CN117370160A - Code auditing method, apparatus, computer device, storage medium and program product - Google Patents

Code auditing method, apparatus, computer device, storage medium and program product Download PDF

Info

Publication number
CN117370160A
CN117370160A CN202311234855.6A CN202311234855A CN117370160A CN 117370160 A CN117370160 A CN 117370160A CN 202311234855 A CN202311234855 A CN 202311234855A CN 117370160 A CN117370160 A CN 117370160A
Authority
CN
China
Prior art keywords
rule
target
auditing
code
audit
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202311234855.6A
Other languages
Chinese (zh)
Inventor
叶雨凡
裴文贤
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Bank of China Ltd
Original Assignee
Bank of China Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Bank of China Ltd filed Critical Bank of China Ltd
Priority to CN202311234855.6A priority Critical patent/CN117370160A/en
Publication of CN117370160A publication Critical patent/CN117370160A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/36Preventing errors by testing or debugging software
    • G06F11/3604Software analysis for verifying properties of programs
    • G06F11/3608Software analysis for verifying properties of programs using formal methods, e.g. model checking, abstract interpretation

Abstract

The application relates to a code auditing method, a code auditing device, computer equipment, a storage medium and a program product, which can be used in the technical field of big data. The method comprises the following steps: under the condition that the code update of the target product is detected, a preset detection tool is called to determine a new code corresponding to the target product; according to a preset auditing rule, auditing the rule corresponding to the newly added code to obtain a target auditing result; the auditing rules comprise basic grammar rules and requirement rules of target products; the target auditing result is used for representing whether the rule corresponding to the newly added code meets the auditing rule or not; and generating an audit report according to the target audit result, and sending the audit report to a terminal where a developer is located. In the method, the rule corresponding to the newly added code is accurately audited based on the preset audit rule, the target audit result can be accurately acquired, and the audit report is accurately generated according to the acquired target audit result, so that the error rate of the audit of the bank code can be greatly reduced.

Description

Code auditing method, apparatus, computer device, storage medium and program product
Technical Field
The present invention relates to the field of big data technologies, and in particular, to a code auditing method, apparatus, computer device, storage medium, and program product.
Background
With diversification of bank products, the updating iteration frequency of bank developers on product versions is higher and higher. Wherein online code walkthrough plays a very important role in the update iteration of the product version. Therefore, it is important for banks how to reasonably derive and audit new codes for different versions of products in online code walks.
In the traditional technology, the new codes of different versions of products are audited by manpower, but the traditional technology has the problem of higher code audit error rate.
Disclosure of Invention
In view of the foregoing, it is desirable to provide a code auditing method, apparatus, computer device, storage medium, and program product that can reduce the code auditing error rate.
In a first aspect, the present application provides a code auditing method, including:
under the condition that the code update of the target product is detected, a preset detection tool is called to determine a new code corresponding to the target product;
According to a preset auditing rule, auditing the rule corresponding to the newly added code to obtain a target auditing result; the auditing rules comprise basic grammar rules and requirement rules of target products; the target auditing result is used for representing whether the rule corresponding to the newly added code meets the auditing rule or not;
and generating an audit report according to the target audit result, and sending the audit report to a terminal where a developer is located.
In one embodiment, generating an audit report based on the target audit result includes:
determining target rule items which do not meet the auditing rule in the rule corresponding to the newly added code according to the target auditing result;
generating a modification opinion of the target rule item according to the reason that the target rule item does not meet the auditing rule;
and generating an audit report according to the target rule item and the modification opinion.
In one embodiment, generating an audit report based on the target rule items and the modified opinion includes:
determining a target code segment corresponding to the target rule item from the newly added code;
and generating an audit report by using the target code segment and the modification opinion.
In one embodiment, auditing the rule corresponding to the newly added code according to a preset auditing rule, and obtaining a target auditing result includes:
Determining whether the grammar rule of the newly added code is consistent with the basic grammar rule or not, and obtaining a first checking result;
determining whether the requirement rule of the newly added code is consistent with the requirement rule of the target product, and obtaining a second checking result;
and obtaining a target audit result according to the first audit result and the second audit result.
In one embodiment, the detection tool includes any one of a distributed version control system, a code analysis tool, and a detection script.
In one embodiment, the method further comprises:
generating basic grammar rules according to grammar rules corresponding to codes of different financial products;
and generating a requirement rule of the target product according to the function and the attribute of the target product.
In a second aspect, the present application further provides a code auditing apparatus, including:
the determining module is used for calling a preset detecting tool to determine a new code corresponding to the target product under the condition that the code update of the target product is detected;
the auditing module is used for auditing the rule corresponding to the newly added code according to a preset auditing rule to acquire a target auditing result; the auditing rules comprise basic grammar rules and requirement rules of target products; the target auditing result is used for representing whether the rule corresponding to the newly added code meets the auditing rule or not;
And the generation module is used for generating an audit report according to the target audit result and sending the audit report to the terminal where the developer is located.
In a third aspect, the present application also provides a computer device comprising a memory storing a computer program and a processor, the processor executing the computer program to perform the steps of the method of the first aspect described above.
In a fourth aspect, the present application also provides a computer readable storage medium having stored thereon a computer program which, when executed by a processor, implements the steps of the method of the first aspect described above.
In a fifth aspect, the present application also provides a computer program product comprising a computer program which, when executed by a processor, implements the steps of the method of the first aspect described above.
According to the code auditing method, the code auditing device, the computer equipment, the storage medium and the program product, a preset detection tool is called to determine a new code corresponding to a target product under the condition that the code update of the target product is detected; according to a preset auditing rule, auditing the rule corresponding to the newly added code to obtain a target auditing result; the auditing rules comprise basic grammar rules and requirement rules of target products; the target auditing result is used for representing whether the rule corresponding to the newly added code meets the auditing rule or not; and generating an audit report according to the target audit result, and sending the audit report to a terminal where a developer is located. Under the condition that the code update of the target product is detected, the new code corresponding to the target product can be determined by calling the preset detection tool, and the rule corresponding to the new code is accurately audited according to the preset audit rule comprising the basic grammar rule and the requirement rule of the target product.
Drawings
FIG. 1 is a schematic view of an application environment of a code auditing method according to an embodiment of the present application;
FIG. 2 is a flow chart of a code auditing method according to an embodiment of the present application;
FIG. 3 is a flow chart of a code audit method according to another embodiment of the present application;
FIG. 4 is a flow chart of a code audit method according to another embodiment of the present application;
FIG. 5 is a flow chart of a code audit method according to another embodiment of the present application;
FIG. 6 is a schematic diagram of a code audit device according to an embodiment of the present application;
FIG. 7 is a schematic structural diagram of a generating module in a code auditing apparatus according to another embodiment of the present application;
FIG. 8 is a schematic diagram illustrating an audit module in a code audit device according to another embodiment of the present application;
FIG. 9 is a schematic diagram of a code audit device according to another embodiment of the present application;
fig. 10 is an internal structural diagram of a computer device in one embodiment of the present application.
Detailed Description
In order to make the objects, technical solutions and advantages of the present application more apparent, the present application will be further described in detail with reference to the accompanying drawings and examples. It should be understood that the specific embodiments described herein are for purposes of illustration only and are not intended to limit the present application.
The code auditing method, the device, the computer equipment, the storage medium and the program product provided by the embodiment of the application can be applied to application scenes of code auditing of developers; of course, the present invention can also be applied to other scenarios, which are not limited in the embodiments of the present application.
For convenience of explanation, the following embodiments take a scenario in which the code auditing method of the embodiments of the present application is applied to a developer of a bank to perform code auditing as an example. It should be understood that when the code auditing method of the embodiments of the present application is applied to other scenarios, its implementation principles and technical effects are similar.
Fig. 1 is a schematic diagram of an application environment of a code auditing method according to an embodiment of the present application, and as shown in fig. 1, the application environment schematic diagram according to an embodiment of the present application may include, but is not limited to: a terminal 10 and a server 11; wherein the terminal 10 can communicate with the server 11 via a network. The terminal 10 may be a developer-corresponding terminal. The terminal 10 may include, but is not limited to, various personal computers, notebook computers, smart phones, and tablet computers, among others. The server 11 may be implemented as a stand-alone server or as a server cluster composed of a plurality of servers. The data storage system may store code versions for each product that the server 11 needs to process. The data storage system may be integrated on the server 11 or may be placed on a cloud or other network server. The server 11 in the embodiment of the present application may perform the auditing of the corresponding code segment by using the code auditing method in the embodiment of the present application.
In the related art, the exporting of the new added code mainly depends on manual extraction, which may consume a great deal of time and effort, and in addition, the exporting of the new added code requires manual code auditing, so that not only is the auditing workload larger, but also the basic grammar problem may exist, and therefore, the mode of manual exporting and auditing may cause the problem of higher code auditing error rate.
According to the code auditing method, the code auditing device, the computer equipment, the storage medium and the program product, the rule corresponding to the newly added code is audited according to the preset auditing rule, and the target auditing result is obtained; and generating an audit report according to the target audit result, and sending the audit report to a terminal where a developer is located. In the embodiment of the application, under the condition that the code update of the target product is detected, the new code corresponding to the target product can be determined by calling the preset detection tool, and the rule corresponding to the new code is accurately audited according to the preset audit rule comprising the basic grammar rule and the requirement rule of the target product, so that the target audit result is obtained, and an audit report can be accurately generated according to the obtained target audit result, the accuracy of generating the audit report of the new code is greatly improved, and the error rate of the audit of the bank code can be reduced.
In one embodiment, fig. 2 is a schematic flow chart of a code auditing method according to an embodiment of the present application, where the embodiment of the present application is described by taking the application of the method to the server in fig. 1 as an example. As shown in fig. 2, the method of the embodiment of the present application may include the following steps:
step 201, under the condition that the code update of the target product is detected, a preset detection tool is called to determine a new code corresponding to the target product.
Illustratively, the target product referred to in the embodiments of the present application is an application program that can perform code update. For example, the target product may be an application of a banking financial type product, a back-end code of a banking website, or any other product requiring software development and updating. Alternatively, the target product may be an application program in a bank server, or may be an application program of a financial product in a terminal.
Alternatively, detection tools referred to in embodiments of the present application may include, but are not limited to, distributed version control system Git, code analysis tools, and detection scripts.
In this embodiment, the server may determine the new code corresponding to the target product by calling a preset detection tool when detecting the code update of the target product, for example, if the distributed version control system Git is called to determine the new code corresponding to the target product, the current version code and the last version code may be exported to different storage spaces by the distributed version control system, the comparison function of the distributed version control system is used to compare the differences of the two version codes, generate a difference file, filter the difference file, screen out the new code or modified code line corresponding to the target product, and mark out the new code corresponding to the target product.
In one possible implementation manner, the server may detect the code update condition of the target product from the database at intervals of a preset duration, and determine whether the code of the target product is updated by comparing the code version identifiers. Illustratively, the code version identification may be used to indicate a unique identifier that identifies the code version of the target product. For example, the code version identification may include, but is not limited to, a Git commit hash, a timestamp, a version tag, and the like.
In another possible implementation manner, the server may detect the update condition of the code of the target product from the database according to the code version identifier when receiving the trigger request; the trigger request may include, but is not limited to, code version number information of the target product in the request header.
Of course, the server may also detect the code update of the target product in other ways.
And S202, auditing rules corresponding to the newly added codes according to preset auditing rules to obtain target auditing results.
By way of example, audit rules in embodiments of the present application may include, but are not limited to, basic grammar rules and demand rules for the target product. Wherein the basic grammar rules include, but are not limited to, indentation specifications, naming conventions, code formats, etc.; the demand rules for the target product include, but are not limited to, specific design patterns, function implementation conventions, performance requirements, etc.
For example, the target audit result in the embodiment of the present application may be used to indicate whether the rule corresponding to the newly added code satisfies the audit rule.
Further, for the basic grammar rule, the server may generate the basic grammar rule according to grammar rules corresponding to codes of different financial products; for the requirement rule of the target product, the server can generate the requirement rule of the target product according to the function and the attribute of the target product. The functions of the target product may include a login and registration function, a payment function, a search function, and the like, and the attributes of the target product may include instantaneity, security, compatibility, and the like.
In this embodiment, the server may audit the grammar rule and the demand rule corresponding to the newly added code according to the preset basic grammar rule and the demand rule of the target product, determine whether the grammar rule corresponding to the newly added code meets the preset basic grammar rule, and determine whether the demand rule corresponding to the newly added code meets the demand rule of the target product, so as to obtain the target audit result according to the determination result of the grammar rule and the determination result of the demand rule. For example, if the grammar rule corresponding to the new added code meets the preset basic grammar rule, but the demand rule corresponding to the new added code does not meet the demand rule of the target product, it may be determined that the demand rule corresponding to the new added code does not meet the demand rule of the target product as a result of target audit; for another example, if the grammar rule corresponding to the new added code does not meet the preset basic grammar rule, but the demand rule corresponding to the new added code meets the demand rule of the target product, it may be determined that the grammar rule corresponding to the new added code does not meet the preset basic grammar rule as the target audit result; for another example, the grammar rule corresponding to the new added code does not meet the preset basic grammar rule, and the demand rule corresponding to the new added code does not meet the demand rule of the target product, so that it can be determined that the grammar rule corresponding to the new added code does not meet the preset basic grammar rule as the target audit result, and the demand rule corresponding to the new added code does not meet the demand rule of the target product.
And step S203, generating an audit report according to the target audit result, and sending the audit report to a terminal where the developer is located.
Illustratively, the audit report referred to in the embodiments of the present application includes passing and failing rule terms, relevant code segments of the failing rule terms, and modification opinions, etc.; the modification opinion includes, but is not limited to, a specific location of rule violation, suggested correction methods, and suggestions of code quality improvement.
In this embodiment, the server may generate an audit report according to whether the rule corresponding to the newly added code meets the result of the audit rule, and send the audit report to the terminal where the developer is located. Optionally, the target audit result indicates whether the rule corresponding to the newly added code meets a preset audit rule, and then the audit report generated according to the target audit result may not meet a rule item of the preset audit rule for the rule corresponding to the newly added code, or the generated target audit report may meet a rule item of the preset audit rule for the rule corresponding to the newly added code.
As another optional implementation manner, the target audit result indicates whether the rule corresponding to the newly added code meets the preset audit rule, so that an audit report can be generated according to the rule item that the rule corresponding to the newly added code in the target audit result meets the preset audit rule and the rule item that the rule does not meet the preset audit rule.
In the code auditing method, the new code corresponding to the target product is determined by calling a preset detection tool under the condition that the code update of the target product is detected. Further, auditing rules corresponding to the newly added codes according to preset auditing rules, obtaining target auditing results, generating auditing reports according to the target auditing results, and sending the auditing reports to a terminal where a developer is located; the auditing rules comprise basic grammar rules and requirement rules of target products; the target auditing result is used for representing whether the rule corresponding to the newly added code meets the auditing rule or not; therefore, in the embodiment of the application, under the condition that the code update of the target product is detected, the new code corresponding to the target product can be determined by calling the preset detection tool, and the rule corresponding to the new code is accurately audited according to the preset audit rule comprising the basic grammar rule and the requirement rule of the target product, so that the target audit result can be accurately acquired, an audit report can be accurately generated according to the acquired target audit result, and the error rate of the audit of the bank code can be reduced.
In one embodiment, fig. 3 is a schematic flow chart of a code auditing method according to another embodiment of the present application, and on the basis of the foregoing embodiment, in the embodiment of the present application, an audit report is generated according to a target audit result in step S203 related to the foregoing embodiment to be described. As shown in fig. 3, S203 includes:
S301, determining target rule items which do not meet the auditing rule in the rule corresponding to the newly added code according to the target auditing result.
For example, the target rule item in the embodiment of the present application may be used to indicate a rule item that the grammar rule corresponding to the new added code does not match the preset basic grammar rule, and/or may be used to indicate a rule item that the requirement rule corresponding to the new added code does not match the requirement rule of the target product.
In this embodiment, the server may compare and analyze the target audit result with audit rules preset in the rule base to determine which rule items in the newly added code do not satisfy the audit rules, and determine that the rule items do not satisfy the audit rules as target rule items, and further, the server may further mark code segments corresponding to the rule items that do not satisfy the audit rules; for example, assume that a preset audit rule requires that all variable names must be named using hump nomenclature, while two variables in the newly added code are named using underlined nomenclature, such as: item_count=5, total_count=0; according to the auditing rule, the variables item_count and total_current do not accord with the preset auditing rule, and the code row corresponding to the variable which does not accord with the preset auditing rule can be marked.
S302, according to the reason that the target rule item does not meet the auditing rule, generating the modification opinion of the target rule item.
Illustratively, the modification opinions referred to in the embodiments of the present application include, but are not limited to, specific locations of rule violations, suggested correction methods, and suggestions of code quality improvements.
In this embodiment, the server may further generate the modification opinion of the target rule item according to the reason that the target rule item does not satisfy the preset basic grammar rule and the requirement rule of the target product; for example, assume that the target rule item requires a type explicit specification when declaring a variable, while there are variables in the newly added code that are not explicitly specified by type, such as: total_current=0, item_count=5; for reasons that the target rule item does not meet the auditing rule, the following modification opinion of the target rule item can be proposed:
1) When a variable is declared, a type explicit specification is made according to the type of variable to increase the readability and clarity of the code.
2) The manner in which the variable declarations are modified explicitly states the variable type, e.g., using type keys such as int, float, etc.
S303, generating an audit report according to the target rule item and the modification opinion.
Optionally, in this embodiment, the server may establish a correspondence between the target rule item and the modification opinion, and generate an audit report; further, the server may add rules passing the audit to the audit report when generating the audit report, i.e. the audit report may include passing rule items, non-passing rule items, relevant code segments of non-passing rule items, modification comments of non-passing rule items, and the like; the modification opinion includes, but is not limited to, a specific location of rule violation, suggested correction methods, and suggestions of code quality improvement.
In this embodiment, according to the target audit result, the target rule item that does not satisfy the audit rule in the rule corresponding to the newly added code can be accurately determined, so that the reason that the target rule item does not satisfy the audit rule can be correspondingly and accurately determined, the modification opinion of the target rule item can be generated, and further, the audit report of the newly added code of the target product can be accurately generated according to the determined target rule item and the determined modification opinion.
In one embodiment, fig. 4 is a schematic flow chart of a code auditing method according to another embodiment of the present application, as shown in fig. 4, and on the basis of the foregoing embodiment, in this embodiment of the present application, description is given to generating an auditing report according to a target rule item and a modification opinion in step S303 involved in the foregoing embodiment. As shown in fig. 4, S303 includes:
S401, determining a target code segment corresponding to the target rule item from the newly added code.
In this embodiment, the server may compare the rule item corresponding to the newly added code with the target rule item, and determine the rule item consistent with the target rule item from the rule items corresponding to the newly added code, so as to determine the code segment corresponding to the rule item as the target code segment.
S402, generating an audit report by using the target code segment and the modification opinion.
In this embodiment, the server may establish a correspondence between the target code segment and the corresponding modification opinion, so as to generate an audit report of the newly added code of the target product according to the correspondence between the target code segment and the corresponding modification opinion; for example, if the determined object code segment includes three object code segments, the server may determine modification opinions corresponding to the three object code segments, respectively, and establish correspondence between the three object code segments and the corresponding modification opinions, thereby generating the audit report.
According to the embodiment of the application, the audit report is accurately generated according to the target code segment and the modification opinion corresponding to the target rule item determined from the newly added code, and further, the code quality and maintainability can be enhanced through the audit report, and the efficiency and quality of a software development process are improved.
In one embodiment, fig. 5 is a schematic flow chart of a code auditing method according to another embodiment of the present application, as shown in fig. 5, and on the basis of the foregoing embodiment, in this embodiment of the present application, auditing rules corresponding to the newly added code according to preset auditing rules in step S202 involved in the foregoing embodiment, and obtaining a target auditing result is described. As shown in fig. 5, S202 includes:
s501, determining whether the grammar rule of the newly added code is consistent with the basic grammar rule, and obtaining a first check result.
Illustratively, the first checking result in the embodiment of the present application is used to indicate whether the grammar rule of the newly added code meets the preset basic grammar rule.
In this embodiment, the server may determine, according to the grammar rule of the newly added code, whether the grammar rule is consistent with a preset basic grammar rule, so as to obtain a first verification result; for example, the preset basic grammar rule requires that all codes must be contracted by two characters when writing to enhance the readability, while the codes in the newly added codes are not contracted according to the preset grammar rule and do not meet the requirement of the preset basic grammar rule, and then the first checking result is that the grammar rule of the newly added codes is inconsistent with the preset basic grammar rule.
S502, determining whether the requirement rule of the newly added code is consistent with the requirement rule of the target product, and obtaining a second checking result.
The second checking result in the embodiment of the present application is used to indicate whether the requirement rule of the newly added code meets the requirement rule of the preset target product.
In this embodiment, the server may determine, according to the requirement rule of the newly added code, whether the requirement rule is consistent with the preset requirement rule of the target product, so as to obtain a second verification result; for example, the preset target product requirement rule requires that a verification code function is added in the user registration page to increase security, and the newly added code truly includes related logic and implementation of the verification code, which meets the requirement of the preset target product requirement rule, so that the second verification result can be that the requirement rule of the newly added code is consistent with the requirement rule of the target product.
S503, obtaining a target audit result according to the first audit result and the second audit result.
In this embodiment, the server may combine and sort the first audit result and the second audit result, so as to obtain a final target audit result. Optionally, if the first checking result indicates that the grammar rule of the new added code accords with the basic grammar rule, and the second checking result indicates that the requirement rule of the new added code does not accord with the requirement rule of the target product, the obtained target checking result can be that the requirement rule of the new added code does not accord with the requirement rule of the target product; for another example, the first checking result indicates that the grammar rule of the new added code does not accord with the basic grammar rule, the second checking result indicates that the demand rule of the new added code accords with the demand rule of the target product, and the obtained target checking result can be that the grammar rule of the new added code does not accord with the preset basic grammar rule; for another example, the first checking result indicates that the grammar rule of the new added code does not conform to the basic grammar rule, and the second checking result indicates that the demand rule of the new added code does not conform to the demand rule of the target product, and the obtained target checking result may be that the grammar rule of the new added code does not conform to the preset basic grammar rule and the demand rule of the new added code does not conform to the demand rule of the target product.
In the embodiment of the application, the new code is audited from two dimensions of the grammar rule and the demand rule in a gradual auditing and comprehensive evaluation mode, so that the auditing quality of the new code of the target product can be ensured, and the auditing efficiency and accuracy of the new code of the target product can be improved.
It should be understood that, although the steps in the flowcharts related to the above embodiments are sequentially shown as indicated by arrows, these steps are not necessarily sequentially performed in the order indicated by the arrows. The steps are not strictly limited to the order of execution unless explicitly recited herein, and the steps may be executed in other orders. Moreover, at least some of the steps in the flowcharts described in the above embodiments may include a plurality of steps or a plurality of stages, which are not necessarily performed at the same time, but may be performed at different times, and the order of the steps or stages is not necessarily performed sequentially, but may be performed alternately or alternately with at least some of the other steps or stages.
Based on the same inventive concept, the embodiment of the application also provides a code auditing device for realizing the above related code auditing method. The implementation of the solution provided by the device is similar to the implementation described in the above method, so the specific limitation in one or more code auditing device embodiments provided below may refer to the limitation of the code auditing method hereinabove, and will not be repeated here.
In one embodiment, fig. 6 is a schematic structural diagram of a code auditing apparatus according to an embodiment of the present application, where the code auditing apparatus provided in the embodiment of the present application may be applied to a server. As shown in fig. 6, the code auditing apparatus of the embodiment of the present application includes: a determining module 10, an auditing module 11 and a generating module 12, wherein:
the determining module 10 is configured to invoke a preset detecting tool to determine a new code corresponding to the target product when the code update of the target product is detected.
The auditing module 11 is used for auditing rules corresponding to the newly added codes according to preset auditing rules to obtain target auditing results; the auditing rules comprise basic grammar rules and requirement rules of target products; the target auditing result is used for representing whether the rule corresponding to the newly added code meets the auditing rule or not.
And the generation module 12 is used for generating an audit report according to the target audit result and sending the audit report to the terminal where the developer is located.
The code auditing device provided in this embodiment may execute the above method embodiment, and its implementation principle and technical effects are similar, and will not be described herein.
In one embodiment, as shown in fig. 7, the generating module 12 includes: a first determination unit 121, a first generation unit 122, and a second generation unit 123, wherein:
the first determining unit 121 is configured to determine, according to the target auditing result, a target rule item that does not satisfy the auditing rule in the rule corresponding to the newly added code.
The first generating unit 122 is configured to generate a modification opinion of the target rule item according to the reason that the target rule item does not satisfy the auditing rule.
And a second generation unit 123 for generating an audit report according to the target rule item and the modification opinion.
The code auditing device provided in this embodiment may execute the above method embodiment, and its implementation principle and technical effects are similar, and will not be described herein.
In one embodiment, the second generating unit 123 is specifically configured to: determining a target code segment corresponding to the target rule item from the newly added code; and generating an audit report by using the target code segment and the modification opinion.
The code auditing device provided in this embodiment may execute the above method embodiment, and its implementation principle and technical effects are similar, and will not be described herein.
In one embodiment, as shown in fig. 8, the auditing module 11 includes: a second determination unit 111, a third determination unit 112, and an acquisition unit 113, wherein:
and a second determining unit 111, configured to determine whether the grammar rule of the newly added code is consistent with the basic grammar rule, and obtain a first checking result.
And a third determining unit 112, configured to determine whether the requirement rule of the newly added code is consistent with the requirement rule of the target product, so as to obtain a second checking result.
And the obtaining unit 113 is configured to obtain a target audit result according to the first audit result and the second audit result.
The code auditing device provided in this embodiment may execute the above method embodiment, and its implementation principle and technical effects are similar, and will not be described herein.
In one embodiment, the detection tool optionally includes any one of a distributed version control system, a code analysis tool, and a detection script.
The code auditing device provided in this embodiment may execute the above method embodiment, and its implementation principle and technical effects are similar, and will not be described herein.
In one embodiment, as shown in fig. 9, the apparatus further includes: a second generation module 13 and a third generation module 14, wherein:
the second generation module 13 is configured to generate a basic grammar rule according to grammar rules corresponding to codes of different financial products.
The third generating module 14 is configured to generate a requirement rule of the target product according to the function and the attribute of the target product.
The code auditing device provided in this embodiment may execute the above method embodiment, and its implementation principle and technical effects are similar, and will not be described herein.
The modules in the code auditing device may be implemented in whole or in part by software, hardware, and combinations thereof. The above modules may be embedded in hardware or may be independent of a processor in the computer device, or may be stored in software in a memory in the computer device, so that the processor may call and execute operations corresponding to the above modules.
In one embodiment, fig. 10 is a schematic structural diagram of a computer device according to one embodiment of the present application, and optionally, a computer device is provided, which may be a server, and an internal structure diagram thereof may be shown in fig. 10. The computer device may include a processor, memory, input/Output interfaces (I/O for short), and a communication interface. The processor, the memory and the input/output interface are connected through a system bus, and the communication interface is connected to the system bus through the input/output interface. Wherein the processor of the computer device is configured to provide computing and control capabilities. The memory of the computer device includes a non-volatile storage medium and an internal memory. The non-volatile storage medium stores an operating system, computer programs, and a database. The internal memory provides an environment for the operation of the operating system and computer programs in the non-volatile storage media. The input/output interface of the computer device is used to exchange information between the processor and the external device. The communication interface of the computer device is used for communicating with an external terminal through a network connection. The computer program is executed by a processor to implement a code auditing method.
It will be appreciated by those skilled in the art that the structure shown in fig. 10 is merely a block diagram of some of the structures associated with the present application and is not limiting of the computer device to which the present application may be applied, and that a particular computer device may include more or fewer components than shown, or may combine certain components, or have a different arrangement of components.
In one embodiment, a computer device is provided comprising a memory and a processor, the memory having stored therein a computer program, the processor when executing the computer program performing the steps of:
under the condition that the code update of the target product is detected, a preset detection tool is called to determine a new code corresponding to the target product;
according to a preset auditing rule, auditing the rule corresponding to the newly added code to obtain a target auditing result; the auditing rules comprise basic grammar rules and requirement rules of target products; the target auditing result is used for representing whether the rule corresponding to the newly added code meets the auditing rule or not;
and generating an audit report according to the target audit result, and sending the audit report to a terminal where a developer is located.
In one embodiment, the processor when executing the computer program further performs the steps of:
Determining target rule items which do not meet the auditing rule in the rule corresponding to the newly added code according to the target auditing result;
generating a modification opinion of the target rule item according to the reason that the target rule item does not meet the auditing rule;
and generating an audit report according to the target rule item and the modification opinion.
In one embodiment, the processor when executing the computer program further performs the steps of:
determining a target code segment corresponding to the target rule item from the newly added code; and generating an audit report by using the target code segment and the modification opinion.
In one embodiment, the processor when executing the computer program further performs the steps of:
determining whether the grammar rule of the newly added code is consistent with the basic grammar rule or not, and obtaining a first checking result;
determining whether the requirement rule of the newly added code is consistent with the requirement rule of the target product, and obtaining a second checking result;
and obtaining a target audit result according to the first audit result and the second audit result.
In one embodiment, the detection tool includes any one of a distributed version control system, a code analysis tool, and a detection script.
In one embodiment, the processor when executing the computer program further performs the steps of:
Generating basic grammar rules according to grammar rules corresponding to codes of different financial products; and generating a requirement rule of the target product according to the function and the attribute of the target product.
In one embodiment, a computer readable storage medium is provided having a computer program stored thereon, which when executed by a processor, performs the steps of:
under the condition that the code update of the target product is detected, a preset detection tool is called to determine a new code corresponding to the target product;
according to a preset auditing rule, auditing the rule corresponding to the newly added code to obtain a target auditing result; the auditing rules comprise basic grammar rules and requirement rules of target products; the target auditing result is used for representing whether the rule corresponding to the newly added code meets the auditing rule or not;
and generating an audit report according to the target audit result, and sending the audit report to a terminal where a developer is located.
In one embodiment, the computer program when executed by the processor further performs the steps of:
determining target rule items which do not meet the auditing rule in the rule corresponding to the newly added code according to the target auditing result;
generating a modification opinion of the target rule item according to the reason that the target rule item does not meet the auditing rule;
And generating an audit report according to the target rule item and the modification opinion.
In one embodiment, the computer program when executed by the processor further performs the steps of:
determining a target code segment corresponding to the target rule item from the newly added code; and generating an audit report by using the target code segment and the modification opinion.
In one embodiment, the computer program when executed by the processor further performs the steps of:
determining whether the grammar rule of the newly added code is consistent with the basic grammar rule or not, and obtaining a first checking result;
determining whether the requirement rule of the newly added code is consistent with the requirement rule of the target product, and obtaining a second checking result;
and obtaining a target audit result according to the first audit result and the second audit result.
In one embodiment, the detection tool includes any one of a distributed version control system, a code analysis tool, and a detection script.
In one embodiment, the computer program when executed by the processor further performs the steps of:
generating basic grammar rules according to grammar rules corresponding to codes of different financial products; and generating a requirement rule of the target product according to the function and the attribute of the target product.
In one embodiment, a computer program product is provided comprising a computer program which, when executed by a processor, performs the steps of:
Under the condition that the code update of the target product is detected, a preset detection tool is called to determine a new code corresponding to the target product;
according to a preset auditing rule, auditing the rule corresponding to the newly added code to obtain a target auditing result; the auditing rules comprise basic grammar rules and requirement rules of target products; the target auditing result is used for representing whether the rule corresponding to the newly added code meets the auditing rule or not;
and generating an audit report according to the target audit result, and sending the audit report to a terminal where a developer is located.
In one embodiment, the computer program when executed by the processor further performs the steps of:
determining target rule items which do not meet the auditing rule in the rule corresponding to the newly added code according to the target auditing result;
generating a modification opinion of the target rule item according to the reason that the target rule item does not meet the auditing rule;
and generating an audit report according to the target rule item and the modification opinion.
In one embodiment, the computer program when executed by the processor further performs the steps of:
determining a target code segment corresponding to the target rule item from the newly added code; and generating an audit report by using the target code segment and the modification opinion.
In one embodiment, the computer program when executed by the processor further performs the steps of:
determining whether the grammar rule of the newly added code is consistent with the basic grammar rule or not, and obtaining a first checking result;
determining whether the requirement rule of the newly added code is consistent with the requirement rule of the target product, and obtaining a second checking result;
and obtaining a target audit result according to the first audit result and the second audit result.
In one embodiment, the detection tool includes any one of a distributed version control system, a code analysis tool, and a detection script.
In one embodiment, the computer program when executed by the processor further performs the steps of:
generating basic grammar rules according to grammar rules corresponding to codes of different financial products; and generating a requirement rule of the target product according to the function and the attribute of the target product.
Those skilled in the art will appreciate that implementing all or part of the above-described methods may be accomplished by way of a computer program, which may be stored on a non-transitory computer readable storage medium and which, when executed, may comprise the steps of the above-described embodiments of the methods. Any reference to memory, database, or other medium used in the various embodiments provided herein may include at least one of non-volatile and volatile memory. The nonvolatile Memory may include Read-Only Memory (ROM), magnetic tape, floppy disk, flash Memory, optical Memory, high density embedded nonvolatile Memory, resistive random access Memory (ReRAM), magnetic random access Memory (Magnetoresistive Random Access Memory, MRAM), ferroelectric Memory (Ferroelectric Random Access Memory, FRAM), phase change Memory (Phase Change Memory, PCM), graphene Memory, and the like. Volatile memory can include random access memory (Random Access Memory, RAM) or external cache memory, and the like. By way of illustration, and not limitation, RAM can be in the form of a variety of forms, such as static random access memory (Static Random Access Memory, SRAM) or dynamic random access memory (Dynamic Random Access Memory, DRAM), and the like. The databases referred to in the various embodiments provided herein may include at least one of relational databases and non-relational databases. The non-relational database may include, but is not limited to, a blockchain-based distributed database, and the like. The processors referred to in the embodiments provided herein may be general purpose processors, central processing units, graphics processors, digital signal processors, programmable logic units, quantum computing-based data processing logic units, etc., without being limited thereto.
The technical features of the above embodiments may be arbitrarily combined, and all possible combinations of the technical features in the above embodiments are not described for brevity of description, however, as long as there is no contradiction between the combinations of the technical features, they should be considered as the scope of the description.
The foregoing examples represent only a few embodiments of the present application, which are described in more detail and are not thereby to be construed as limiting the scope of the present application. It should be noted that it would be apparent to those skilled in the art that various modifications and improvements could be made without departing from the spirit of the present application, which would be within the scope of the present application. Accordingly, the scope of protection of the present application shall be subject to the appended claims.

Claims (10)

1. A code auditing method, the method comprising:
under the condition that code updating of a target product is detected, a preset detection tool is called to determine a new code corresponding to the target product;
according to preset auditing rules, auditing rules corresponding to the newly added codes to obtain target auditing results; the auditing rules comprise basic grammar rules and requirement rules of the target product; the target auditing result is used for representing whether the rule corresponding to the newly added code meets the auditing rule or not;
And generating an audit report according to the target audit result, and sending the audit report to a terminal where a developer is located.
2. The method of claim 1, wherein generating an audit report from the target audit result comprises:
determining target rule items which do not meet the auditing rule in the rule corresponding to the newly added code according to the target auditing result;
generating a modification opinion of the target rule item according to the reason that the target rule item does not meet the auditing rule;
and generating the audit report according to the target rule item and the modification opinion.
3. The method of claim 2, wherein the generating the audit report from the target rule item and the modification opinion comprises:
determining a target code segment corresponding to the target rule item from the newly added code;
and generating the audit report by using the target code segment and the modification opinion.
4. The method according to any one of claims 1-3, wherein auditing the rule corresponding to the newly added code according to a preset auditing rule, obtaining a target auditing result, includes:
Determining whether the grammar rule of the newly added code is consistent with the basic grammar rule or not, and obtaining a first check result;
determining whether the requirement rule of the newly added code is consistent with the requirement rule of the target product, and obtaining a second checking result;
and obtaining the target audit result according to the first audit result and the second audit result.
5. The method of claim 1, wherein the detection tool comprises any one of a distributed version control system, a code analysis tool, and a detection script.
6. A method according to any one of claims 1-3, characterized in that the method further comprises:
generating the basic grammar rule according to grammar rules corresponding to codes of different financial products;
and generating a requirement rule of the target product according to the function and the attribute of the target product.
7. A code auditing apparatus, the apparatus comprising:
the determining module is used for calling a preset detecting tool to determine a new code corresponding to the target product under the condition that the code update of the target product is detected;
the auditing module is used for auditing the rule corresponding to the newly added code according to a preset auditing rule to obtain a target auditing result; the auditing rules comprise basic grammar rules and requirement rules of the target product; the target auditing result is used for representing whether the rule corresponding to the newly added code meets the auditing rule or not;
And the generation module is used for generating an audit report according to the target audit result and sending the audit report to a terminal where a developer is located.
8. A computer device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, characterized in that the processor implements the steps of the method according to any one of claims 1 to 6 when the computer program is executed by the processor.
9. A computer readable storage medium, on which a computer program is stored, characterized in that the computer program, when being executed by a processor, carries out the steps of the method according to any one of claims 1 to 6.
10. A computer program product comprising a computer program, characterized in that the computer program, when executed by a processor, implements the steps of the method according to any one of claims 1 to 6.
CN202311234855.6A 2023-09-22 2023-09-22 Code auditing method, apparatus, computer device, storage medium and program product Pending CN117370160A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202311234855.6A CN117370160A (en) 2023-09-22 2023-09-22 Code auditing method, apparatus, computer device, storage medium and program product

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202311234855.6A CN117370160A (en) 2023-09-22 2023-09-22 Code auditing method, apparatus, computer device, storage medium and program product

Publications (1)

Publication Number Publication Date
CN117370160A true CN117370160A (en) 2024-01-09

Family

ID=89393806

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202311234855.6A Pending CN117370160A (en) 2023-09-22 2023-09-22 Code auditing method, apparatus, computer device, storage medium and program product

Country Status (1)

Country Link
CN (1) CN117370160A (en)

Similar Documents

Publication Publication Date Title
CN106796585B (en) Conditional validation rules
CN110474900B (en) Game protocol testing method and device
CN105630656B (en) System robustness analysis method and device based on log model
CN115827895A (en) Vulnerability knowledge graph processing method, device, equipment and medium
CN114116496A (en) Automatic testing method, device, equipment and medium
US10339035B2 (en) Test DB data generation apparatus
CN108460068A (en) Method, apparatus, storage medium and the terminal that report imports and exports
JP2017174418A (en) Data structure abstraction for model checking
KR20220143766A (en) Dynamic discovery and correction of data quality issues
CN112948473A (en) Data processing method, device and system of data warehouse and storage medium
CN107133163A (en) A kind of method and apparatus for verifying description class API
CN111124883A (en) Test case library introduction method, system and equipment based on tree form
CN117370160A (en) Code auditing method, apparatus, computer device, storage medium and program product
CN115858487A (en) Data migration method and device
CN114490415A (en) Service testing method, computer device, storage medium, and computer program product
US9471569B1 (en) Integrating information sources to create context-specific documents
JP6870454B2 (en) Analytical equipment, analytical programs and analytical methods
CN112130838A (en) Transaction data processing method and device
JP2019144873A (en) Block diagram analyzer
CN117521667A (en) Semantic information processing method, semantic information processing device, computer equipment, storage medium and product
CN116755922A (en) Error code information management method and related equipment
CN116401323A (en) Index data processing method and device and computer equipment
CN116362230A (en) Parameter verification method, device and computer equipment storable medium
CN115629958A (en) Universal field level automatic checking method and device for different service interfaces
Shi et al. GethReplayer: a smart contract testing method based on transaction replay

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination