CN117453528A - Code quality determination method, device, equipment and medium for financial service application - Google Patents

Code quality determination method, device, equipment and medium for financial service application Download PDF

Info

Publication number
CN117453528A
CN117453528A CN202311229367.6A CN202311229367A CN117453528A CN 117453528 A CN117453528 A CN 117453528A CN 202311229367 A CN202311229367 A CN 202311229367A CN 117453528 A CN117453528 A CN 117453528A
Authority
CN
China
Prior art keywords
code
application
quality detection
detection model
risk
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202311229367.6A
Other languages
Chinese (zh)
Inventor
李冠蓁
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Bank of China Ltd
Original Assignee
Bank of China Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Bank of China Ltd filed Critical Bank of China Ltd
Priority to CN202311229367.6A priority Critical patent/CN117453528A/en
Publication of CN117453528A publication Critical patent/CN117453528A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/36Preventing errors by testing or debugging software
    • G06F11/3604Software analysis for verifying properties of programs
    • G06F11/3616Software analysis for verifying properties of programs using software metrics
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F18/00Pattern recognition
    • G06F18/20Analysing
    • G06F18/21Design or setup of recognition systems or techniques; Extraction of features in feature space; Blind source separation
    • G06F18/214Generating training patterns; Bootstrap methods, e.g. bagging or boosting
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F18/00Pattern recognition
    • G06F18/20Analysing
    • G06F18/24Classification techniques
    • G06F18/241Classification techniques relating to the classification model, e.g. parametric or non-parametric approaches
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F40/00Handling natural language data
    • G06F40/30Semantic analysis

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Data Mining & Analysis (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Artificial Intelligence (AREA)
  • Bioinformatics & Cheminformatics (AREA)
  • Computer Vision & Pattern Recognition (AREA)
  • Evolutionary Computation (AREA)
  • Evolutionary Biology (AREA)
  • Bioinformatics & Computational Biology (AREA)
  • Software Systems (AREA)
  • Life Sciences & Earth Sciences (AREA)
  • Computer Hardware Design (AREA)
  • General Health & Medical Sciences (AREA)
  • Computational Linguistics (AREA)
  • Health & Medical Sciences (AREA)
  • Audiology, Speech & Language Pathology (AREA)
  • Quality & Reliability (AREA)
  • Machine Translation (AREA)

Abstract

The application relates to a code quality determining method, a code quality determining device, a code quality determining computer device, a code quality determining storage medium and a code quality determining computer program product for financial service application, which can improve accuracy of code quality detection results. The method comprises the following steps: acquiring an application code to be detected corresponding to a financial service application; acquiring measurement characteristics of multiple dimensions for representing the quality of a code structure of an application code, inputting the measurement characteristics of the multiple dimensions into a code quality detection model, and determining the code maintenance risk of the application code by the code quality detection model according to the measurement characteristics of each dimension and the weight corresponding to each dimension; the code maintenance risk characterization application code increases the risk of financial service maintenance difficulty, and the weight corresponding to each dimension is obtained by training a code quality detection model to be trained based on a sample code and a code risk label; and maintaining risks according to the codes output by the code quality detection model to obtain a code quality detection result of the application codes.

Description

Code quality determination method, device, equipment and medium for financial service application
Technical Field
The present invention relates to the technical field of financial science and technology, and in particular, to a method, an apparatus, a computer device, a storage medium and a computer program product for determining code quality of a financial service application.
Background
With the development of financial science and technology, users can conveniently acquire financial services provided by financial institutions through financial service applications, and it is also increasingly important to ensure the quality of the financial service applications.
In the related art, when determining the code quality of a financial service application, a developer extracts a feature related to the application quality from the financial service application, compares the feature with an empirically determined threshold, and obtains a code quality detection result of the financial service application according to the comparison result.
However, the accuracy of the code quality detection result obtained by the method is low, and frequent false alarms exist.
Disclosure of Invention
In view of the foregoing, it is desirable to provide a code quality determination method, apparatus, computer device, computer-readable storage medium, and computer program product for a financial service application that can improve accuracy of code quality detection results.
In a first aspect, the present application provides a method for determining code quality for a financial services application. The method comprises the following steps:
acquiring an application code to be detected corresponding to a financial service application;
acquiring measurement characteristics of a plurality of dimensions for representing the code structure quality of the application code, inputting the measurement characteristics of the plurality of dimensions into a code quality detection model, and determining the code maintenance risk of the application code by the code quality detection model according to the measurement characteristics of each dimension and the weight corresponding to each dimension; the code maintenance risk characterizes the risk that the application code increases the maintenance difficulty of the financial service, and the weight corresponding to each dimension is obtained by training a code quality detection model to be trained based on a sample code and a code risk label;
And according to the code maintenance risk output by the code quality detection model, obtaining a code quality detection result of the application code.
In one embodiment, the inputting the metric features of the multiple dimensions into a code quality detection model, and determining, by the code quality detection model, a code maintenance risk of the application code according to the metric features of each dimension and the weights corresponding to each dimension includes:
acquiring semantic features of the application code;
inputting the semantic features and the measurement features of the plurality of dimensions into a code quality detection model, determining the code structure quality of the application code by the code quality detection model according to the measurement features of the dimensions and the weights corresponding to the dimensions, determining the semantic content expressed by the application code according to the semantic features, and determining the code maintenance risk of the application code according to the code structure quality and the semantic content expressed by the application code.
In one embodiment, the obtaining the semantic features of the application code includes:
acquiring an abstract syntax tree of the application code;
And converting each statement tree of the abstract syntax tree into a statement vector, and obtaining semantic features of the application code according to each statement vector.
In one embodiment, the inputting the metric features of the plurality of dimensions into the code quality detection model includes:
acquiring a plurality of candidate code quality detection models; the candidate code quality detection models are respectively used for detecting code maintenance risks of different types of application codes;
determining the code type of the application code to be detected, and inputting the measurement characteristics of the multiple dimensions into a code quality detection model corresponding to the code type of the application code.
In one embodiment, the code quality detection model is trained by:
acquiring all application codes of a financial service application, and classifying all application codes to obtain sample codes corresponding to a plurality of code types;
acquiring code risk labels corresponding to the sample codes;
for each code type, acquiring sample measurement characteristics of a plurality of dimensions for representing the code structure quality of the code type sample code, inputting the sample measurement characteristics of the plurality of dimensions into a code quality detection model to be trained, determining the prediction weight of each dimension by a weight providing module of the code quality detection model, and determining the code maintenance risk of the sample code according to the sample measurement characteristics of each dimension and the prediction weights corresponding to the dimensions;
And adjusting parameters of each weight providing module according to the code maintenance risk and the code risk output by the code quality detection model of each code type until the training ending condition is met, so as to obtain a trained code quality detection model.
In one embodiment, the determining the code type of the application code to be detected includes:
determining an application function provided by the application code to be detected in the financial service application;
and obtaining the code type of the application code based on the application function.
In a second aspect, the present application also provides a code quality determining apparatus for a financial service application. The device comprises:
the code acquisition module is used for acquiring application codes to be detected corresponding to the financial service application;
the maintenance risk prediction module is used for acquiring measurement characteristics of multiple dimensions for representing the code structure quality of the application code, inputting the measurement characteristics of the multiple dimensions into the code quality detection model, and determining the code maintenance risk of the application code by the code quality detection model according to the measurement characteristics of the dimensions and the weight corresponding to the dimensions; the code maintenance risk characterizes the risk that the application code increases the maintenance difficulty of the financial service, and the weight corresponding to each dimension is obtained by training a code quality detection model to be trained based on a sample code and a code risk label;
And the quality detection result acquisition module is used for acquiring a code quality detection result of the application code according to the code maintenance risk output by the code quality detection model.
In a third aspect, the present application also provides a computer device. The computer device comprises a memory storing a computer program and a processor which when executing the computer program performs the steps of:
acquiring an application code to be detected corresponding to a financial service application;
acquiring measurement characteristics of a plurality of dimensions for representing the code structure quality of the application code, inputting the measurement characteristics of the plurality of dimensions into a code quality detection model, and determining the code maintenance risk of the application code by the code quality detection model according to the measurement characteristics of each dimension and the weight corresponding to each dimension; the code maintenance risk characterizes the risk that the application code increases the maintenance difficulty of the financial service, and the weight corresponding to each dimension is obtained by training a code quality detection model to be trained based on a sample code and a code risk label;
and according to the code maintenance risk output by the code quality detection model, obtaining a code quality detection result of the application code.
In a fourth aspect, the present application also provides a computer-readable storage medium. The computer readable storage medium having stored thereon a computer program which when executed by a processor performs the steps of:
acquiring an application code to be detected corresponding to a financial service application;
acquiring measurement characteristics of a plurality of dimensions for representing the code structure quality of the application code, inputting the measurement characteristics of the plurality of dimensions into a code quality detection model, and determining the code maintenance risk of the application code by the code quality detection model according to the measurement characteristics of each dimension and the weight corresponding to each dimension; the code maintenance risk characterizes the risk that the application code increases the maintenance difficulty of the financial service, and the weight corresponding to each dimension is obtained by training a code quality detection model to be trained based on a sample code and a code risk label;
and according to the code maintenance risk output by the code quality detection model, obtaining a code quality detection result of the application code.
In a fifth aspect, the present application also provides a computer program product. The computer program product comprises a computer program which, when executed by a processor, implements the steps of:
Acquiring an application code to be detected corresponding to a financial service application;
acquiring measurement characteristics of a plurality of dimensions for representing the code structure quality of the application code, inputting the measurement characteristics of the plurality of dimensions into a code quality detection model, and determining the code maintenance risk of the application code by the code quality detection model according to the measurement characteristics of each dimension and the weight corresponding to each dimension; the code maintenance risk characterizes the risk that the application code increases the maintenance difficulty of the financial service, and the weight corresponding to each dimension is obtained by training a code quality detection model to be trained based on a sample code and a code risk label;
and according to the code maintenance risk output by the code quality detection model, obtaining a code quality detection result of the application code.
According to the code quality determining method, the device, the computer equipment, the storage medium and the computer program product of the financial service application, the application code to be detected corresponding to the financial service application can be obtained, then the measurement characteristics of a plurality of dimensions for representing the code structure quality of the application code are obtained, the measurement characteristics of the plurality of dimensions are input into the code quality detecting model, the code quality detecting model determines the code maintenance risk of the application code according to the measurement characteristics of each dimension and the weight corresponding to each dimension, the code maintenance risk represents the risk that the application code increases the maintenance difficulty of the financial service, the weight corresponding to each dimension is obtained by training the code quality detecting model to be trained based on the sample code and the code risk label; and further, the risk can be maintained according to the code output by the code quality detection model, and a code quality detection result of the application code can be obtained. In this embodiment, on the one hand, by determining the weight corresponding to each dimension through model training, it is able to avoid determining the threshold subjectively based on experience and simply comparing the feature with the threshold to obtain a quality detection result, improving the configuration accuracy of each weight, on the other hand, by inputting the measurement features of multiple dimensions into the code quality detection model, it is able to comprehensively analyze the code risk of the application code by combining the factors of multiple dimensions, thereby effectively improving the accuracy of the finally obtained code quality detection result and reducing the false alarm rate.
Drawings
FIG. 1 is an application environment diagram of a method for determining code quality for a financial services application in one embodiment;
FIG. 2 is a flow chart of a method for determining code quality for a financial services application in one embodiment;
FIG. 3 is a flowchart illustrating steps for acquiring a code quality detection model in one embodiment;
FIG. 4 is a flow chart of another method for determining code quality for a financial services application in one embodiment;
FIG. 5 is a block diagram of a code quality determination device for a financial services application in one embodiment;
FIG. 6 is an internal block diagram of a computer device in one embodiment.
Detailed Description
In order to make the objects, technical solutions and advantages of the present application more apparent, the present application will be further described in detail with reference to the accompanying drawings and examples. It should be understood that the specific embodiments described herein are for purposes of illustration only and are not intended to limit the present application.
The method for determining the code quality of the financial service application provided by the embodiment of the application can be applied to an application environment shown in fig. 1, wherein the application environment can comprise a code examining end and a development end of the financial service application, and the code examining end is communicated with the development end through a network. The code censoring end may have a data storage system that may store data that the code censoring end needs to process, which may be integrated on the code censoring end or may be located on a cloud or other network server.
In the application, a code examining end can acquire application codes to be detected corresponding to financial service applications provided by a development end of the financial service applications, then the code examining end acquires measurement characteristics of multiple dimensions for representing the code structure quality of the application codes, the measurement characteristics of the multiple dimensions are input into a code quality detection model, and the code quality detection model determines code maintenance risks of the application codes according to the measurement characteristics of the dimensions and weights corresponding to the dimensions; the code maintenance risk characterization application code increases the risk of financial service maintenance difficulty, and the weight corresponding to each dimension is obtained by training a code quality detection model to be trained based on a sample code and a code risk label; furthermore, the code examining end can maintain risks according to the codes output by the code quality detection model to obtain a code quality detection result of the application codes.
The development end of the financial service application may be, but not limited to, various personal computers, notebook computers, smart phones, tablet computers, and the like. The code examining end can be realized by a stand-alone server or a server cluster formed by a plurality of servers.
In one embodiment, as shown in fig. 2, a method for determining code quality of a financial service application is provided, and the method is applied to a code examining end in fig. 1 for illustration, and includes the following steps:
s201, acquiring application codes to be detected corresponding to financial service applications.
In a specific implementation, the code examining end may obtain an application code to be detected corresponding to the financial service application. For example, the development terminal may send part or all of the code of the financial service application as the application code to be detected to the code review terminal.
S202, acquiring measurement features of multiple dimensions for representing the quality of a code structure of an application code, inputting the measurement features of the multiple dimensions into a code quality detection model, and determining the code maintenance risk of the application code by the code quality detection model according to the measurement features of each dimension and the weight corresponding to each dimension; the code maintenance risk characterization application code increases the risk of financial service maintenance difficulty, and the weight corresponding to each dimension is obtained by training a code quality detection model to be trained based on the sample code and the code risk label.
Wherein the metric features may reflect a degree of redundancy or a degree of brevity of a code structure of the application code.
In practice, the code censoring end may obtain metric features for characterizing multiple dimensions of the code structure quality of the application code, and in some alternative embodiments, the application code to be detected may be input to a static analysis tool, which obtains metric features for characterizing multiple different dimensions of the code structure quality. In some examples, the metric features may include at least two of: the number of effective code lines, the number of repeated code lines, the duty ratio of repeated code lines, the number of repeated code blocks, the number of repeated functions, the number of long functions, the number of parameters in the functions and the number of times of calling the valued function.
And the code quality detection model can be trained in advance based on the sample codes and the code risk labels, and the weights corresponding to the dimensions can be obtained by training the code quality detection model. In one example, the code quality detection model may be derived by training a classifier.
Then, the code examining end can input the measurement characteristics of the multiple dimensions into the code quality detection model, and the code quality detection model determines the code maintenance risk of the application code according to the measurement characteristics of the dimensions and the weight corresponding to the dimensions. In some examples, the code maintenance risk may include code bad smell information that may characterize how hard other code maintenance difficulties in the financial services application are affected by the current normal application code; code corruption, which can be understood as a low quality programming practice, is neither an error or technically incorrect event nor prevents the program from functioning properly; however, the existence of code corruption can be a potential vulnerability for software applications, slowing development speed or increasing the risk of future errors or failures, making software applications difficult to understand, maintain, and evolve.
And S203, maintaining risks according to the codes output by the code quality detection model, and obtaining a code quality detection result of the application codes.
In this step, the code maintenance risk output by the code quality detection model may be acquired, and the code maintenance risk may be determined as a code quality detection result of the application code. For example, in the case where the code quality detection model is a classifier model, the code quality detection model may output a classification result indicating the degree of risk of maintenance of the code, which may be a code quality detection result of the application code.
In this embodiment, an application code to be detected corresponding to a financial service application may be obtained, then a measurement feature of multiple dimensions for characterizing the code structure quality of the application code is obtained, the measurement feature of multiple dimensions is input to a code quality detection model, a code maintenance risk of the application code is determined by the code quality detection model according to the measurement feature of each dimension and the weight corresponding to each dimension, the code maintenance risk characterizes the risk that the application code increases the maintenance difficulty of the financial service, the weight corresponding to each dimension is based on a sample code and a code risk tag, and the code quality detection model to be trained is trained; and further, the risk can be maintained according to the code output by the code quality detection model, and a code quality detection result of the application code can be obtained. In this embodiment, on the one hand, by determining the weight corresponding to each dimension through model training, it is able to avoid determining the threshold subjectively based on experience and simply comparing the feature with the threshold to obtain a quality detection result, improving the configuration accuracy of each weight, on the other hand, by inputting the measurement features of multiple dimensions into the code quality detection model, it is able to comprehensively analyze the code risk of the application code by combining the factors of multiple dimensions, thereby effectively improving the accuracy of the finally obtained code quality detection result and reducing the false alarm rate.
In one embodiment, step S202 inputs the metric features of multiple dimensions into a code quality detection model, and the code quality detection model determines a code maintenance risk of the application code according to the metric features of each dimension and the weights corresponding to each dimension, and may include the following steps:
acquiring semantic features of application codes; the method comprises the steps of inputting semantic features and measurement features of multiple dimensions into a code quality detection model, determining the code structure quality of an application code by the code quality detection model according to the measurement features of the dimensions and weights corresponding to the dimensions, determining semantic content expressed by the application code according to the semantic features, and determining the code maintenance risk of the application code according to the code structure quality and the semantic content expressed by the application code.
In this embodiment, after the code censoring end obtains the application code to be detected, the code censoring end may obtain the semantic feature of the application code, where the semantic feature may be feature information for reflecting the semantic content of the code.
Then, the semantic features and the acquired measurement features of the plurality of dimensions can be input into a code quality detection model, the code quality detection model determines the code structure quality of the application code according to the measurement features of the dimensions and the weights corresponding to the dimensions, in an example, the measurement features of the dimensions and the weights corresponding to the dimensions can be weighted and summed, the weighted and summed result is processed by combining with the network structure of the code quality detection model, and then the processing result can be determined as the code structure quality, wherein the code structure quality is an evaluation result determined by integrating the measurement features of the plurality of dimensions; on the other hand, the code quality detection model may determine semantic content of the application code expression based on the input semantic features.
Since the part with structural flaws in the code structure is added for accurately expressing the designated code semantics, for example, the part of repeated content may be non-redundant, and the code quality and quantity detection model can determine the code maintenance risk of the application code according to the code structure quality and the semantic content expressed by the application code after obtaining the code structure quality and the semantic content expressed by the application code.
In the embodiment, by inputting the semantic features into the code quality detection model, the auxiliary model can accurately identify semantic content represented by the application code, then comprehensively judge the maintenance risk of the application code by combining the semantic content and the code structure, reduce the misjudgment condition and effectively identify the accuracy of the obtained code maintenance risk.
In one embodiment, obtaining the semantic features of the application code may include the steps of:
acquiring an abstract syntax tree of an application code; each sentence tree of the abstract syntax tree is converted into sentence vectors, and semantic features of the application codes are obtained according to the sentence vectors.
In practical application, the code examining end can obtain an abstract syntax tree of the application code, and the abstract syntax tree can be composed of at least one statement tree. Wherein the abstract syntax tree (a bstractsyntax code, AST) is a tree representation of an abstract syntax structure of text written in a formal language, e.g. source code, each node on the tree representing a structure that appears in the text of the application code.
After the abstract syntax tree is obtained, the abstract syntax tree may be converted into sentence vectors by a traversal algorithm, for example, each sentence tree may be converted into a sentence vector by using a breadth-first traversal algorithm, and thus, the obtained sentence vector may be used as a semantic feature of the application code.
In this embodiment, the semantic features of the application code can be quickly obtained according to the abstract syntax tree, so that the extraction speed of the semantic features is improved.
In one embodiment, S202 inputs metric features of multiple dimensions to a code quality detection model, comprising:
acquiring a plurality of candidate code quality detection models; the candidate code quality detection models are respectively used for detecting code maintenance risks of different types of application codes; the code type of the application code to be detected is determined, and the metric features of the plurality of dimensions are input to a code quality detection model corresponding to the code type of the application code.
In particular implementations, the code content may have different characteristics for different types of code. In this embodiment, corresponding code quality detection models may be trained in advance for different types of application codes, and each candidate code quality detection model is used to detect a code maintenance risk of the different types of application codes, respectively. Then, the code censoring end may acquire a plurality of candidate code quality detection models, for example, the plurality of candidate code quality detection models may be deployed in advance at the code censoring end. In an alternative embodiment, the codes of the financial services application may be categorized in any one of the following ways: the code is divided according to the code function, the module to which the code belongs, the version of the financial service application, the application function provided by the code, the hierarchy (such as bottom layer, middle layer and top layer) of the code and the development language used in the code development.
Then, after the application code to be detected is obtained, the code type of the application code to be detected can be determined, then a code quality model corresponding to the code type is determined from a plurality of candidate code quality detection models, and measurement characteristics of a plurality of dimensions are input into the model to perform code maintenance risk prediction.
In this embodiment, by training corresponding code quality detection models for different types of application codes in advance and inputting the application codes into the corresponding code quality detection models for prediction, the code features of the different types of application codes can be differentially combined, the risk of maintaining the prediction codes can be predicted, and the accuracy of the prediction result can be improved.
In one embodiment, as shown in FIG. 3, the code quality detection model may be trained by:
s301, acquiring all application codes of the financial service application, and classifying all application codes to obtain sample codes corresponding to the code types.
In practical application, all application codes of the financial service application can be obtained, and in an alternative embodiment, the application codes used can refer to all codes of the financial service application with the same version; alternatively, all code of the plurality of versions of the financial service application may be referred to.
Then, all the application codes can be classified to obtain codes of a plurality of code types, and the codes of the code types obtained by classification are used as sample codes. In an alternative embodiment, the codes of the financial service application may be categorized in any of the following ways, resulting in sample codes of different code types: the code is divided according to the code function, the module to which the code belongs, the version of the financial service application, the application function provided by the code, the hierarchy (such as bottom layer, middle layer and top layer) of the code and the development language used in the code development.
S302, code risk labels corresponding to all sample codes are obtained.
After each sample code is obtained, a code risk label corresponding to each sample code can be obtained, the code risk label can represent the degree of the sample code to increase the maintenance difficulty of the financial service, and the label can be set by a developer, or can be determined according to the maintenance times (or the maintenance difficulty) of the financial service application after the sample code is increased.
S303, for each code type, acquiring sample measurement characteristics of multiple dimensions for representing the code structure quality of the code type sample code, inputting the sample measurement characteristics of the multiple dimensions into a code quality detection model to be trained, determining the prediction weight of each dimension by a weight providing module of the code quality detection model, and determining the code maintenance risk of the sample code according to the sample measurement characteristics of each dimension and the prediction weights corresponding to each dimension.
Specifically, after the obtained sample codes corresponding to the code types respectively, for each code type, sample measurement features of multiple dimensions for characterizing the code structure quality of the code type sample codes can be obtained, for example, each sample code is respectively analyzed and processed through a static analysis tool, so that the measurement features of multiple dimensions are obtained and used as the sample measurement features. In some embodiments, preprocessing, such as data missing value processing, normalization, etc., may be performed on the acquired sample metric features to improve the data quality of the sample metric features.
Then, sample measurement characteristics of multiple dimensions can be input into a code quality detection model to be trained corresponding to the code type, a weight providing module of the code quality detection model determines the prediction weight of each dimension, and then the code quality detection model determines the code maintenance risk of the sample code according to the sample measurement characteristics of each dimension and the prediction weights corresponding to each dimension.
S304, adjusting parameters of each weight providing module according to the code maintenance risk and the code risk output by the code quality detection model of each code type until the training ending condition is met, and obtaining a trained code quality detection model.
In this step, the code quality detection model corresponding to each code type may be supervised and trained by using the code risk tag, specifically, a model loss value may be determined according to the code maintenance risk and the code risk output by the code quality detection model of each code type, and parameters of the weight providing module and other model parameters of each code quality detection model may be adjusted according to the model loss value until the training end condition is satisfied, so as to obtain a trained code quality detection model.
For example, as shown in fig. 4, after the sample code of each code type is obtained, the measurement feature and the semantic feature of the sample code can be obtained through a static analysis tool and an abstract syntax tree, respectively, and a training set and a testing set are obtained based on the measurement feature and the semantic feature of the sample code, and then the classifier can be trained by using the training set and the testing set to obtain a code quality detection model corresponding to the current code type, and then the risk can be predicted through the model.
In this embodiment, by training the corresponding code quality detection model for different types of application codes in advance, on one hand, a basis can be provided for differential accurate detection of the code maintenance risk, so that the subsequent processing speed is effectively improved, on the other hand, the artificial setting of the weight of the measurement feature of each dimension is avoided, the weight reliability is improved, and the accuracy of the code maintenance risk prediction result is increased.
In one embodiment, determining the code type of the application code to be detected includes:
determining an application function provided by an application code to be detected in a financial service application; the code type of the application code is obtained based on the application function.
In this embodiment, an application function provided by the application code to be detected in the financial service application may be determined, for example, a code annotation in the application code may be read, natural language analysis may be performed on the code annotation, and the application function provided by the application code in the financial service application may be determined according to the analysis result. Further, the code type of the application code can be obtained based on the application function. By determining the code type according to the application function provided by the application code in the financial service application, whether information causing code maintenance risk exists in the application code can be judged by combining the application function, and the accuracy of a prediction result is improved.
It should be understood that, although the steps in the flowcharts related to the embodiments described above are sequentially shown as indicated by arrows, these steps are not necessarily sequentially performed in the order indicated by the arrows. The steps are not strictly limited to the order of execution unless explicitly recited herein, and the steps may be executed in other orders. Moreover, at least some of the steps in the flowcharts described in the above embodiments may include a plurality of steps or a plurality of stages, which are not necessarily performed at the same time, but may be performed at different times, and the order of the steps or stages is not necessarily performed sequentially, but may be performed alternately or alternately with at least some of the other steps or stages.
Based on the same inventive concept, the embodiment of the application also provides a code quality determining device of the financial service application for realizing the code quality determining method of the financial service application. The implementation of the solution provided by the device is similar to the implementation described in the above method, so the specific limitation in the embodiments of the code quality determining device for one or more financial service applications provided below may refer to the limitation of the code quality determining method for a financial service application hereinabove, and will not be repeated here.
In one embodiment, as shown in fig. 5, there is provided a code quality determining apparatus of a financial service application, comprising:
the code obtaining module 501 is configured to obtain an application code to be detected corresponding to a financial service application;
a maintenance risk prediction module 502, configured to obtain measurement features of multiple dimensions for characterizing quality of a code structure of the application code, input the measurement features of the multiple dimensions into a code quality detection model, and determine, by the code quality detection model, a code maintenance risk of the application code according to the measurement features of the dimensions and weights corresponding to the dimensions; the code maintenance risk characterizes the risk that the application code increases the maintenance difficulty of the financial service, and the weight corresponding to each dimension is obtained by training a code quality detection model to be trained based on a sample code and a code risk label;
And a quality detection result obtaining module 503, configured to obtain a code quality detection result of the application code according to the code maintenance risk output by the code quality detection model.
In one embodiment, the maintenance risk prediction module 502 is configured to:
acquiring semantic features of the application code;
inputting the semantic features and the measurement features of the plurality of dimensions into a code quality detection model, determining the code structure quality of the application code by the code quality detection model according to the measurement features of the dimensions and the weights corresponding to the dimensions, determining the semantic content expressed by the application code according to the semantic features, and determining the code maintenance risk of the application code according to the code structure quality and the semantic content expressed by the application code.
In one embodiment, the maintenance risk prediction module 502 is configured to:
acquiring an abstract syntax tree of the application code;
and converting each statement tree of the abstract syntax tree into a statement vector, and obtaining semantic features of the application code according to each statement vector.
In one embodiment, the maintenance risk prediction module 502 is configured to:
Acquiring a plurality of candidate code quality detection models; the candidate code quality detection models are respectively used for detecting code maintenance risks of different types of application codes;
determining the code type of the application code to be detected, and inputting the measurement characteristics of the multiple dimensions into a code quality detection model corresponding to the code type of the application code.
In one embodiment, the apparatus further comprises:
the sample acquisition module is used for acquiring all application codes of the financial service application, classifying the application codes and obtaining sample codes corresponding to the code types;
the label acquisition module is used for acquiring code risk labels corresponding to the sample codes;
a risk prediction model, configured to obtain, for each code type, a plurality of dimension sample metric features for characterizing a code structure quality of the code type sample code, input the plurality of dimension sample metric features to a code quality detection model to be trained, determine a prediction weight of each dimension by a weight providing module of the code quality detection model, and determine a code maintenance risk of the sample code according to the dimension sample metric features and the corresponding prediction weights of each dimension;
And the parameter adjustment module is used for adjusting the parameters of each weight providing module according to the code maintenance risk and the code risk output by the code quality detection model of each code type until the training ending condition is met, so as to obtain a trained code quality detection model.
In one embodiment, the maintenance risk prediction module 502 is configured to:
determining an application function provided by the application code to be detected in the financial service application;
and obtaining the code type of the application code based on the application function.
The respective modules in the code quality determining apparatus of the above-described financial service application may be implemented in whole or in part by software, hardware, and combinations thereof. The above modules may be embedded in hardware or may be independent of a processor in the computer device, or may be stored in software in a memory in the computer device, so that the processor may call and execute operations corresponding to the above modules.
In one embodiment, a computer device is provided, which may be a server, the internal structure of which may be as shown in fig. 6. The computer device includes a processor, a memory, an Input/Output interface (I/O) and a communication interface. The processor, the memory and the input/output interface are connected through a system bus, and the communication interface is connected to the system bus through the input/output interface. Wherein the processor of the computer device is configured to provide computing and control capabilities. The memory of the computer device includes a non-volatile storage medium and an internal memory. The non-volatile storage medium stores an operating system, computer programs, and a database. The internal memory provides an environment for the operation of the operating system and computer programs in the non-volatile storage media. The database of the computer device is for storing data for implementing code quality determinations for financial services applications. The input/output interface of the computer device is used to exchange information between the processor and the external device. The communication interface of the computer device is used for communicating with an external terminal through a network connection. The computer program, when executed by a processor, implements a method of code quality determination for a financial services application.
It will be appreciated by those skilled in the art that the structure shown in fig. 6 is merely a block diagram of some of the structures associated with the present application and is not limiting of the computer device to which the present application may be applied, and that a particular computer device may include more or fewer components than shown, or may combine certain components, or have a different arrangement of components.
In one embodiment, a computer device is provided, comprising a memory and a processor, the memory having stored therein a computer program, the processor implementing the steps of the method embodiments described above when the computer program is executed.
In one embodiment, a computer-readable storage medium is provided, on which a computer program is stored which, when executed by a processor, implements the steps of the method embodiments described above.
In an embodiment, a computer program product is provided, comprising a computer program which, when executed by a processor, implements the steps of the method embodiments described above.
It should be noted that, the user information (including, but not limited to, user equipment information, user personal information, etc.) and the data (including, but not limited to, data for analysis, stored data, presented data, etc.) referred to in the present application are information and data authorized by the user or sufficiently authorized by each party, and the collection, use and processing of the related data are required to comply with the related laws and regulations and standards of the related countries and regions.
Those skilled in the art will appreciate that implementing all or part of the above described methods may be accomplished by way of a computer program stored on a non-transitory computer readable storage medium, which when executed, may comprise the steps of the embodiments of the methods described above. Any reference to memory, database, or other medium used in the various embodiments provided herein may include at least one of non-volatile and volatile memory. The nonvolatile Memory may include Read-Only Memory (ROM), magnetic tape, floppy disk, flash Memory, optical Memory, high density embedded nonvolatile Memory, resistive random access Memory (ReRAM), magnetic random access Memory (Magnetoresistive Random Access Memory, MRAM), ferroelectric Memory (Ferroelectric Random Access Memory, FRAM), phase change Memory (Phase Change Memory, PCM), graphene Memory, and the like. Volatile memory can include random access memory (Random Access Memory, RAM) or external cache memory, and the like. By way of illustration, and not limitation, RAM can be in the form of a variety of forms, such as static random access memory (Static Random Access Memory, SRAM) or dynamic random access memory (Dynamic Random Access Memory, DRAM), and the like. The databases referred to in the various embodiments provided herein may include at least one of relational databases and non-relational databases. The non-relational database may include, but is not limited to, a blockchain-based distributed database, and the like. The processors referred to in the embodiments provided herein may be general purpose processors, central processing units, graphics processors, digital signal processors, programmable logic units, quantum computing-based data processing logic units, etc., without being limited thereto.
The technical features of the above embodiments may be arbitrarily combined, and all possible combinations of the technical features in the above embodiments are not described for brevity of description, however, as long as there is no contradiction between the combinations of the technical features, they should be considered as the scope of the description.
The above examples only represent a few embodiments of the present application, which are described in more detail and are not to be construed as limiting the scope of the present application. It should be noted that it would be apparent to those skilled in the art that various modifications and improvements could be made without departing from the spirit of the present application, which would be within the scope of the present application. Accordingly, the scope of protection of the present application shall be subject to the appended claims.

Claims (10)

1. A method for determining code quality for a financial services application, the method comprising:
acquiring an application code to be detected corresponding to a financial service application;
acquiring measurement characteristics of a plurality of dimensions for representing the code structure quality of the application code, inputting the measurement characteristics of the plurality of dimensions into a code quality detection model, and determining the code maintenance risk of the application code by the code quality detection model according to the measurement characteristics of each dimension and the weight corresponding to each dimension; the code maintenance risk characterizes the risk that the application code increases the maintenance difficulty of the financial service, and the weight corresponding to each dimension is obtained by training a code quality detection model to be trained based on a sample code and a code risk label;
And according to the code maintenance risk output by the code quality detection model, obtaining a code quality detection result of the application code.
2. The method of claim 1, wherein the inputting the metrology features of the plurality of dimensions into a code quality detection model, determining, by the code quality detection model, a code maintenance risk for the application code based on the metrology features of each dimension and the weights corresponding to each dimension, comprises:
acquiring semantic features of the application code;
inputting the semantic features and the measurement features of the plurality of dimensions into a code quality detection model, determining the code structure quality of the application code by the code quality detection model according to the measurement features of the dimensions and the weights corresponding to the dimensions, determining the semantic content expressed by the application code according to the semantic features, and determining the code maintenance risk of the application code according to the code structure quality and the semantic content expressed by the application code.
3. The method of claim 2, wherein the obtaining semantic features of the application code comprises:
Acquiring an abstract syntax tree of the application code;
and converting each statement tree of the abstract syntax tree into a statement vector, and obtaining semantic features of the application code according to each statement vector.
4. A method according to any one of claims 1 to 3, wherein said inputting the metric features of the plurality of dimensions into a code quality detection model comprises:
acquiring a plurality of candidate code quality detection models; the candidate code quality detection models are respectively used for detecting code maintenance risks of different types of application codes;
determining the code type of the application code to be detected, and inputting the measurement characteristics of the multiple dimensions into a code quality detection model corresponding to the code type of the application code.
5. The method of claim 4, wherein the code quality detection model is trained by:
acquiring all application codes of a financial service application, and classifying all application codes to obtain sample codes corresponding to a plurality of code types;
acquiring code risk labels corresponding to the sample codes;
for each code type, acquiring sample measurement characteristics of a plurality of dimensions for representing the code structure quality of the code type sample code, inputting the sample measurement characteristics of the plurality of dimensions into a code quality detection model to be trained, determining the prediction weight of each dimension by a weight providing module of the code quality detection model, and determining the code maintenance risk of the sample code according to the sample measurement characteristics of each dimension and the prediction weights corresponding to the dimensions;
And adjusting parameters of each weight providing module according to the code maintenance risk and the code risk output by the code quality detection model of each code type until the training ending condition is met, so as to obtain a trained code quality detection model.
6. The method of claim 4, wherein the determining the code type of the application code to be detected comprises:
determining an application function provided by the application code to be detected in the financial service application;
and obtaining the code type of the application code based on the application function.
7. A code quality determining apparatus for a financial service application, the apparatus comprising:
the code acquisition module is used for acquiring application codes to be detected corresponding to the financial service application;
the maintenance risk prediction module is used for acquiring measurement characteristics of multiple dimensions for representing the code structure quality of the application code, inputting the measurement characteristics of the multiple dimensions into the code quality detection model, and determining the code maintenance risk of the application code by the code quality detection model according to the measurement characteristics of the dimensions and the weight corresponding to the dimensions; the code maintenance risk characterizes the risk that the application code increases the maintenance difficulty of the financial service, and the weight corresponding to each dimension is obtained by training a code quality detection model to be trained based on a sample code and a code risk label;
And the quality detection result acquisition module is used for acquiring a code quality detection result of the application code according to the code maintenance risk output by the code quality detection model.
8. A computer device comprising a memory and a processor, the memory storing a computer program, characterized in that the processor implements the steps of the method of any of claims 1 to 6 when the computer program is executed.
9. A computer readable storage medium, on which a computer program is stored, characterized in that the computer program, when being executed by a processor, implements the steps of the method of any of claims 1 to 6.
10. A computer program product comprising a computer program, characterized in that the computer program, when being executed by a processor, implements the steps of the method of any of claims 1 to 6.
CN202311229367.6A 2023-09-21 2023-09-21 Code quality determination method, device, equipment and medium for financial service application Pending CN117453528A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202311229367.6A CN117453528A (en) 2023-09-21 2023-09-21 Code quality determination method, device, equipment and medium for financial service application

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202311229367.6A CN117453528A (en) 2023-09-21 2023-09-21 Code quality determination method, device, equipment and medium for financial service application

Publications (1)

Publication Number Publication Date
CN117453528A true CN117453528A (en) 2024-01-26

Family

ID=89593695

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202311229367.6A Pending CN117453528A (en) 2023-09-21 2023-09-21 Code quality determination method, device, equipment and medium for financial service application

Country Status (1)

Country Link
CN (1) CN117453528A (en)

Similar Documents

Publication Publication Date Title
US11238240B2 (en) Semantic map generation from natural-language-text documents
CN114298417A (en) Anti-fraud risk assessment method, anti-fraud risk training method, anti-fraud risk assessment device, anti-fraud risk training device and readable storage medium
CN115827895A (en) Vulnerability knowledge graph processing method, device, equipment and medium
Al-Sabbagh et al. Selective regression testing based on big data: comparing feature extraction techniques
CN116910592A (en) Log detection method and device, electronic equipment and storage medium
Vahedi et al. Cloud based malware detection through behavioral entropy
CN116361788A (en) Binary software vulnerability prediction method based on machine learning
CN117453528A (en) Code quality determination method, device, equipment and medium for financial service application
CN116186708A (en) Class identification model generation method, device, computer equipment and storage medium
CN111444093B (en) Method and device for determining quality of project development process and computer equipment
CN113407719A (en) Text data detection method and device, electronic equipment and storage medium
CN117319091B (en) Enterprise software network security vulnerability detection method and system based on deep learning
US9785450B2 (en) Triggered controlled event listener learner
KR20200065683A (en) An apparatus for classify log massage to patterns
Wessman Advanced Algorithms for Classification and Anomaly Detection on Log File Data: Comparative study of different Machine Learning Approaches
CN117710100B (en) Data analysis method based on block chain and calculation server
CN114756401B (en) Abnormal node detection method, device, equipment and medium based on log
CN117972732B (en) Intelligent contract vulnerability detection method and system based on multi-feature fusion
CN117971689A (en) Script quality testing method, device, equipment and storage medium
CN117370160A (en) Code auditing method, apparatus, computer device, storage medium and program product
CN117828025A (en) File content examination method and device based on artificial intelligence and computer equipment
Toikka Online Detection of Change Points in Software Regression Test Case Execution Times
CN117973940A (en) Urban system electric power emergency capacity prediction method and device and computer equipment
CN118036599A (en) End-to-end joint measurement scene determination method and device, computer equipment and storage medium
Lee et al. AdCPG: Classifying JavaScript Code Property Graphs with Explanations for Ad and Tracker Blocking

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination