Android API application specification-based automatic code quality evaluation and optimization method

Abstract

The invention relates to an Android API application specification-based automatic code quality evaluation and optimization method. The method comprises the following steps of: constructing a specific analyzer to analyze an API summary document; classifying APIs on the basis of an Android API application specification, and establishing an API feature library; establishing an automatic scanning estimation engine, calling the APIs to scan a to-be-tested Android application program, carrying out statistic on type distribution of the called APIs, and locating calling positions of removed PIS, un-recommended APIs and hidden APIs; and providing an automatic code quality optimization suggestion so as to generate a code quality estimation report. For investigating the specification degrees of calling the APIs by Android application programs, an integrated automatic detection estimation system is established, so that Android application program developers can be effectively helped to detect and optimize the usage of the APIs, decrease the mis-application of the APIs and enhance the Android application program code quality so as to improve the security levels of the Android application programs.

Description

technical field [0001] The invention belongs to the technical fields of information technology and computer software, and in particular relates to an automatic code quality evaluation and optimization method based on Android API usage specifications. Background technique [0002] Up to now, the Android system version developed by Google has developed from Android1.0 to Marshmallow6.0, and a total of more than 20 different major versions have been released, and the corresponding Android Application Programming Interface (Android Application Programming Interface, Android API) Also increased from level 1 to level 23. Each version upgrade of the Android system will add, delete and change some APIs according to the requirements of the system's functions, performance, security, etc. and change 144 API methods. However, due to the inertial thinking of Android application developers, they usually write code based on existing experience, ignoring or not paying attention to the API...

AI Technical Summary

Problems solved by technology

However, due to the inertial thinking of Android application developers, they usually write code based on existing experience, ignoring or not paying attention to the API usage recommendations stated on the Android official website, resulting in some APIs that have been deprecated or abandoned in earlier versions are still being used. This will lead to potential security problems in the written application, which is more likely to be exploited by malicious programs. For example, CVE-2015-3833 in Common Vulnerabilities And Exposures (CVE)

Images