CN114546399A - Code auditing method, device, equipment and storage medium for machine learning - Google Patents

Code auditing method, device, equipment and storage medium for machine learning Download PDF

Info

Publication number
CN114546399A
CN114546399A CN202210134239.2A CN202210134239A CN114546399A CN 114546399 A CN114546399 A CN 114546399A CN 202210134239 A CN202210134239 A CN 202210134239A CN 114546399 A CN114546399 A CN 114546399A
Authority
CN
China
Prior art keywords
code
decision tree
auditing
target
development
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202210134239.2A
Other languages
Chinese (zh)
Inventor
苟伟
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Weikun Shanghai Technology Service Co Ltd
Original Assignee
Weikun Shanghai Technology Service Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Weikun Shanghai Technology Service Co Ltd filed Critical Weikun Shanghai Technology Service Co Ltd
Priority to CN202210134239.2A priority Critical patent/CN114546399A/en
Publication of CN114546399A publication Critical patent/CN114546399A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F8/00Arrangements for software engineering
    • G06F8/40Transformation of program code
    • G06F8/41Compilation
    • G06F8/43Checking; Contextual analysis
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F8/00Arrangements for software engineering
    • G06F8/70Software maintenance or management
    • G06F8/71Version control; Configuration management
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06NCOMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
    • G06N20/00Machine learning

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Security & Cryptography (AREA)
  • Artificial Intelligence (AREA)
  • Computer Vision & Pattern Recognition (AREA)
  • Data Mining & Analysis (AREA)
  • Evolutionary Computation (AREA)
  • Medical Informatics (AREA)
  • Computing Systems (AREA)
  • Mathematical Physics (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)

Abstract

The application relates to the technical field of artificial intelligence, and discloses a code auditing method, device, equipment and storage medium for machine learning, wherein the method comprises the following steps: according to the target development tool identification and the target development environment configuration data, a code auditing decision tree is obtained from a preset code auditing decision tree library and is used as a recommended code auditing decision tree, and the code auditing decision tree is used for a general auditing rule and a private auditing rule applicable to an auditing object in a decision code; checking the decision tree according to the recommended code to obtain decision tree configuration data input by a user; generating a target code auditing decision tree according to the decision tree configuration data; acquiring a code packet to be checked, which is sent by a target development tool; and adopting a preset code auditing rule base and a target code auditing decision tree to audit the code packet to be audited to obtain a code auditing result. The method meets the requirements of general and private auditing, improves the comprehensiveness of auditing, and is suitable for code auditing with complex business logic.

Description

Code auditing method, device, equipment and storage medium for machine learning
Technical Field
The present application relates to the field of artificial intelligence technology, and in particular, to a method, an apparatus, a device, and a storage medium for code auditing in machine learning.
Background
When JAVA code development is carried out in development tools such as Eclipse (open source code, Java-based extensible development platform), IDEA (Java programming language development integration environment) and the like, some code auditing plug-ins are needed to help developers to carry out automatic code auditing, and some common development errors are avoided. The code auditing plug-ins with the most common targets comprise an Ali auditing plug-in and some simple code auditing plug-ins carried by IDEA, and the plug-ins can only adopt some general auditing rules to carry out some simple checks on JAVA codes, such as overlong code blocks, whether variable naming accords with a hump naming method, and the like. Then, for the code with complex business logic, because each system or each application has some unique points needing to be audited or verified, the value of the audit result of the universal audit rule is limited, and the help of the developer is limited.
Disclosure of Invention
The application mainly aims to provide a code auditing method, device, equipment and storage medium for machine learning, and aims to solve the technical problems that in the prior art, code auditing is performed by adopting an Ali auditing plug-in or a code auditing plug-in carried by a development tool, and only a general auditing rule is adopted to perform simple verification, so that the method is not suitable for code auditing with complex business logic.
In order to achieve the above object, the present application provides a code auditing method for machine learning, the method including:
acquiring a code development request sent by a target development tool;
according to the target development tool identification and the target development environment configuration data carried by the code development request, obtaining a code audit decision tree from a preset code audit decision tree library to serve as a recommended code audit decision tree, wherein the code audit decision tree is a decision tree obtained based on machine learning and is used for a general audit rule and a private audit rule applicable to an audit object in a decision code;
checking the decision tree according to the recommended code to acquire decision tree configuration data input by a user;
generating a target code auditing decision tree according to the decision tree configuration data;
acquiring a code packet to be checked, which is sent by the target development tool;
and auditing the code packet to be audited by adopting a preset code auditing rule base and the target code auditing decision tree to obtain a code auditing result.
Further, before the obtaining of the code development request sent by the target development tool, the method further includes:
acquiring a development environment object recommendation request sent by the target development tool, wherein the development environment object recommendation request carries configured development environment data;
acquiring a target development type corresponding to the configured development environment data;
acquiring a development environment object recommendation model corresponding to the target development tool and the target development type from a preset development environment object recommendation model library, and taking the development environment object recommendation model as a target development environment object recommendation model;
determining a configured development environment object link from the configured development environment data;
inputting the configured development environment object link into the target development environment object recommendation model to predict the probability of the next development environment object, so as to obtain a probability prediction result of the development environment object;
recommending the development environment object according to the probability prediction result of the development environment object to obtain a recommendation result of the development environment object;
and sending the recommendation result of the development environment object to the target development tool.
Further, the sending the recommendation result of the development environment object to the target development tool includes:
acquiring a derivative tool recommendation model corresponding to the target development tool and the target development type from a preset derivative tool recommendation model library as a target derivative tool recommendation model;
inputting the configured development environment object link into the target derivative tool recommendation model to carry out derivative tool probability prediction to obtain a derivative tool probability prediction result;
recommending a derivative tool according to the probability prediction result of the derivative tool to obtain a recommendation result of the derivative tool;
and sending the development environment object recommendation result and the derivative tool recommendation result to the target development tool.
Further, before obtaining a code audit decision tree from a preset code audit decision tree library according to a target development tool identifier and target development environment configuration data carried in the code development request, as a recommended code audit decision tree, the method further includes:
acquiring a plurality of training samples corresponding to the identification of the development tool to be trained and the configuration data of the development environment to be trained, wherein the training samples are acquired;
generating a code auditing decision tree according to each training sample by adopting a machine learning method, wherein the code auditing decision tree is used as a code auditing decision tree to be stored;
and updating the code auditing decision tree library according to the to-be-trained development tool identifier, the to-be-trained development environment configuration data and the to-be-stored code auditing decision tree.
Further, the generating a target code review decision tree according to the decision tree configuration data includes:
when the configuration result of the decision tree configuration data is selection recommendation, taking the recommended code audit decision tree as the target code audit decision tree;
when the configuration result of the decision tree configuration data is modification recommendation, generating the target code auditing decision tree according to the recommended code auditing decision tree and the modification result in the decision tree configuration data;
when the configuration result of the decision tree configuration data is direct reselection, acquiring the code checking decision tree from the code checking decision tree library by using a decision tree identifier in the decision tree configuration data as the target code checking decision tree;
and when the configuration result of the decision tree configuration data is modified after reselection, acquiring the code checking decision tree from the code checking decision tree library by using the decision tree identifier in the decision tree configuration data to obtain a code checking decision tree to be modified, and generating the target code checking decision tree according to the code checking decision tree to be modified and the modification result in the decision tree configuration data.
Further, the auditing the code packet to be audited by using a preset code auditing rule base and the target code auditing decision tree to obtain a code auditing result includes:
adopting the target code auditing decision tree to respectively identify the to-be-processed auditing objects of the to-be-audited code packet;
determining a target audit rule identifier for each audit object to be processed by adopting the target code audit decision tree;
finding out a code audit rule corresponding to an appointed audit rule identifier from the code audit rule base to obtain a target code audit rule, wherein the appointed audit rule identifier is any one of the target audit rule identifiers;
adopting the target code auditing rule to audit the to-be-processed auditing object corresponding to the appointed auditing rule identification to obtain a single auditing object auditing result;
and generating the code auditing result according to the auditing result of each single auditing object.
Further, after the code packet to be audited is audited by using a preset code audit rule base and the target code audit decision tree to obtain a code audit result, the method further includes:
and marking and prompting the code packet to be audited according to the code auditing result.
The application also provides a device is examined and examined to machine learning's code, the device includes:
the request acquisition module is used for acquiring a code development request sent by a target development tool;
a recommended code auditing decision tree determining module, configured to obtain a code auditing decision tree from a preset code auditing decision tree library according to a target development tool identifier and target development environment configuration data carried in the code development request, where the code auditing decision tree is a decision tree obtained based on machine learning and is used for a general auditing rule and a private auditing rule applicable to an auditing object in a decision code;
the decision tree configuration data acquisition module is used for checking the decision tree according to the recommended code to acquire decision tree configuration data input by a user;
the target code auditing decision tree generating module is used for generating a target code auditing decision tree according to the decision tree configuration data;
the code packet acquisition module to be audited is used for acquiring the code packet to be audited sent by the target development tool;
and the code auditing result determining module is used for auditing the code packet to be audited by adopting a preset code auditing rule base and the target code auditing decision tree to obtain a code auditing result.
The present application further proposes a computer device comprising a memory and a processor, the memory storing a computer program, the processor implementing the steps of any of the above methods when executing the computer program.
The present application also proposes a computer-readable storage medium having stored thereon a computer program which, when being executed by a processor, carries out the steps of the method of any of the above.
The code auditing method, the device, the equipment and the storage medium for machine learning are characterized in that the code auditing is carried out by a decision tree which is obtained based on machine learning and is used for a general auditing rule and a private auditing rule applicable to an auditing object in a decision code, so that the general and private auditing requirements are met, the auditing comprehensiveness is improved, and the method is suitable for code auditing with complex business logic; and code auditing decision tree recommendation is performed based on the target development tool and target development environment configuration data, so that the accuracy of the determined code auditing decision tree is improved, and the accuracy of code auditing is improved.
Drawings
Fig. 1 is a schematic flowchart of a code auditing method of machine learning according to an embodiment of the present application;
FIG. 2 is a block diagram illustrating a machine-learned code auditing apparatus according to an embodiment of the present application;
fig. 3 is a block diagram illustrating a structure of a computer device according to an embodiment of the present application.
The implementation, functional features and advantages of the objectives of the present application will be further explained with reference to the accompanying drawings.
Detailed Description
In order to make the objects, technical solutions and advantages of the present application more apparent, the present application is described in further detail below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are merely illustrative of and not restrictive on the broad application.
Referring to fig. 1, in an embodiment of the present application, a method for auditing machine-learned codes is provided, where the method includes:
s1: acquiring a code development request sent by a target development tool;
s2: according to the target development tool identification and the target development environment configuration data carried by the code development request, obtaining a code audit decision tree from a preset code audit decision tree library to serve as a recommended code audit decision tree, wherein the code audit decision tree is a decision tree obtained based on machine learning and is used for a general audit rule and a private audit rule applicable to an audit object in a decision code;
s3: checking the decision tree according to the recommended code to acquire decision tree configuration data input by a user;
s4: generating a target code auditing decision tree according to the decision tree configuration data;
s5: acquiring a code packet to be checked, which is sent by the target development tool;
s6: and auditing the code packet to be audited by adopting a preset code auditing rule base and the target code auditing decision tree to obtain a code auditing result.
The code is audited through the decision tree which is obtained based on machine learning and is used for the general audit rule and the private audit rule applicable to the audit object in the decision code, so that the universal and private audit requirements are met, the audit comprehensiveness is improved, and the method is applicable to code audit with complex business logic; and code auditing decision tree recommendation is performed based on the target development tool and target development environment configuration data, so that the accuracy of the determined code auditing decision tree is improved, and the accuracy of code auditing is improved.
For S1, it may be that the user clicks a development start button on the code development interface of the target development tool; when the development start button is clicked, the target development tool generates a code development request; and acquiring a code development request sent by the target development tool through communication connection with the target development tool.
The code development request carries a target development tool identifier and target development environment configuration data.
And identifying the target development tool, namely identifying the development tool of the target development tool. The development tool identification may be a development tool name, a development tool ID, or the like, that uniquely identifies a development tool.
Development tools include, but are not limited to: eclipse tool and IDEA tool.
Target development environment configuration data, that is, development environment configuration data of the target development tool. Development environment configuration data includes, but is not limited to: middleware configuration data, development framework configuration data, database configuration data, Web (global wide area network) service configuration data. A Web Service generally refers to a Web Service. Web Service, a platform-independent, low-coupling, self-contained, programmable Web-based application, can use the open XML (a subset of the standard generalized markup language) standard to describe, publish, discover, coordinate, and configure these applications for developing distributed, interoperating applications.
The code development request is a request for performing code development.
And S2, searching the target development tool identification and the target development environment configuration data from each search keyword in the code audit decision tree library, and taking the corresponding code audit decision tree of the searched search keyword in the code audit decision tree library as a recommended code audit decision tree.
The code audit decision tree library comprises: the keyword and code are retrieved to audit the decision tree.
The general auditing rule is an auditing rule commonly used for code development. Generic audit rules include, but are not limited to: a naming convention, a length convention, and a row number convention.
Private audit rules include, but are not limited to: whether there are common variables, and whether some logical decision needs to be made before the variable can be used.
Logical decisions include, but are not limited to: null pointer judgment, length judgment and attribute fill judgment.
The code auditing decision tree is generated according to a plurality of training samples by adopting a machine learning method. Each of the training samples comprises: and code packet sample data and audit result marking data. The code packet sample data is a data packet of a code. And the auditing result marking data is used for marking the auditing object name of the auditing object in the code packet sample data and marking the auditing rule identifier corresponding to the auditing object. An audit object is any one of a class, a variable, and a method. The audit object names are namely the class name, the variable name and the method name.
That is, the examination object is any one of a code block corresponding to one class, a code block corresponding to one class variable, and a code block corresponding to one class method.
For S3, performing decision tree interface display on the recommended code audit decision tree; and acquiring the decision tree configuration data input by the user in the decision tree interface.
Optionally, the decision tree configuration data is a configuration result of checking the decision tree for the recommended code. The configuration result comprises the following steps: selecting a recommendation or modifying a recommendation. And selecting recommendation, namely directly selecting the recommended code audit decision tree as the code audit decision tree which is required by the user. And modifying recommendation, namely modifying the recommended code audit decision tree to be used as the code audit decision tree which the user wants to use.
For S4, when the configuration result of the decision tree configuration data is a selection recommendation, taking the recommended code audit decision tree as the target code audit decision tree; and when the configuration result of the decision tree configuration data is modification recommendation, generating the target code auditing decision tree according to the recommended code auditing decision tree and the modification result in the decision tree configuration data. And the data is configured through the decision tree, so that the personalized configuration of the user is realized, and the personalized auditing requirement is met.
For S5, the user clicks a code package audit button in a code development interface in the target development tool; when the code package auditing button is clicked, the target development tool takes all codes in a code development interface as a code package to be audited; and acquiring the code packet to be checked, which is sent by the target development tool, through the communication connection with the target development tool.
For S6, the target code audit decision tree is used to identify the audit object and the audit rule identifier of each audit object for the code packet to be audited, and according to each audit rule identifier identified, a code audit rule is obtained from a code audit rule base for auditing the audit objects in the code packet to be audited, and the audit results obtained for each audit object are combined into a code audit result.
The code auditing rule base comprises: audit rule identification and code audit rules.
The code auditing result comprises: audit object location and audit object failure reason.
Optionally, the code audit result further includes: and code auditing rules.
It is understood that steps S1 to S6 may be implemented as a plug-in package, such as a jar package, and then the plug-in package is installed on the development tool, i.e., the code auditing may be performed using steps S1 to S6.
The jar package is a file format independent of a platform, and can combine a plurality of files into one file.
In an embodiment, before the obtaining the code development request sent by the target development tool, the method further includes:
s11: acquiring a development environment object recommendation request sent by the target development tool, wherein the development environment object recommendation request carries configured development environment data;
s12: acquiring a target development type corresponding to the configured development environment data;
s13: acquiring a development environment object recommendation model corresponding to the target development tool and the target development type from a preset development environment object recommendation model library, and taking the development environment object recommendation model as a target development environment object recommendation model;
s14: determining a configured development environment object link from the configured development environment data;
s15: inputting the configured development environment object link into the target development environment object recommendation model to predict the probability of the next development environment object, so as to obtain a probability prediction result of the development environment object;
s16: recommending the development environment object according to the probability prediction result of the development environment object to obtain a recommendation result of the development environment object;
s17: and sending the recommendation result of the development environment object to the target development tool.
In the embodiment, the configured development environment object link is input into the development environment object recommendation model to predict the probability of the next development environment object, so that the accuracy and the efficiency of configuration data configuration of the development environment are improved; and moreover, a development environment object recommendation model corresponding to the target development tool and the target development type is adopted to predict the probability of the next development environment object, so that the accuracy of the recommendation result of the development environment object is improved, and the accuracy of code auditing is improved.
For S11, the user clicks an environment configuration button in the target development tool; when the environment configuration button is clicked, a development environment object recommendation request is triggered; and acquiring a development environment object recommendation request sent by a target development tool through communication connection with the target development tool.
The development environment object recommendation request is a request for recommending a development environment object.
The configured development environment data is configuration data of the development environment that the user has completed.
For S12, a development type may be obtained from the development types carried in the development environment configuration start request as the target development type corresponding to the configured development environment data. The development environment configuration starts to request the carried development type, namely the development type which is selected by the user in the target development tool and is desired to be used.
Optionally, inputting the configured development environment data into a preset development type classification model to perform development type classification probability prediction, so as to obtain a development type classification probability prediction vector; finding out the classification probability with the maximum value from the development type classification probability prediction vector as a target classification probability; and taking the development type corresponding to the target classification probability as the target development type corresponding to the configured development environment data.
Development types include, but are not limited to: normal, entry, high and elite.
And S13, performing first associated data search on the target development tool and the target development type in a development environment object recommendation model base, and taking the development environment object recommendation model corresponding to the searched first associated data in the development environment object recommendation model base as a target development environment object recommendation model.
The development environment object recommendation model library comprises: first association data and a development environment object recommendation model. The first associated data includes: the development tool identifies and develops the type.
The development environment object recommendation model is a multi-classification model.
For S14, a preset development environment object link determination method is used to determine a configured development environment object link from the configured development environment data.
And S15, inputting the configured development environment object link into the target development environment object recommendation model to predict the probability of the next development environment object, and taking the predicted result as the probability prediction result of the development environment object.
For step S16, finding the development environment object probabilities greater than a preset first probability threshold from the development environment object probability prediction results, performing reverse ordering on the found development environment object probabilities to obtain a development environment object probability set, and obtaining a preset first number of development environment object probabilities as a target development environment object probability set from the beginning of the development environment object probability set; and taking each development environment object corresponding to the target development environment object probability set as a development environment object recommendation result.
For S17, the development environment object recommendation is sent to the target development tool through a communication connection with the target development tool.
In an embodiment, the sending the recommendation result of the development environment object to the target development tool includes:
s171: acquiring a derivative tool recommendation model corresponding to the target development tool and the target development type from a preset derivative tool recommendation model library, and taking the derivative tool recommendation model as a target derivative tool recommendation model;
s172: inputting the configured development environment object link into the target derivative tool recommendation model to carry out derivative tool probability prediction to obtain a derivative tool probability prediction result;
s173: recommending a derivative tool according to the probability prediction result of the derivative tool to obtain a recommendation result of the derivative tool;
s174: and sending the development environment object recommendation result and the derivative tool recommendation result to the target development tool.
The method inputs the configured development environment object link into the target derivative tool recommendation model to predict the probability of the derivative tool, thereby improving the accuracy and efficiency of the configuration of the development environment configuration data; and the probability prediction of the derivative tools is carried out by adopting a derivative tool recommendation model corresponding to the target development tools and the target development types, so that the accuracy of the derivative tool recommendation result is improved, and the accuracy of code auditing is improved.
And S171, performing second associated data search on the target development tool and the target development type in a derivative tool recommendation model library, and taking the derivative tool recommendation model corresponding to the searched second associated data in the derivative tool recommendation model library as the target derivative tool recommendation model.
The library of derivative tool recommendation models comprises: second associated data and a derivative tool recommendation model. The second associated data includes: the development tool identifies and develops a type.
The derived tools recommendation model is a multi-classification model.
And S172, inputting the configured development environment object link into the target derivative tool recommendation model to perform derivative tool probability prediction, and taking predicted data as a derivative tool probability prediction result.
For S173, finding out the derived tool probabilities greater than a preset second probability threshold from the derived tool probability prediction result, performing reverse ordering on the found derived tool probabilities to obtain a derived tool probability set, and obtaining preset second number of derived tool probabilities as a target derived tool probability set from the beginning of the derived tool probability set; and taking each derivative tool corresponding to the target derivative tool probability set as a derivative tool recommendation result.
For S174, the development environment object recommendation result and the derivative tool recommendation result are sent to the target development tool through a communication connection with the target development tool.
In an embodiment, before obtaining the code audit decision tree from the preset code audit decision tree library according to the target development tool identifier and the target development environment configuration data carried in the code development request, and as a recommended code audit decision tree, the method further includes:
s21: acquiring a plurality of training samples corresponding to the identification of the development tool to be trained and the configuration data of the development environment to be trained;
s22: generating a code auditing decision tree according to each training sample by adopting a machine learning method, wherein the code auditing decision tree is used as a code auditing decision tree to be stored;
s23: and updating the code auditing decision tree library according to the to-be-trained development tool identifier, the to-be-trained development environment configuration data and the to-be-stored code auditing decision tree.
In this embodiment, a code audit decision tree is generated according to each training sample by a machine learning method, which provides a basis for performing code audit on a decision tree based on a general audit rule and a private audit rule applicable to an audit object in a decision code obtained by machine learning.
For S21, a plurality of training samples corresponding to the identifier of the development tool to be trained and the configuration data of the development environment to be trained may be obtained from the database, a plurality of training samples corresponding to the identifier of the development tool to be trained and the configuration data of the development environment to be trained may be obtained from a third-party application, or a plurality of training samples corresponding to the identifier of the development tool to be trained and the configuration data of the development environment to be trained may be obtained by user input.
And the development tool identifier to be trained is the development tool identifier of the code audit decision tree to be trained.
The development environment configuration data to be trained is the development environment configuration data corresponding to the development tool identifier to be trained.
And S22, generating a decision tree of a general audit rule and a private audit rule applicable to an audit object in a decision code according to each training sample by adopting a machine learning method, taking the generated decision tree as a code audit decision tree corresponding to the to-be-trained development tool identifier and the to-be-trained development environment configuration data, and taking the code audit decision tree as a code audit decision tree to be stored.
The method for generating a decision tree including a general audit rule and a private audit rule according to each training sample by using a machine learning method is not repeated herein.
The code audit decision tree to be stored is the code audit decision tree which needs to be stored in the code audit decision tree library.
And S23, replacing and updating the code audit decision tree library by the to-be-trained development tool identifier, the to-be-trained development environment configuration data and the to-be-stored code audit decision tree.
In an embodiment, the generating a target code audit decision tree according to the decision tree configuration data includes:
s41: when the configuration result of the decision tree configuration data is selection recommendation, taking the recommended code audit decision tree as the target code audit decision tree;
s42: when the configuration result of the decision tree configuration data is modification recommendation, generating the target code auditing decision tree according to the recommended code auditing decision tree and the modification result in the decision tree configuration data;
s43: when the configuration result of the decision tree configuration data is direct reselection, acquiring the code checking decision tree from the code checking decision tree library by using a decision tree identifier in the decision tree configuration data as the target code checking decision tree;
s44: and when the configuration result of the decision tree configuration data is modified after reselection, acquiring the code checking decision tree from the code checking decision tree library by using the decision tree identifier in the decision tree configuration data to obtain a code checking decision tree to be modified, and generating the target code checking decision tree according to the code checking decision tree to be modified and the modification result in the decision tree configuration data.
According to the embodiment, the personalized target code auditing decision tree is generated according to different configuration results of decision tree configuration data, and the personalized code auditing requirements of developers are met.
For S41, when the configuration result of the decision tree configuration data is a selection recommendation, it means that the developer directly selects a recommended code audit decision tree, and thus, the recommended code audit decision tree is directly used as the target code audit decision tree.
For S42, when the configuration result of the decision tree configuration data is a modification recommendation, it means that a developer selects a recommended code audit decision tree and has a part of modifications, so that the recommended code audit decision tree is modified according to the modification result in the decision tree configuration data, and the modified recommended code audit decision tree is used as the target code audit decision tree.
For S43, when the configuration result of the decision tree configuration data is direct reselection, it means that the developer does not select a recommended code audit decision tree, and wants to reselect a code audit decision tree from a code audit decision tree library to directly serve as a target code audit decision tree, so that the decision tree identifier in the decision tree configuration data is used to obtain the code audit decision tree from the code audit decision tree library, and the obtained code audit decision tree is used as the target code audit decision tree.
For S44, when the configuration result of the decision tree configuration data is modified after reselection, it means that a developer does not select a recommended code audit decision tree, and wants to reselect a code audit decision tree from a code audit decision tree library to modify the code audit decision tree to be a target code audit decision tree, so that a decision tree identifier in the decision tree configuration data obtains the code audit decision tree from the code audit decision tree library, the obtained code audit decision tree is used as a code audit decision tree to be modified, the code audit decision tree to be modified is modified according to a modification result in the decision tree configuration data, and the modified code audit decision tree to be modified is used as the target code audit decision tree.
In an embodiment, the auditing the to-be-audited code packet by using a preset code auditing rule base and the target code auditing decision tree to obtain a code auditing result includes:
s61: adopting the target code auditing decision tree to respectively identify the to-be-processed auditing objects of the to-be-audited code packet;
s62: determining a target audit rule identifier for each audit object to be processed by adopting the target code audit decision tree;
s63: finding out a code audit rule corresponding to an appointed audit rule identifier from the code audit rule base to obtain a target code audit rule, wherein the appointed audit rule identifier is any one of the target audit rule identifiers;
s64: adopting the target code auditing rule to audit the to-be-processed auditing object corresponding to the appointed auditing rule identification to obtain a single auditing object auditing result;
s65: and generating the code auditing result according to the auditing result of each single auditing object.
According to the embodiment, the target code auditing decision tree is adopted to identify the auditing object to be processed and determine the auditing rule identifier for the code packet to be audited, and then the code auditing rule is found out from the code auditing rule base by adopting the determined auditing rule identifier to audit the auditing object in the code packet to be audited, so that the universal and private auditing requirements are met, the auditing comprehensiveness is improved, and the method is suitable for code auditing with complex business logic.
And S61, adopting the target code auditing decision tree to identify the auditing object of the code packet to be audited, and using each auditing object obtained by identification as an auditing object to be processed.
And S62, adopting the target code audit decision tree to determine the audit rule identifier of each audit object to be processed, and taking each determined audit rule identifier as a target audit rule identifier.
And S63, finding out the code audit rule corresponding to the appointed audit rule identifier from the code audit rule base, and taking the found code audit rule as the target code audit rule.
And S64, adopting the target code auditing rule, auditing the to-be-processed auditing object corresponding to the appointed auditing rule identifier, and taking the result obtained by auditing as a single auditing object auditing result corresponding to the appointed auditing rule identifier.
And S65, combining the single audit object audit results by adopting a preset result combination method, and taking the combined data as the code audit result.
In an embodiment, after the code packet to be audited is audited by using a preset code audit rule base and the target code audit decision tree to obtain a code audit result, the method further includes:
s71: and marking and prompting the code packet to be audited according to the code auditing result.
According to the embodiment, the code packet to be audited is marked and prompted according to the code auditing result, so that the problem of quick positioning of developers is solved.
For step S71, in an interface where the target development tool displays the code package to be audited, a preset labeling specification and a prompt specification are adopted, and according to the code package audit result, the code package to be audited displayed by the target development tool is labeled and prompted.
And according to the reason that the audit object of the code audit result does not pass the code audit rule and the code audit rule, performing floating layer prompt on each audit object according to the prompt specification.
The labeling specification comprises: one or more of highlighting with a preset background color, underlining with red, and changing the font color.
The prompt specification includes: font color.
Referring to fig. 2, the present application further provides a device for auditing a machine-learned code, where the device includes:
a request obtaining module 100, configured to obtain a code development request sent by a target development tool;
a recommended code audit decision tree determination module 200, configured to obtain a code audit decision tree from a preset code audit decision tree library according to a target development tool identifier and target development environment configuration data carried in the code development request, where the code audit decision tree is a decision tree obtained based on machine learning and is used for a general audit rule and a private audit rule applicable to an audit object in a decision code;
a decision tree configuration data obtaining module 300, configured to audit the decision tree according to the recommended code to obtain decision tree configuration data input by the user;
a target code audit decision tree generation module 400, configured to generate a target code audit decision tree according to the decision tree configuration data;
a code packet acquiring module 500 to be audited, configured to acquire a code packet to be audited sent by the target development tool;
and a code auditing result determining module 600, configured to audit the code packet to be audited by using a preset code auditing rule base and the target code auditing decision tree, so as to obtain a code auditing result.
The code is audited through the decision tree which is obtained based on machine learning and is used for the general audit rule and the private audit rule applicable to the audit object in the decision code, so that the universal and private audit requirements are met, the audit comprehensiveness is improved, and the method is applicable to code audit with complex business logic; and code audit decision tree recommendation is performed based on the target development tool and the target development environment configuration data, so that the accuracy of the determined code audit decision tree is improved, and the code audit accuracy is improved.
Referring to fig. 3, a computer device, which may be a server and whose internal structure may be as shown in fig. 3, is also provided in the embodiment of the present application. The computer device includes a processor, a memory, a network interface, and a database connected by a system bus. Wherein the computer designed processor is used to provide computational and control capabilities. The memory of the computer device comprises a nonvolatile storage medium and an internal memory. The non-volatile storage medium stores an operating system, a computer program, and a database. The memory provides an environment for the operation of the operating system and the computer program in the non-volatile storage medium. The database of the computer equipment is used for storing data such as code auditing methods of machine learning and the like. The network interface of the computer device is used for communicating with an external terminal through a network connection. The computer program is executed by a processor to implement a machine-learned code auditing method. The machine-learned code auditing method comprises the following steps: acquiring a code development request sent by a target development tool; according to the target development tool identification and the target development environment configuration data carried by the code development request, obtaining a code audit decision tree from a preset code audit decision tree library to serve as a recommended code audit decision tree, wherein the code audit decision tree is a decision tree obtained based on machine learning and is used for a general audit rule and a private audit rule applicable to an audit object in a decision code; checking the decision tree according to the recommended code to acquire decision tree configuration data input by a user; generating a target code auditing decision tree according to the decision tree configuration data; acquiring a code packet to be checked, which is sent by the target development tool; and auditing the code packet to be audited by adopting a preset code auditing rule base and the target code auditing decision tree to obtain a code auditing result.
The code is audited through the decision tree which is obtained based on machine learning and is used for the general audit rule and the private audit rule applicable to the audit object in the decision code, so that the universal and private audit requirements are met, the audit comprehensiveness is improved, and the method is applicable to code audit with complex business logic; and code auditing decision tree recommendation is performed based on the target development tool and target development environment configuration data, so that the accuracy of the determined code auditing decision tree is improved, and the accuracy of code auditing is improved.
An embodiment of the present application further provides a computer-readable storage medium, on which a computer program is stored, where the computer program, when executed by a processor, implements a method for auditing machine-learned codes, including: acquiring a code development request sent by a target development tool; according to the target development tool identification and the target development environment configuration data carried by the code development request, obtaining a code audit decision tree from a preset code audit decision tree library to serve as a recommended code audit decision tree, wherein the code audit decision tree is a decision tree obtained based on machine learning and is used for a general audit rule and a private audit rule applicable to an audit object in a decision code; checking the decision tree according to the recommended code to acquire decision tree configuration data input by a user; generating a target code auditing decision tree according to the decision tree configuration data; acquiring a code packet to be checked, which is sent by the target development tool; and auditing the code packet to be audited by adopting a preset code auditing rule base and the target code auditing decision tree to obtain a code auditing result.
According to the code auditing method for executing machine learning, code auditing is carried out through the decision tree which is obtained based on machine learning and is used for the general auditing rule and the private auditing rule applicable to the auditing object in the decision code, so that the general and private auditing requirements are met, the auditing comprehensiveness is improved, and the code auditing method is suitable for code auditing with complex business logic; and code audit decision tree recommendation is performed based on the target development tool and the target development environment configuration data, so that the accuracy of the determined code audit decision tree is improved, and the code audit accuracy is improved.
It will be understood by those skilled in the art that all or part of the processes of the methods of the embodiments described above can be implemented by hardware instructions of a computer program, which can be stored in a non-volatile computer-readable storage medium, and when executed, can include the processes of the embodiments of the methods described above. Any reference to memory, storage, database, or other medium provided herein and used in the examples may include non-volatile and/or volatile memory. Non-volatile memory can include read-only memory (ROM), Programmable ROM (PROM), Electrically Programmable ROM (EPROM), Electrically Erasable Programmable ROM (EEPROM), or flash memory. Volatile memory can include Random Access Memory (RAM) or external cache memory. By way of illustration and not limitation, RAM is available in a variety of forms such as Static RAM (SRAM), Dynamic RAM (DRAM), Synchronous DRAM (SDRAM), double-rate SDRAM (SSRSDRAM), Enhanced SDRAM (ESDRAM), synchronous link (Synchlink) DRAM (SLDRAM), Rambus Direct RAM (RDRAM), direct bus dynamic RAM (DRDRAM), and bus dynamic RAM (RDRAM).
It should be noted that, in this document, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, apparatus, article, or method that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, apparatus, article, or method. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other like elements in a process, apparatus, article, or method that includes the element.
The above description is only a preferred embodiment of the present application, and not intended to limit the scope of the present application, and all modifications of equivalent structures and equivalent processes, which are made by the contents of the specification and the drawings of the present application, or which are directly or indirectly applied to other related technical fields, are also included in the scope of the present application.

Claims (10)

1. A machine-learned code auditing method, the method comprising:
acquiring a code development request sent by a target development tool;
according to the target development tool identification and the target development environment configuration data carried by the code development request, obtaining a code audit decision tree from a preset code audit decision tree library to serve as a recommended code audit decision tree, wherein the code audit decision tree is a decision tree obtained based on machine learning and is used for a general audit rule and a private audit rule applicable to an audit object in a decision code;
checking the decision tree according to the recommended code to acquire decision tree configuration data input by a user;
generating a target code auditing decision tree according to the decision tree configuration data;
acquiring a code packet to be checked, which is sent by the target development tool;
and auditing the code packet to be audited by adopting a preset code auditing rule base and the target code auditing decision tree to obtain a code auditing result.
2. The machine-learned code auditing method according to claim 1, before obtaining a code development request sent by a target development tool, further comprising:
acquiring a development environment object recommendation request sent by the target development tool, wherein the development environment object recommendation request carries configured development environment data;
acquiring a target development type corresponding to the configured development environment data;
acquiring a development environment object recommendation model corresponding to the target development tool and the target development type from a preset development environment object recommendation model library, and taking the development environment object recommendation model as a target development environment object recommendation model;
determining a configured development environment object link from the configured development environment data;
inputting the configured development environment object link into the target development environment object recommendation model to predict the probability of the next development environment object, so as to obtain a probability prediction result of the development environment object;
recommending the development environment object according to the probability prediction result of the development environment object to obtain a recommendation result of the development environment object;
and sending the recommendation result of the development environment object to the target development tool.
3. The machine-learned code auditing method according to claim 2, wherein said sending the development environment object recommendation to the target development tool includes:
acquiring a derivative tool recommendation model corresponding to the target development tool and the target development type from a preset derivative tool recommendation model library, and taking the derivative tool recommendation model as a target derivative tool recommendation model;
inputting the configured development environment object link into the target derivative tool recommendation model to carry out derivative tool probability prediction to obtain a derivative tool probability prediction result;
recommending a derivative tool according to the probability prediction result of the derivative tool to obtain a recommendation result of the derivative tool;
and sending the development environment object recommendation result and the derivative tool recommendation result to the target development tool.
4. The machine-learning code auditing method according to claim 1, where, according to the target development tool identifier and the target development environment configuration data carried in the code development request, obtaining a code auditing decision tree from a preset code auditing decision tree library, before serving as a recommended code auditing decision tree, further comprises:
acquiring a plurality of training samples corresponding to the identification of the development tool to be trained and the configuration data of the development environment to be trained, wherein the training samples are acquired;
generating a code auditing decision tree according to each training sample by adopting a machine learning method, wherein the code auditing decision tree is used as a code auditing decision tree to be stored;
and updating the code auditing decision tree library according to the to-be-trained development tool identifier, the to-be-trained development environment configuration data and the to-be-stored code auditing decision tree.
5. The machine-learned code auditing method according to claim 1, where said generating a target code auditing decision tree from the decision tree configuration data comprises:
when the configuration result of the decision tree configuration data is selection recommendation, taking the recommended code audit decision tree as the target code audit decision tree;
when the configuration result of the decision tree configuration data is modification recommendation, generating the target code auditing decision tree according to the recommended code auditing decision tree and the modification result in the decision tree configuration data;
when the configuration result of the decision tree configuration data is direct reselection, acquiring the code checking decision tree from the code checking decision tree library by using a decision tree identifier in the decision tree configuration data as the target code checking decision tree;
and when the configuration result of the decision tree configuration data is modified after reselection, acquiring the code checking decision tree from the code checking decision tree library by using the decision tree identifier in the decision tree configuration data to obtain a code checking decision tree to be modified, and generating the target code checking decision tree according to the code checking decision tree to be modified and the modification result in the decision tree configuration data.
6. The machine-learning code auditing method according to claim 1, where auditing the code package to be audited using a preset code auditing rule base and the target code auditing decision tree to obtain a code auditing result includes:
adopting the target code auditing decision tree to respectively identify the to-be-processed auditing objects of the to-be-audited code packet;
determining a target audit rule identifier for each audit object to be processed by adopting the target code audit decision tree;
finding out a code audit rule corresponding to an appointed audit rule identifier from the code audit rule base to obtain a target code audit rule, wherein the appointed audit rule identifier is any one of the target audit rule identifiers;
adopting the target code auditing rule to audit the to-be-processed auditing object corresponding to the appointed auditing rule identification to obtain a single auditing object auditing result;
and generating the code auditing result according to the auditing result of each single auditing object.
7. The machine-learning code auditing method according to claim 1, where after obtaining a code auditing result, auditing the code package to be audited using a preset code auditing rule base and the target code auditing decision tree, further comprising:
and marking and prompting the code packet to be audited according to the code auditing result.
8. A machine-learned code auditing apparatus, the apparatus comprising:
the request acquisition module is used for acquiring a code development request sent by a target development tool;
a recommended code auditing decision tree determining module, configured to obtain a code auditing decision tree from a preset code auditing decision tree library according to a target development tool identifier and target development environment configuration data carried in the code development request, where the code auditing decision tree is a decision tree obtained based on machine learning and is used for a general auditing rule and a private auditing rule applicable to an auditing object in a decision code;
the decision tree configuration data acquisition module is used for checking the decision tree according to the recommended code to acquire decision tree configuration data input by a user;
the target code auditing decision tree generating module is used for generating a target code auditing decision tree according to the decision tree configuration data;
the code packet acquisition module to be audited is used for acquiring the code packet to be audited sent by the target development tool;
and the code auditing result determining module is used for auditing the code packet to be audited by adopting a preset code auditing rule base and the target code auditing decision tree to obtain a code auditing result.
9. A computer device comprising a memory and a processor, the memory storing a computer program, wherein the processor when executing the computer program performs the steps of the method according to any of claims 1 to 7.
10. A computer-readable storage medium, on which a computer program is stored, which, when being executed by a processor, carries out the steps of the method of any one of claims 1 to 7.
CN202210134239.2A 2022-02-14 2022-02-14 Code auditing method, device, equipment and storage medium for machine learning Pending CN114546399A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210134239.2A CN114546399A (en) 2022-02-14 2022-02-14 Code auditing method, device, equipment and storage medium for machine learning

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210134239.2A CN114546399A (en) 2022-02-14 2022-02-14 Code auditing method, device, equipment and storage medium for machine learning

Publications (1)

Publication Number Publication Date
CN114546399A true CN114546399A (en) 2022-05-27

Family

ID=81674995

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210134239.2A Pending CN114546399A (en) 2022-02-14 2022-02-14 Code auditing method, device, equipment and storage medium for machine learning

Country Status (1)

Country Link
CN (1) CN114546399A (en)

Similar Documents

Publication Publication Date Title
CN110908895A (en) Page automatic testing method and device, computer equipment and storage medium
CN110321284B (en) Test data entry method, device, computer equipment and storage medium
US11340871B1 (en) Software-development tool with feedback notifications for improving software specifications
CN112380286B (en) Method, device, equipment and medium for generating data object relation map of database
CN109308258A (en) Building method, device, computer equipment and the storage medium of test data
CN113434395A (en) Automatic generation method, device, equipment and medium of test case
CN113900962B (en) Code difference detection method and device
CN111324375A (en) Code management method and device, computer equipment and storage medium
CN111310804A (en) Method, apparatus, device and medium for handling vehicle fault problem based on decision tree
CN112541739B (en) Method, device, equipment and medium for testing question-answer intention classification model
CN113064584A (en) Idempotent realizing method, device, equipment and medium
CN113609023A (en) Precise test method, device, equipment and storage medium
CN110413518B (en) Control object library generation method and device and computer readable storage medium
CN114546399A (en) Code auditing method, device, equipment and storage medium for machine learning
CN111158642A (en) Data construction method and device, computer equipment and storage medium
CN116719735A (en) Test case generation method and device
CN112559671B (en) ES-based text search engine construction method, device, equipment and medium
CN113918461A (en) Interface test method, device, equipment and storage medium
CN109815127A (en) Automatized script conversion method, device, computer equipment and storage medium
CN113821251A (en) Code optimization method, device, equipment and storage medium based on artificial intelligence
CN112732742B (en) Query page creating method and device, computer equipment and storage medium
US20220283921A9 (en) Predictive compliance testing for early screening
CN114064733A (en) Database query method, device, equipment and medium suitable for local client
CN110597874B (en) Data analysis model creation method and device, computer equipment and storage medium
CN113657496A (en) Information matching method, device, equipment and medium based on similarity matching model

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination