rules provided by mainstream code scanning tools (such as SonarQube official code rules) and open source code standards provided inside large enterprises.
However, the code checking rules from both sources are generated manually according to actual experience, so that the efficiency is low, and the generated code checking rules are general code checking rules biased to the basic grammar rules, so that the accuracy of code checking is low.
It is to be noted that the information disclosed in the above background section is only for enhancement of understanding of the background of the present disclosure, and thus may include information that does not constitute prior art known to those of ordinary skill in the art.
Disclosure of Invention
The present disclosure is directed to a code check rule generation method and apparatus, a code check method and apparatus, a computer-readable storage medium, and an electronic device, which improve the problems of low efficiency and low accuracy of code check rule generation at least to some extent.
Additional features and advantages of the disclosure will be set forth in the detailed description which follows, or in part will be obvious from the description, or may be learned by practice of the disclosure.
According to a first aspect of the present disclosure, there is provided a code inspection rule generation method, including:
acquiring an original code and a repair code corresponding to the code defect based on the code defect in the code test result;
performing code difference analysis on an original code and a repaired code corresponding to the code defect, and determining a code difference type corresponding to the code defect;
according to the code difference type, performing character scanning on an original code or a repair code corresponding to the code defect to generate a code inspection rule;
wherein the code difference type comprises one or more of code addition, code modification and code deletion.
In an exemplary embodiment of the disclosure, based on the foregoing scheme, the performing, according to the code difference type, a character scan on an original code or a repair code corresponding to the code defect to generate a code check rule includes:
when the code difference type is code addition, performing character scanning on a repair code corresponding to the code defect to generate a code check rule;
when the code difference type is code modification, performing character scanning on an original code corresponding to the code defect to generate a code inspection rule;
and when the code difference type is code deletion, performing character scanning on the original code corresponding to the code defect to generate a code check rule.
In an exemplary embodiment of the present disclosure, based on the foregoing scheme, the performing character scanning on the original code or the repair code corresponding to the code defect to generate the code inspection rule corresponding to the code defect includes:
and according to the character sequence of the original code or the repair code, performing character scanning on the original code or the repair code to generate a code check rule.
In an exemplary embodiment of the disclosure, based on the foregoing scheme, the character scanning the original code or the repair code according to the character sequence of the original code or the repair code to generate a code check rule includes:
and when the scanned characters are keywords or symbols in the program language to which the code belongs, reserving the scanned characters, otherwise, replacing the scanned characters with preset general characters to generate a code check rule.
In an exemplary embodiment of the present disclosure, based on the foregoing scheme, the method further includes:
when the variable in the original code or the repair code corresponding to the code defect is successfully matched with a preset service variable, determining the code check rule as a service-related code check rule;
matching the service related code check rule with the existing service related code check rule in a preset service code rule base;
and when the matching fails, adding the service related code check rule into the service code rule base so as to update the service code rule base.
In an exemplary embodiment of the present disclosure, based on the foregoing scheme, the method further includes:
when the matching of the variables in the original code or the repair code corresponding to the code defect and the preset service variable fails, determining that the code check rule is a general code check rule;
matching the general code check rule with an existing code check rule in a code check tool;
and when the matching fails, adding the universal code check rule into a preset universal code rule base so as to update the universal code rule base.
In an exemplary embodiment of the present disclosure, based on the foregoing scheme, the obtaining, based on a code defect in a code test result, an original code and a repair code corresponding to the code defect includes:
acquiring an original code and a repair code corresponding to the code defect of the preset defect type based on the defect type of the code defect in the code test result;
the preset defect type comprises one or more of a functional error defect, a security vulnerability defect and a performance defect.
According to a second aspect of the present disclosure, there is provided a code inspection method including:
responding to a code checking instruction, and acquiring a code to be checked;
scanning the code to be checked based on a code checking rule in a code rule base to generate a code checking report corresponding to the code to be checked;
wherein code checking rules in the code rule base include the code checking rules generated according to the method of any one of claims 1 to 7.
According to a third aspect of the present disclosure, there is provided a code inspection rule generation apparatus including:
the code before and after repair acquisition module is configured to acquire an original code and a repair code corresponding to a code defect based on the code defect in a code test result;
the code difference analysis module is configured to perform code difference analysis on an original code and a repaired code corresponding to the code defect and determine a code difference type corresponding to the code defect;
the code inspection rule generating module is configured to perform character scanning on an original code or a repair code corresponding to the code defect according to the code difference type to generate a code inspection rule;
wherein the code difference type comprises one or more of code addition, code modification and code deletion.
According to a fourth aspect of the present disclosure, there is provided a code inspection apparatus including:
a code to be checked acquisition module configured to acquire a code to be checked in response to a code check instruction;
the code checking module is configured to scan the code to be checked based on code checking rules in a code rule base so as to generate a code checking report corresponding to the code to be checked;
wherein code checking rules in the code rule base include the code checking rules generated according to the method of any one of claims 1 to 7.
According to a fifth aspect of the present disclosure, there is provided a computer-readable storage medium, on which a computer program is stored, which when executed by a processor, implements the code inspection rule generation method according to the first aspect and/or the code inspection method according to the second aspect of the embodiments described above.
According to a sixth aspect of an embodiment of the present disclosure, there is provided an electronic apparatus including: a processor; and a storage device for storing one or more programs which, when executed by the one or more processors, cause the one or more processors to implement the code inspection rule generation method according to the first aspect and/or the code inspection method according to the second aspect of the embodiments.
As can be seen from the foregoing technical solutions, the code check rule generation method, the code check rule generation apparatus, the code check method, the code check apparatus, and the computer-readable storage medium and the electronic device implementing the code check rule generation method and/or the code check method in the exemplary embodiments of the present disclosure have at least the following advantages and positive effects:
in the technical solutions provided in some embodiments of the present disclosure, first, codes before and after repair corresponding to a code defect, that is, a code before repair and a repair code after repair, are obtained based on the code defect in a code test result, then, a code difference type corresponding to the code defect is determined by performing code difference analysis on the codes before and after repair corresponding to the code defect, and finally, a character scan is performed on an original code or the repair code corresponding to the code defect based on the code difference type, so as to automatically extract a code inspection rule. Compared with the prior art, on one hand, the code difference analysis method based on the code test result can automatically extract the code check rule by analyzing the code difference of the codes before and after the repair corresponding to the tested code defect, so that the generation efficiency of the code check rule can be improved; on the other hand, the code inspection rule is generated based on the code defects in the code test result, and the code inspection rule corresponding to the code defects related to the requirements solved by the code or the processed services can be extracted, so that the personalized code inspection rule can be generated, and the code inspection accuracy can be improved.
It is to be understood that both the foregoing general description and the following detailed description are exemplary and explanatory only and are not restrictive of the disclosure.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments consistent with the present disclosure and together with the description, serve to explain the principles of the disclosure. It is to be understood that the drawings in the following description are merely exemplary of the disclosure, and that other drawings may be derived from those drawings by one of ordinary skill in the art without the exercise of inventive faculty.
FIG. 1 is a flow diagram illustrating a method for generating code inspection rules in an exemplary embodiment of the present disclosure;
FIG. 2 illustrates a flow diagram of a method for adding generated code checking rules to a code rule base in an exemplary embodiment of the present disclosure;
FIG. 3 illustrates a flow diagram of a method of extracting code inspection rules based on code defect analysis in an exemplary embodiment of the present disclosure;
FIG. 4 illustrates a flow diagram of a code inspection method in an exemplary embodiment of the present disclosure;
FIG. 5 is a flow diagram illustrating a method for code inspection based on code defect analysis in an exemplary embodiment of the present disclosure;
FIG. 6 is a schematic structural diagram of a code inspection rule generation apparatus according to an exemplary embodiment of the present disclosure;
FIG. 7 shows a schematic structural diagram of a code inspection apparatus in an exemplary embodiment of the present disclosure;
FIG. 8 shows a schematic diagram of a structure of a computer storage medium in an exemplary embodiment of the disclosure; and the number of the first and second groups,
fig. 9 shows a schematic structural diagram of an electronic device in an exemplary embodiment of the present disclosure.
Detailed Description
Example embodiments will now be described more fully with reference to the accompanying drawings. Example embodiments may, however, be embodied in many different forms and should not be construed as limited to the examples set forth herein; rather, these embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the concept of example embodiments to those skilled in the art. The described features, structures, or characteristics may be combined in any suitable manner in one or more embodiments. In the following description, numerous specific details are provided to give a thorough understanding of embodiments of the disclosure. One skilled in the relevant art will recognize, however, that the subject matter of the present disclosure can be practiced without one or more of the specific details, or with other methods, components, devices, steps, and the like. In other instances, well-known technical solutions have not been shown or described in detail to avoid obscuring aspects of the present disclosure.
The terms "a," "an," "the," and "said" are used in this specification to denote the presence of one or more elements/components/parts/etc.; the terms "comprising" and "having" are intended to be inclusive and mean that there may be additional elements/components/etc. other than the listed elements/components/etc.; the terms "first" and "second", etc. are used merely as labels, and are not limiting on the number of their objects.
Furthermore, the drawings are merely schematic illustrations of the present disclosure and are not necessarily drawn to scale. The same reference numerals in the drawings denote the same or similar parts, and thus their repetitive description will be omitted. Some of the block diagrams shown in the figures are functional entities and do not necessarily correspond to physically or logically separate entities.
In the software testing process, in order to reduce the cost of finding defects, code inspection, i.e., code scanning, is usually performed before the test is performed. The code scanning is to match the system source code according to the predefined code rule, and further find the code defect or the code not meeting the specification.
In the related art, the rules for code scanning mainly derive from code rules provided by mainstream code scanning tools (such as code rules provided by SonarQube official), and open source code rule standards provided inside large enterprises.
However, the code checking rules from these two sources have the following problems: firstly, the code rule is general and is biased to a basic grammar rule, so that an individualized code check rule cannot be provided for a code corresponding to a certain service system, and the code check accuracy is low; secondly, the code rule is fixed and unchangeable, even if the user-defined code rule is added, much labor cost is wasted to make and generate the user-defined code rule, and automatic generation and extraction of the code check rule cannot be realized, so that the generation efficiency of the code check rule is low.
In an embodiment of the present disclosure, a code rule generating method is first provided, which overcomes, at least to some extent, the above-mentioned drawbacks in the related art.
Fig. 1 shows a flowchart of a code rule generation method in an exemplary embodiment of the present disclosure, and referring to fig. 1, the method includes:
step S110, based on the code defect in the code test result, obtaining an original code and a repair code corresponding to the code defect;
step S120, carrying out code difference analysis on the original code and the repaired code corresponding to the code defect, and determining the code difference type corresponding to the code defect;
step S130, according to the code difference type, performing character scanning on the original code or the repair code corresponding to the code defect to generate a code check rule;
wherein the code difference type comprises one or more of code addition, code modification and code deletion.
In the technical scheme provided in the embodiment shown in fig. 1, first, codes before and after repair corresponding to a code defect, that is, a code before repair and a repair code after repair, are obtained based on the code defect in a code test result, then, a code difference type corresponding to the code defect is determined by performing code difference analysis on the codes before and after repair corresponding to the code defect, and finally, an original code or the repair code corresponding to the code defect is subjected to character scanning based on the code difference type, so as to automatically extract a code inspection rule. Compared with the prior art, on one hand, the code difference analysis method based on the code test result can automatically extract the code check rule by analyzing the code difference of the codes before and after the repair corresponding to the tested code defect, so that the generation efficiency of the code check rule can be improved; on the other hand, the code inspection rule is generated based on the code defects in the code test result, and the code inspection rule corresponding to the code defects related to the requirements solved by the code or the processed services can be extracted, so that the personalized code inspection rule can be generated, and the code inspection accuracy can be improved.
The following detailed description of the various steps in the example shown in fig. 1:
in step S110, based on the code defect in the code test result, the original code and the repair code corresponding to the code defect are acquired.
In an exemplary embodiment, the code test result in the present disclosure may include a test result of a code corresponding to a certain requirement in a certain service. For example, for a certain service, it may continuously perform requirement update in the development process to add different functions, and after a certain requirement test passes, a defect list of the requirement may be obtained from the project management system to obtain a code defect in the code test result.
For example, the specific implementation manner of step S110 may be to obtain the original code and the repair code corresponding to the code defect of the preset defect type based on the defect type of the code defect in the code test result. The preset defect type comprises one or more of a functional error defect, a security vulnerability defect and a performance defect.
For example, after acquiring a required defect list from the project management system, the defect types in the defect list may be screened, the defects of the preset defect types may be retained, and the defects of the non-preset defect types may be removed. The defect of the preset defect type can be understood as an effective defect, namely a defect caused by a service code error, wherein the defect type is a defect in the case of a functional error, a security vulnerability or a performance problem. Defects of non-preset defect types can be understood as invalid defects, namely defects that a code running environment or a requirement solved by the code has a problem, such as defects when the defect types are requirement problems, environment problems and data problems. As for the defects in the following table 1, the defects numbered 1, 2, 3, and 4 are reserved, that is, for the defects numbered 1, 2, 3, and 4, the original code and the repair code corresponding thereto are respectively obtained to respectively generate the code inspection rule corresponding to each defect.
TABLE 1 Defect List for a requirement
Figure BDA0003222997300000081
In an exemplary embodiment, the original code may be understood as a code before a code defect of a preset defect type is repaired, and the repair code may be understood as a code after the code defect is repaired. The original code and the repair code may be understood as code segments, that is, original code segments and repair code segments corresponding to code defects, for example, code segments composed of code whose line number difference from the code with defects is within a preset threshold value.
It should be noted that in the present disclosure, both the original code and the repair code are source code, i.e., not compiled by the compiler.
For example, after a business requirement is tested, a code defect found during the testing process on behalf of the business requirement is repaired. Therefore, for each code defect belonging to the preset defect type in the defect list corresponding to the service requirement, the original code before repair and the repaired code after repair corresponding to the code defect can be obtained.
After the code defect is repaired, the repaired code may be submitted in a code version management system. In order to obtain the codes before and after the repair corresponding to the code defects conveniently, the annotation format for submitting the repair codes can be unified in advance, so that developers can submit the annotations to the repair codes according to the preset annotation format.
Taking the code version management performed by the Gitlab (Gitlab is an open source project for the warehouse management system, and Web service built on the basis of Git as a code management tool) as an example, the combination of the defect number and the repair code function description can be used as a preset annotation format when the repair code is submitted, that is, the preset annotation format may be: bugfix + defect number + remarks (i.e. repair code function description). For example, the annotation format of the code repair commit record with the defect number of 1 may be: bugfix +1+ modifying the judgment mode, that is, the repair code represents that the repair code is a repair code corresponding to a defect with a defect number of 1, and the function of the repair code is modifying the judgment mode. In this way, the submission records of the defect number and the repair code can be associated, so that the original code and the repair code corresponding to the defect can be acquired through the defect number.
Next, in step S120, a code difference analysis is performed on the original code and the repair code corresponding to the code defect, and a code difference type corresponding to the code defect is determined.
Illustratively, after the original code and the repair code corresponding to the code defect are obtained, difference analysis may be performed on the original code and the repair code to determine a code difference type corresponding to the code defect.
And the code difference type corresponding to each code defect is one of code addition, code modification and code deletion.
For example, the original code corresponding to the code defect may be compared with the repair code, and then the code difference type corresponding to the code defect may be determined. For example, when a code that is not present in the original code appears in the repair code, the code difference type may be determined as code addition; when the original code is annotated out of the corresponding repair code, the code difference type may be determined to be code deletion; when the characters in a certain line of codes of the original code and the repair code are not completely consistent, the code difference type can be determined as code modification. The code difference analysis may be performed using an existing code difference analysis tool, which is not described in detail in this exemplary embodiment.
With continued reference to fig. 1, in step S130, according to the code difference type, a character scan is performed on the original code or the repair code corresponding to the code defect to generate a code check rule.
After the code difference type is determined, according to the determined code difference type, character scanning can be performed on the original code or the repair code corresponding to the code defect, so that a code inspection rule is determined.
For example, the specific implementation manner of step S130 may be that, when the code difference type is code addition, character scanning is performed on the repair code corresponding to the code defect to generate a code check rule; when the code difference type is code modification, performing character scanning on an original code corresponding to the code defect to generate a code inspection rule; and when the code difference type is code deletion, performing character scanning on the original code corresponding to the code defect to generate a code check rule.
For example, for the code difference type of code addition, character scanning can be performed on a newly added code in the repair code, so as to generate a code check rule, so that when the newly added code appears in subsequent service requirements, the generated code check rule can be used for scanning and checking the newly added code in the subsequent service requirements before testing; for the code difference type is code modification, character scanning can be carried out on the original code so as to generate a code check rule, and therefore when other codes are subjected to scanning check, the generated code check rule can be used for scanning whether the original codes have the same defects or not; for the code difference type of code deletion, the original code may be subjected to character scanning to generate a code check rule, so that when the service codes of other versions of the same service code are scanned, whether the original code has been deleted or not may be judged to determine whether a defect exists or not.
For example, the character scanning is performed on the original code or the repair code corresponding to the code defect to generate the code inspection rule corresponding to the code defect, including: and according to the character sequence of the original code or the repair code, performing character scanning on the original code or the repair code to generate a code check rule.
In an exemplary embodiment, performing a character scan on the original code or the repair code according to a character order of the original code or the repair code to generate a code check rule includes: and when the scanned characters are keywords or symbols in the program language to which the code belongs, reserving the scanned characters, otherwise, replacing the scanned characters with preset general characters to generate a code check rule.
For example, the original code or the repair code may be scanned for characters based on a manner similar to a compiling process of the programming language itself, if the scanned and matched characters are keywords or symbols in the programming language to which the code itself belongs, the characters are retained, and if the scanned and matched characters do not belong to the keywords or symbols in the programming language to which the code itself belongs, that is, the scanned characters can be considered as custom variables in the code, the scanned characters may be replaced with preset general characters, for example, characters like "variables" words replace the scanned custom variables. The character sequence in the finally generated scanning rule is consistent with the sequence in the original code or the repair code, that is, if the original code is scanned, the character sequence in the generated scanning rule is consistent with the original character sequence in the original code, and if the repair code is scanned, the character sequence in the generated scanning rule is consistent with the character sequence in the repair code.
As shown in table 2, the difference code in table 2 may be understood as an original code or a repair code, for example, the code "if (a ═ 1)" in table 2 is used, when scanning characters, based on a manner similar to the compiling process of the programming language itself, according to the character sequence in the code, i is scanned first, then the scanned i and the keywords in the java language are matched, some candidate keywords with the first character i may be matched, i may be determined as a character in the keyword of the pending programming language, then when f is scanned, if as a whole may be matched with the keywords in the java language, and if is found to be successfully matched with if, then the character if composed of the characters i and f may be determined as a keyword in the java language to which the code belongs, so that it is retained, and similarly, the subsequently scanned characters may be subjected to keyword or symbol matching, when the matching is unsuccessful, the variable is determined to be a self-defined variable, and if the character a is scanned, the variable can be determined to be the self-defined variable, so that the variable character can be used for replacing the character a, and the position of the variable character in a code check rule generated by analyzing the scanned code is kept consistent with the position of the character a in the original code.
Table 2 example code inspection rules scanned
Figure BDA0003222997300000111
Figure BDA0003222997300000121
After the code check rule is generated, the generated code check rule can be added and stored in the code rule base so as to perform scanning check before testing on other codes based on the code check rule in the code rule base.
For example, fig. 2 shows a flowchart of a method for adding generated code checking rules to a code rule base in an exemplary embodiment of the present disclosure. Referring to fig. 2, the method may include steps S201 to S212. Wherein:
in step S201, a variable in an original code or a repair code corresponding to a code defect is matched with a preset service variable.
For example, when the original code is subjected to character scanning to generate the code check rule, the variable identifier and the preset business variable identifier in the scanned original code may be subjected to character matching, for example, the variable name and the preset business variable name in the original code are subjected to character matching. Similarly, when the repair code is subjected to character scanning to generate the code check rule, the variable identifier in the scanned repair code and the preset service variable identifier may be subjected to character matching.
For example, in order to determine whether the generated code check rule is a code check rule related to a service, a preset service variable identifier library may be generated according to a preset service variable identifier. And then traversing the preset service variable identification library, and matching the variable identification in the original code or the repair code corresponding to the code defect with the preset service variable identification in the preset service variable identification library one by one.
Next, in step S202, it is determined whether the matching is successful, and if the matching is successful, the process goes to step S203 to step S207, and if the matching is failed, the process goes to step S208 to step S212.
For example, it may be determined in step S202 whether the variable name preset service variable name in the original code or the repair code corresponding to the code defect is successfully matched. If the matching is successful, it indicates that the currently generated code check rule is a code check rule related to the service, i.e. the processing may go to step S203 to step S207, otherwise, it may indicate that the currently generated code check rule is a general code check rule unrelated to the service, and the processing may go to step S208 to step S212.
In step S203, the code check rule is determined to be a service-related code check rule.
In an exemplary embodiment, a business related code check rule may be understood as a code check rule that may only be used in code scanning of different versions of the business, which may not be applicable to code scanning checking of other businesses.
In step S204, the service-related code check rule is matched with an existing service-related code check rule in a preset service code rule base.
For example, when the generated code check rule is determined to be a service-related code check rule, the service-related code check rule may be further character-matched with a service-related code check rule already existing in the service code rule base to perform deduplication processing.
In step S205, it is determined whether the matching is successful, and if the matching is unsuccessful, the process goes to step S206, otherwise, the process goes to step S207.
For example, it may be determined in step S205 whether the service-related code check rule is successfully matched with an existing service-related code check rule in the service code rule base. If the matching fails, it indicates that the service-related code check rule is not stored in the service code rule base, the process may go to step S206, and if the matching succeeds, it indicates that the service-related code check rule is stored in the service code rule base, the process may go to step S207.
In step S206, the service-related code check rule is added to the service code rule base to update the service code rule base.
When the service-related code check rule is not stored in the service code rule base, it may be added to the service code rule base in step S206, so as to update the service code rule base.
In step S207, the business code rule base is not updated.
When the currently generated service-related code check rule is stored in the service code rule base, the service-related code check rule can be abandoned, that is, the currently generated service-related code check rule does not need to be added into the service code rule base, so that the service code rule base can be subjected to deduplication processing.
In step S208, the code check rule is determined to be a generic code check rule.
For example, when matching of the variable name preset service variable name in the original code or the repair code corresponding to the code defect fails, the code check rule corresponding to the code defect may be determined to be a general code check rule. The general code check rule may be understood as a code check rule corresponding to a code defect that is not specific to the service code, such as a code check rule corresponding to a semantic or syntax defect, which may be applied to any service code check.
Next, in step S209, the generic code check rule is matched with an existing code check rule in the code check tool.
For example, when the generated code check rule is determined to be a universal code check rule, it may be character matched with the existing universal code check rule in the code check tool. The code inspection tool may include any existing code inspection tool such as sonarQube, among others.
In step S210, it is determined whether the matching is successful, and if the matching is unsuccessful, the process goes to step S211, otherwise, the process goes to step S212.
For example, it may be determined in step S210 whether the generic code checking rule matches successfully with an existing code checking rule already stored in an existing code checking tool. If the matching is successful, go to step S212, otherwise, go to step S211.
In step S211, the universal code check rule is added to a preset universal code rule base to update the universal code rule base.
When the common code check rule fails to match with the existing code check rule already stored in the existing code check tool, indicating that the code check rule is not stored in the existing code check tool, the code check rule can be added to a preset common code rule base to expand the common code check rule in the code check tool.
It should be noted that, when the common code check rule is a match failure with an existing code check rule already stored in an existing code check tool, it indicates that the code check rule is not stored in the existing code check tool, but it is not determined whether the common code check rule is stored in a preset common code rule base, so that it may be continuously matched with a code rule in the preset common code rule base, if the match failure still occurs, it indicates that the currently generated common code check rule is not stored in the preset common code rule base, and it may be stored in the common code rule base, otherwise, it may not be stored, and further, the deduplication processing of the common code check rule in the common code rule base is implemented.
In step S212, the common code rule base is not updated.
When the universal code check rule is successfully matched with the existing code check rule already stored in the existing code check tool, the code check rule is indicated to be already stored in the existing code check tool, and the code check rule does not need to be stored additionally, so that the universal code rule base does not need to be updated. In other words, when the general code check rule is already stored in the existing code check tool, the generated code check rule can be abandoned and not stored repeatedly, so that occupation and waste of storage resources can be avoided.
Through the above steps S201 to S212, the code check rule related to the business can be stored in the business code rule base, and the universal code check rule that is not related to the business but is not included in the existing code check tool can be stored in the universal code rule base. Therefore, for the same service, the accuracy of checking the codes of the subsequent versions of the service can be improved through the service related code checking rules in the service code rule base; the universal code check rules in the universal code rule base can be shared and used among different businesses, and the code check accuracy can also be improved.
Meanwhile, by distinguishing the service code rule base from the universal code rule base, a user can reasonably select the code check rule when scanning the codes, and the code check efficiency is improved. For example, for code inspection of the business 1, code scanning inspection can be performed on the code by using the code inspection rules in the general code rule base and the business code rule base corresponding to the business 1, and the code inspection rules in the business code rule bases corresponding to other businesses do not need to be used for code inspection of the business 1, so that an invalid code inspection rule matching process is avoided, and the code inspection efficiency and accuracy are improved.
It should be noted that, for most generated code check rules, whether the generated code check rules belong to the business-related code check rules or the common code check rules can be accurately determined through the step S201, but for some special code check rules which match the preset business variables but are checked to be not defects of the business-related operations, a misjudgment situation may occur, so the determined business character code check rules and the common code check rules can be manually verified to ensure the accuracy of the attributes of the code check rules in storage. Although it needs to be verified in combination with manual work, compared with the method that requires all manual work to distinguish, the labor cost is saved and the efficiency is improved by the step S201.
Furthermore, after the code check rule is generated, whether the code check rule is a service-related code check rule or a general code check rule is not distinguished, only whether the currently generated code check rule is stored in the code rule base is judged, and if the currently generated code check rule is not stored, the generated code check rule is directly stored in the code rule base.
In an exemplary embodiment, after the original code or the repair code corresponding to the code defect is subjected to character scanning according to the code difference type in step S130, an initial code check rule is obtained, and the initial code check rule can be understood as a feature corresponding to the code defect, and the feature needs to be manually processed according to the function of the repair code corresponding to the code defect to generate a final code check rule which can be directly used for code scanning.
For example, for a certain code defect with a defect number of 0026068, the code submission comment for repairing the code is "bugfix +0026068+ claim responsibility is empty-time claim insurance responsibility", and the original code before modification corresponding to the code defect is acquired based on the defect number of 0026068 is:
Figure BDA0003222997300000161
acquiring the modified repair code corresponding to the code defect based on the defect number 0026068 as follows:
Figure BDA0003222997300000162
obtaining the code difference type corresponding to the code defect through code difference analysis as code addition, and obtaining an initial code inspection rule through character scanning of the repaired code, namely the defect characteristic corresponding to the code defect is as follows: string variable 1 ═ String variable 2.getClass (), and then processed manually, the final code check rule can be obtained as: if "String variable 1 ═ 2 (String) variable getClass ()" is matched, then it is checked whether variable 1 has a null, and if not, it is suggested that Bugs (i.e., code errors) may occur.
Meanwhile, although the variable "clicidtycode" in the repair code corresponding to the code defect belongs to a preset business variable, from the function of the code check rule, the variable is only subjected to a judgment check, and the business-related operation is not checked, so that the variable can be determined to be a general code check rule unrelated to the business after being manually verified.
Further, whether the general code check rule is the existing code check rule in the existing code check tool can be continuously judged, if not, the general code check rule is stored in a storage mode, and if so, the code check rule can be abandoned, so that the storage is saved.
Specifically, for a rule that "if the" String variable 1 ═ 2.getClass () "is matched, whether the variable 1 has a null, and if the variable has no null, a bug (i.e., a code error) is prompted, the rule is to check for the case of null pointer exception, and the rule actually exists in the FindBugs tool, that is, the rule does not need to be added to a preset universal code rule base.
For another example, for a code defect with a defect number of 0026080, the code submission notation for its repair code is: the bugfix +0026080+ medical bill information when the report is cancelled and the report is transferred to the initial review is obtained based on the defect number 0026080, and the original code before modification corresponding to the code defect is:
// store drug information and prescription audit information
claimInfoMedicalEditService.saveRegistDrugInfo(gcCaseMainDto);
Acquiring the modified repair code corresponding to the code defect based on the defect number 0026080 as follows: /
Storing medicine information and prescription audit information
//claimInfoMedicalEditService.saveRegistDrugInfo(gcCaseMainDto);
The code difference type corresponding to the code defect is obtained through code difference analysis to be code deletion, namely, the code ' claimlnfimedicaldendirvice.saveregittduginfo ' (gccasemaindidto) ' is annotated out in the repair code, namely, the code is deleted in the repair code. By scanning the original code, the initial code inspection rule can be obtained, that is, the defect characteristics corresponding to the code defects are as follows: the claimlnfimediutangsavereginstdrug (parameter 1), which is processed according to the description of the repair function, can determine the final code check rule as: if a match is made to "claimlnfimedicaldendirvice. saveregittduginfo (parameter 1)" is called, then a method call alert is prompted.
Further, it is obvious that the code check rule has a preset business variable, that is, the code check rule belongs to a business related code check rule, and after manual verification, the code check rule also does operate on the business, which indicates that the operation of saving the medicine has been cancelled in the business, and then the same call is found again when the code is scanned, a prompt for a method call warning needs to be given, so that the code check rule actually belongs to the business related code check rule. After the code check rule is judged not to be stored in the business code rule base, the code check rule can be added into the business code rule base so as to update the business code rule base.
For another example, for a code defect with a defect number of 0024952, the code submission notation for its repair code is: the bugfix +0024952+ modification judgment logic may acquire, based on the defect number 0024952, that the original code fragment before modification corresponding to the code defect is:
if (this. querycondition. layer ═ and | | | this. querycondition. accountno ═ {// bullet box show }
The modified repair code segment corresponding to the code defect can be acquired based on the defect number 0024952 as follows:
if (| this. querycondition. layer | | | | | this. querycondition. account no) {// elastic frame processing }
Through code difference analysis, the code difference type corresponding to the code defect can be obtained as code modification, and then the original code before modification can be scanned to obtain an initial code inspection rule, namely the characteristics corresponding to the code defect are as follows: if variable is ═ and ═ variable is ═ i ═. It can be seen by comparing the codes before and after modification and remarks in the code submission remarks that the functional characteristics of the codes are to judge whether the variable values are null, so that after the characteristics are manually processed, the finally extracted code rules are as follows: "if the variable name is matched to the code check" or if the variable name is matched to the code check ", a possible Bugs is prompted.
Further, after the manual verification, the rule is a rule irrelevant to the service, that is, a universal code check rule, and after the rule is matched with a code check rule in an existing code check tool, the rule is found not to be in the existing code check tool, and then the rule can be stored in a preset universal code rule base.
In an exemplary embodiment, the generated code check rule may be further classified and then stored in a corresponding universal code rule base of the business code rule base. Specifically, the classification may be performed according to different code writing languages, for example, if the generated code check rule is a service-related code check rule and is a front js code, the code check rule may be added to a js language class in the service code rule base, and if the code check rule is a C language code, the code check rule may be added to a C language class in the service code check rule base.
Next, fig. 3 shows a flowchart of a method for extracting a code inspection rule based on code defect analysis in an exemplary embodiment of the present disclosure. Referring to fig. 3, the method may include steps S310 to S380.
In step S310, the original code and the repair code corresponding to the code defect are obtained according to the code defect identifier.
In an exemplary embodiment, the code defect identification may include the code defect number described above. As described above, the submission annotation format when the repair code is submitted may be unified in advance, for example, it is unified as "bugfix + defect number + repair function description", and the defect list after the code test has a defect number, so that the modified repair code corresponding to the code defect may be obtained based on the defect number in the code submission annotation, and the original code before modification corresponding to the same code defect may be obtained based on the defect number in the defect list.
In step S320, a code difference analysis is performed on the original code and the repair code corresponding to the code defect to determine a code difference type.
For example, the original code and the repair code corresponding to the code defect may be subjected to difference analysis by using an existing code difference analysis tool to determine the code difference type. As mentioned above, the code difference types include one or more of code addition, code modification, and code deletion.
In step S330, an original code or a repair code corresponding to the code defect is scanned according to the code difference type to obtain a code defect characteristic.
For example, the step S130 may be referred to in the detailed implementation of the step S330, and details are not repeated here.
Next, in step S340, a code inspection rule is generated based on the code defect characteristics.
For example, the code defect characteristics may be manually processed according to the code comparison before and after the code defect repair and the description of the repair function, so as to generate the code inspection rule.
Next, in step S350, it is determined whether the code check rule belongs to a common syntax or structure, if not, the process goes to step S360, and if so, the process goes to step S370.
For example, the specific implementation manner of step S360 may be to match and compare variable names in the original code or the repair code corresponding to the code defect with preset variable names, determine that the code check rule generated in step S340 does not belong to the common syntax or structure if the matching is successful, and determine that the code check rule belongs to the common syntax or structure if the matching is failed.
In step S360, the code check rule is determined to be a traffic-related code check rule.
For example, for the service-related code check rule, after the deduplication processing is performed on the service-related code check rule, that is, when it is determined that the currently generated service-related code check rule does not exist in the service code rule base, the service-related code check rule may be added to the service code rule base.
In step S370, it is determined whether the code check rule is a rule in the existing scan tool, if so, go to step S380, otherwise go to step S390.
In step S380, no processing is performed on the code check rule.
In step S390, the code checking rule is determined to be a non-traffic related code checking rule.
For example, if the generated code check rule is a generic syntax or structure, indicating that the code check rule is a non-business related code check rule, i.e., a generic code check rule, the generic code check rule can be understood as a code check rule that can be used across businesses.
Since the code check rule in the existing code scanning tool is a general code check rule irrelevant to the service, the code check rule belonging to the general grammar or structure can be judged whether to be the code check rule in the existing code scanning tool, if so, the code check rule in the existing code scanning tool is taken as the standard, the generated code check rule is not repeatedly stored, and if not, the code check rule is extracted to indicate that a new code check rule which is not currently generated in the existing code scanning tool is extracted, and the code check rule can be stored in a self-defined general code rule base, such as the preset general code rule base.
Through the steps S310 to S390, the code check rule can be automatically extracted based on analyzing the defect after the code test, so that the content accumulation and self-improvement of the code rule base can be realized, and the generation efficiency of the code check rule is improved.
Further, fig. 4 shows a flow chart of a code checking method in an exemplary embodiment of the disclosure. Referring to fig. 4, the method may include steps S410 to S420. Wherein:
in step S410, in response to a code checking instruction, a code to be checked is acquired;
in step S420, scanning the code to be checked based on the code check rule in the code rule base to generate a code check report corresponding to the code to be checked;
the code check rules in the code rule base include the code check rules generated by the code check rule generation method.
For example, after the code check rule is obtained by the code rule generation method and stored in the sub-code rule base, in the subsequent code check, the other codes can be checked by using the code check rule in the code check rule base. Based on the code check rule generation method, the code check rule related to the business can be extracted, and the general code check rule which is not in the existing code check rule base can be extracted, so the code check accuracy can be improved.
For example, regarding the optimization requirement of the medical bill in an insurance claim settlement system, the defect information of the code defect with the defect number of 25275 includes: when the defect type is a functional error and the defect title is a newly added medical bill, the bill type judgment is wrong, the submission record on the project code gitlab is found, the original code and the repair code with the defect number of 25275 can be found, specifically,
the original code segment before being modified is inquired as follows:
if (". equals (social PayInd)) {// determine if there is a third party payment amount }
The modified repair code segment is inquired as follows:
if (1. equals (social PayInd)) {// determine if there is a third party payment amount }
Through analysis, the variable socialPayInd is an entry parameter, the actual interface transmission value is 1 or 0, and the entry parameter is not processed according to the interface definition in the original code, so that defects are caused. Therefore, the final generated code checking rule is: when the code is checked, if the scanning is matched with if (variable name), judging whether the if is consistent with the input parameter definition, if not, prompting that the Bug may exist.
The code rule can be added into a java language category of a code rule base, when subsequent service codes in an claim system are tested, the rule can be used for code scanning, and code defects corresponding to the rule are eliminated in advance, so that the code defect discovery cost in formal testing is reduced, and the quality of code development is improved.
FIG. 5 is a flowchart illustrating a method for code inspection based on code defect analysis in an exemplary embodiment of the present disclosure. Referring to fig. 5, the method may include steps S510 to S580.
In step S510, based on the test result of the service requirement code, a code defect list corresponding to the test result of the code is obtained, and the code defect list is traversed.
In step S520, it is determined whether the current code defect is a valid defect, and if not, the process is terminated, and if yes, the process goes to step S530.
Wherein, the valid defect can be understood as a code defect belonging to the preset defect type.
In step S530, the codes before and after repair corresponding to the code defect are acquired.
In step S540, the code before and after repair is subjected to difference analysis to generate a code check rule.
In step S550, it is determined whether the generated code check rule already exists in the code rule base, and if so, the process ends, otherwise, the process goes to step S560.
In step S560, the generated code check rule is added to the code check rule base.
In step S570, in response to the new business requirement code scan check instruction, a code scan check is performed using the code check rule in the code check rule base.
In step S580, a scan report of the new demand code is generated.
For a business system, different tests are performed as the demand increases, and the above steps S510 to S560 can be performed on the test result after each demand test is passed, so as to realize automatic accumulation and improvement of the code check rules and improve the generation efficiency of the code check rules. Before testing a new requirement, code scanning and checking can be carried out on the new requirement code based on the latest code checking rule base so as to reduce the code error rate in the real testing process and further reduce the testing cost.
Those skilled in the art will appreciate that all or part of the steps implementing the above embodiments are implemented as computer programs executed by a CPU. The computer program, when executed by the CPU, performs the functions defined by the method provided by the present invention. The program may be stored in a computer readable storage medium, which may be a read-only memory, a magnetic or optical disk, or the like.
Furthermore, it should be noted that the above-mentioned figures are only schematic illustrations of the processes involved in the method according to exemplary embodiments of the invention, and are not intended to be limiting. It will be readily understood that the processes shown in the above figures are not intended to indicate or limit the chronological order of the processes. In addition, it is also readily understood that these processes may be performed synchronously or asynchronously, e.g., in multiple modules.
Fig. 6 is a schematic structural diagram of a code inspection rule generation apparatus in an exemplary embodiment of the present disclosure. Referring to fig. 6, the apparatus 600 may include a code before and after repair acquisition module 610, a code difference analysis module 620, and a code check rule generation module 630. Wherein:
a code before and after repair obtaining module 610 configured to obtain an original code and a repair code corresponding to a code defect based on the code defect in a code test result;
a code difference analysis module 620 configured to perform code difference analysis on the original code and the repair code corresponding to the code defect, and determine a code difference type corresponding to the code defect;
and a code inspection rule generating module 630 configured to perform character scanning on the original code or the repair code corresponding to the code defect according to the code difference type to generate a code inspection rule.
In some exemplary embodiments of the present disclosure, based on the foregoing embodiments, the code check rule generating module 630 may be specifically configured to:
when the code difference type is code addition, performing character scanning on a repair code corresponding to the code defect to generate a code check rule;
when the code difference type is code modification, performing character scanning on an original code corresponding to the code defect to generate a code inspection rule;
and when the code difference type is code deletion, performing character scanning on the original code corresponding to the code defect to generate a code check rule.
In some exemplary embodiments of the present disclosure, based on the foregoing embodiments, the code check rule generating module 630 may be specifically configured to: the method comprises the following steps:
and according to the character sequence of the original code or the repair code, performing character scanning on the original code or the repair code to generate a code check rule.
In some exemplary embodiments of the present disclosure, based on the foregoing embodiments, the character scanning the original code or the repair code according to the character sequence of the original code or the repair code to generate the code check rule includes:
and when the scanned characters are keywords or symbols in the program language to which the code belongs, reserving the scanned characters, otherwise, replacing the scanned characters with preset general characters to generate a code check rule.
In some exemplary embodiments of the present disclosure, based on the foregoing embodiments, the apparatus further includes a first storage module configured to:
when the variable in the original code or the repair code corresponding to the code defect is successfully matched with a preset service variable, determining the code check rule as a service-related code check rule;
matching the service related code check rule with the existing service related code check rule in a preset service code rule base;
and when the matching fails, adding the service related code check rule into the service code rule base so as to update the service code rule base.
In some exemplary embodiments of the present disclosure, based on the foregoing embodiments, the apparatus further includes a second storage module configured to:
when the matching of the variables in the original code or the repair code corresponding to the code defect and the preset service variable fails, determining that the code check rule is a general code check rule;
matching the general code check rule with an existing code check rule in a code check tool;
and when the matching fails, adding the universal code check rule into a preset universal code rule base so as to update the universal code rule base.
In some exemplary embodiments of the present disclosure, based on the foregoing embodiments, the before-repair and after-repair code obtaining module 610 may be specifically configured to:
acquiring an original code and a repair code corresponding to the code defect of the preset defect type based on the defect type of the code defect in the code test result;
the preset defect type comprises one or more of a functional error defect, a security vulnerability defect and a performance defect.
Next, fig. 7 shows a schematic structural diagram of a code inspection apparatus in an exemplary embodiment of the present disclosure. Referring to fig. 7, the apparatus 700 may include a code to be checked acquisition module 710 and a code checking module 720. Wherein:
a code-to-be-checked acquisition module 710 configured to acquire a code to be checked in response to a code checking instruction;
the code checking module 720 is configured to scan the code to be checked based on the code checking rules in the code rule base to generate a code checking report corresponding to the code to be checked; the code rule base comprises code check rules generated according to the code check rule generation method disclosed by the disclosure.
The specific details of the code check rule generation device and each module in the code check device have been described in detail in the corresponding method, and therefore are not described herein again.
It should be noted that although in the above detailed description several modules or units of the device for action execution are mentioned, such a division is not mandatory. Indeed, the features and functionality of two or more modules or units described above may be embodied in one module or unit, according to embodiments of the present disclosure. Conversely, the features and functions of one module or unit described above may be further divided into embodiments by a plurality of modules or units.
Moreover, although the steps of the methods of the present disclosure are depicted in the drawings in a particular order, this does not require or imply that the steps must be performed in this particular order, or that all of the depicted steps must be performed, to achieve desirable results. Additionally or alternatively, certain steps may be omitted, multiple steps combined into one step execution, and/or one step broken down into multiple step executions, etc.
Through the above description of the embodiments, those skilled in the art will readily understand that the exemplary embodiments described herein may be implemented by software, or by software in combination with necessary hardware. Therefore, the technical solution according to the embodiments of the present disclosure may be embodied in the form of a software product, which may be stored in a non-volatile storage medium (which may be a CD-ROM, a usb disk, a removable hard disk, etc.) or on a network, and includes several instructions to enable a computing device (which may be a personal computer, a server, a mobile terminal, or a network device, etc.) to execute the method according to the embodiments of the present disclosure.
In an exemplary embodiment of the present disclosure, there is also provided a computer storage medium capable of implementing the above method. On which a program product capable of implementing the above-described method of the present specification is stored. In some possible embodiments, various aspects of the disclosure may also be implemented in the form of a program product comprising program code for causing a terminal device to perform the steps according to various exemplary embodiments of the disclosure described in the "exemplary methods" section above of this specification, when the program product is run on the terminal device.
Referring to fig. 8, a program product 800 for implementing the above method according to an embodiment of the present disclosure is described, which may employ a portable compact disc read only memory (CD-ROM) and include program code, and may be run on a terminal device, such as a personal computer. However, the program product of the present disclosure is not limited thereto, and in this document, a readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device.
The program product may employ any combination of one or more readable media. The readable medium may be a readable signal medium or a readable storage medium. A readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination of the foregoing. More specific examples (a non-exhaustive list) of the readable storage medium include: an electrical connection having one or more wires, a portable disk, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing.
A computer readable signal medium may include a propagated data signal with readable program code embodied therein, for example, in baseband or as part of a carrier wave. Such a propagated data signal may take many forms, including, but not limited to, electro-magnetic, optical, or any suitable combination thereof. A readable signal medium may also be any readable medium that is not a readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device.
Program code embodied on a readable medium may be transmitted using any appropriate medium, including but not limited to wireless, wireline, optical fiber cable, RF, etc., or any suitable combination of the foregoing.
Program code for carrying out operations for the present disclosure may be written in any combination of one or more programming languages, including an object oriented programming language such as Java, C + + or the like and conventional procedural programming languages, such as the "C" programming language or similar programming languages. The program code may execute entirely on the user's computing device, partly on the user's device, as a stand-alone software package, partly on the user's computing device and partly on a remote computing device, or entirely on the remote computing device or server. In the case of a remote computing device, the remote computing device may be connected to the user computing device through any kind of network, including a Local Area Network (LAN) or a Wide Area Network (WAN), or may be connected to an external computing device (e.g., through the internet using an internet service provider).
In addition, in an exemplary embodiment of the present disclosure, an electronic device capable of implementing the above method is also provided.
As will be appreciated by one skilled in the art, aspects of the present disclosure may be embodied as a system, method or program product. Accordingly, various aspects of the present disclosure may be embodied in the form of: an entirely hardware embodiment, an entirely software embodiment (including firmware, microcode, etc.) or an embodiment combining hardware and software aspects that may all generally be referred to herein as a "circuit," module "or" system.
An electronic device 800 according to this embodiment of the disclosure is described below with reference to fig. 9. The electronic device 900 shown in fig. 9 is only an example and should not bring any limitations to the functionality or scope of use of the embodiments of the present disclosure.
As shown in fig. 9, the electronic device 900 is embodied in the form of a general purpose computing device. The components of the electronic device 800 may include, but are not limited to: the at least one processing unit 910, the at least one storage unit 920, a bus 930 connecting different system components (including the storage unit 920 and the processing unit 910), and a display unit 940.
Wherein the storage unit stores program code that is executable by the processing unit 910 to cause the processing unit 910 to perform steps according to various exemplary embodiments of the present disclosure described in the above section "exemplary method" of the present specification. For example, the processing unit 910 may perform the following as shown in fig. 1: step S110, based on the code defect in the code test result, obtaining an original code and a repair code corresponding to the code defect; step S120, carrying out code difference analysis on the original code and the repaired code corresponding to the code defect, and determining the code difference type corresponding to the code defect; step S130, according to the code difference type, performing character scanning on the original code or the repair code corresponding to the code defect to generate a code check rule.
As another example, the processing unit 910 may perform various steps as shown in fig. 2 to 5.
The storage unit 920 may include a readable medium in the form of a volatile storage unit, such as a random access memory unit (RAM)9201 and/or a cache memory unit 9202, and may further include a read only memory unit (ROM) 9203.
Storage unit 920 may also include a program/utility 9204 having a set (at least one) of program modules 8205, such program modules 9205 including, but not limited to: an operating system, one or more application programs, other program modules, and program data, each of which, or some combination thereof, may comprise an implementation of a network environment.
Bus 930 can be any of several types of bus structures including a memory unit bus or memory unit controller, a peripheral bus, an accelerated graphics port, a processing unit, or a local bus using any of a variety of bus architectures.
The electronic device 900 may also communicate with one or more external devices 1000 (e.g., keyboard, pointing device, bluetooth device, etc.), with one or more devices that enable a user to interact with the electronic device 900, and/or with any devices (e.g., router, modem, etc.) that enable the electronic device 900 to communicate with one or more other computing devices. Such communication may occur via input/output (I/O) interface 950. Also, the electronic device 900 may communicate with one or more networks (e.g., a Local Area Network (LAN), a Wide Area Network (WAN) and/or a public network, such as the Internet) via the network adapter 960. As shown, the network adapter 960 communicates with the other modules of the electronic device 900 via the bus 930. It should be appreciated that although not shown, other hardware and/or software modules may be used in conjunction with the electronic device 900, including but not limited to: microcode, device drivers, redundant processing units, external disk drive arrays, RAID systems, tape drives, and data backup storage systems, among others.
Through the above description of the embodiments, those skilled in the art will readily understand that the exemplary embodiments described herein may be implemented by software, or by software in combination with necessary hardware. Therefore, the technical solution according to the embodiments of the present disclosure may be embodied in the form of a software product, which may be stored in a non-volatile storage medium (which may be a CD-ROM, a usb disk, a removable hard disk, etc.) or on a network, and includes several instructions to enable a computing device (which may be a personal computer, a server, a terminal device, or a network device, etc.) to execute the method according to the embodiments of the present disclosure.
Furthermore, the above-described figures are merely schematic illustrations of processes included in methods according to exemplary embodiments of the present disclosure, and are not intended to be limiting. It will be readily understood that the processes shown in the above figures are not intended to indicate or limit the chronological order of the processes. In addition, it is also readily understood that these processes may be performed synchronously or asynchronously, e.g., in multiple modules.
Other embodiments of the disclosure will be apparent to those skilled in the art from consideration of the specification and practice of the disclosure disclosed herein. This application is intended to cover any variations, uses, or adaptations of the disclosure following, in general, the principles of the disclosure and including such departures from the present disclosure as come within known or customary practice within the art to which the disclosure pertains. It is intended that the specification and examples be considered as exemplary only, with a true scope and spirit of the disclosure being indicated by the following claims.

Claims (11)

1. A code inspection rule generation method, comprising:
acquiring an original code and a repair code corresponding to the code defect based on the code defect in the code test result;
performing code difference analysis on an original code and a repaired code corresponding to the code defect, and determining a code difference type corresponding to the code defect;
according to the code difference type, performing character scanning on an original code or a repair code corresponding to the code defect to generate a code inspection rule;
wherein the code difference type comprises one or more of code addition, code modification and code deletion.
2. The method for generating code checking rules according to claim 1, wherein the performing character scanning on the original code or the repair code corresponding to the code defect according to the code difference type to generate the code checking rules comprises:
when the code difference type is code addition, performing character scanning on a repair code corresponding to the code defect to generate a code check rule;
when the code difference type is code modification, performing character scanning on an original code corresponding to the code defect to generate a code inspection rule;
and when the code difference type is code deletion, performing character scanning on the original code corresponding to the code defect to generate a code check rule.
3. The method according to claim 1, wherein the performing a character scan on the original code or the repair code corresponding to the code defect to generate the code inspection rule corresponding to the code defect comprises:
and according to the character sequence of the original code or the repair code, performing character scanning on the original code or the repair code to generate a code check rule.
4. The method according to claim 3, wherein the character scanning the original code or the repair code according to the character sequence of the original code or the repair code to generate the code check rule comprises:
and when the scanned characters are keywords or symbols in the program language to which the code belongs, reserving the scanned characters, otherwise, replacing the scanned characters with preset general characters to generate a code check rule.
5. The code inspection rule generating method according to claim 1, further comprising:
when the variable in the original code or the repair code corresponding to the code defect is successfully matched with a preset service variable, determining the code check rule as a service-related code check rule;
matching the service related code check rule with the existing service related code check rule in a preset service code rule base;
and when the matching fails, adding the service related code check rule into the service code rule base so as to update the service code rule base.
6. The code inspection rule generating method according to claim 5, further comprising:
when the matching of the variables in the original code or the repair code corresponding to the code defect and the preset service variable fails, determining that the code check rule is a general code check rule;
matching the general code check rule with an existing code check rule in a code check tool;
and when the matching fails, adding the universal code check rule into a preset universal code rule base so as to update the universal code rule base.
7. A code checking method, comprising:
responding to a code checking instruction, and acquiring a code to be checked;
scanning the code to be checked based on a code checking rule in a code rule base to generate a code checking report corresponding to the code to be checked;
wherein code checking rules in the code rule base include the code checking rules generated according to the method of any one of claims 1 to 6.
8. A code inspection rule generation apparatus, comprising:
the code before and after repair acquisition module is configured to acquire an original code and a repair code corresponding to a code defect based on the code defect in a code test result;
the code difference analysis module is configured to perform code difference analysis on an original code and a repaired code corresponding to the code defect and determine a code difference type corresponding to the code defect;
the code inspection rule generating module is configured to perform character scanning on an original code or a repair code corresponding to the code defect according to the code difference type to generate a code inspection rule;
wherein the code difference type comprises one or more of code addition, code modification and code deletion.
9. A code inspection apparatus, comprising:
a code to be checked acquisition module configured to acquire a code to be checked in response to a code check instruction;
the code checking module is configured to scan the code to be checked based on code checking rules in a code rule base so as to generate a code checking report corresponding to the code to be checked;
wherein code checking rules in the code rule base include the code checking rules generated according to the method of any one of claims 1 to 6.
10. A computer-readable medium, on which a computer program is stored, which program, when being executed by a processor, carries out the method according to any one of claims 1 to 7.
11. An electronic device, comprising:
one or more processors;
storage means for storing one or more programs which, when executed by the one or more processors, cause the one or more processors to carry out the method of any one of claims 1 to 7.
CN202110963180.3A 2021-08-20 2021-08-20 Code inspection rule generating method, code inspection method, device and medium Pending CN113672512A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110963180.3A CN113672512A (en) 2021-08-20 2021-08-20 Code inspection rule generating method, code inspection method, device and medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110963180.3A CN113672512A (en) 2021-08-20 2021-08-20 Code inspection rule generating method, code inspection method, device and medium

Publications (1)

Publication Number Publication Date
CN113672512A true CN113672512A (en) 2021-11-19

Family

ID=78544931

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110963180.3A Pending CN113672512A (en) 2021-08-20 2021-08-20 Code inspection rule generating method, code inspection method, device and medium

Country Status (1)

Country Link
CN (1) CN113672512A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2023103690A1 (en) * 2021-12-08 2023-06-15 华为云计算技术有限公司 Unit testing generation method and apparatus, and related device

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2016086640A1 (en) * 2014-12-04 2016-06-09 中兴通讯股份有限公司 Tour inspection report generation method and apparatus
CN110688300A (en) * 2019-08-13 2020-01-14 平安科技(深圳)有限公司 Compatibility testing method, device, equipment and storage medium
CN110704298A (en) * 2019-08-23 2020-01-17 北京奇艺世纪科技有限公司 Code verification method and device, terminal equipment and storage medium
CN112433730A (en) * 2020-11-23 2021-03-02 北京字节跳动网络技术有限公司 Code detection rule generation method and device and electronic equipment

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2016086640A1 (en) * 2014-12-04 2016-06-09 中兴通讯股份有限公司 Tour inspection report generation method and apparatus
CN110688300A (en) * 2019-08-13 2020-01-14 平安科技(深圳)有限公司 Compatibility testing method, device, equipment and storage medium
CN110704298A (en) * 2019-08-23 2020-01-17 北京奇艺世纪科技有限公司 Code verification method and device, terminal equipment and storage medium
CN112433730A (en) * 2020-11-23 2021-03-02 北京字节跳动网络技术有限公司 Code detection rule generation method and device and electronic equipment

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2023103690A1 (en) * 2021-12-08 2023-06-15 华为云计算技术有限公司 Unit testing generation method and apparatus, and related device

Similar Documents

Publication Publication Date Title
US10585780B2 (en) Enhancing software development using bug data
US8875110B2 (en) Code inspection executing system for performing a code inspection of ABAP source codes
US10621212B2 (en) Language tag management on international data storage
CN111382070B (en) Compatibility testing method and device, storage medium and computer equipment
US9785418B2 (en) Maintaining consistency amongst data structures that are referenced within different programs
CN109872230B (en) Test method and device of financial data analysis system, medium and electronic equipment
US11474933B2 (en) Test cycle optimization using contextual association mapping
CN108694108B (en) iOS crash data classification and statistics method and device
Mariani et al. Semantic matching of gui events for test reuse: are we there yet?
CN114328208A (en) Code detection method and device, electronic equipment and storage medium
CN113326247A (en) Cloud data migration method and device and electronic equipment
US10521253B2 (en) Framework for automated globalization enablement on development operations
US9558462B2 (en) Identifying and amalgamating conditional actions in business processes
US20170154029A1 (en) System, method, and apparatus to normalize grammar of textual data
CN113672512A (en) Code inspection rule generating method, code inspection method, device and medium
CN113778852A (en) Code analysis method based on regular expression
Tan et al. Detecting outdated code element references in software repository documentation
CN115292187A (en) Method and device for automatically testing code-free page, electronic equipment and medium
CN112598226B (en) Equipment checking method, device, equipment and storage medium
CN113900956A (en) Test case generation method and device, computer equipment and storage medium
CN114116471A (en) Automatic code scanning method, system, electronic equipment and storage medium
CN111611173A (en) System and method applied to micro-service engineering interface document detection
US11829230B2 (en) Globally unique error codes for knowledge document indexing in software systems
CN116383834B (en) Detection method for source code vulnerability detection tool abnormality and related equipment
CN111309585A (en) Log data testing method, device and system, electronic equipment and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20211119