Code auditing method and device based on version number comparison and medium

A technology of code auditing and version number, which is applied in the field of network security, can solve problems such as management difficulties, source code leakage, and inability to connect and connect versions, so as to reduce workload, prevent leakage, and improve audit efficiency

Inactive Publication Date: 2019-08-09
重庆八戒电子商务有限公司
3 Cites 4 Cited by

AI-Extracted Technical Summary

Problems solved by technology

[0004] The two biggest problems with this control system are: first, when performing code difference auditing and other related operations, the project administrator must open the corresponding permissions. After opening the permissions, the personnel have the permission to modify and download the project
And the authority of each project is managed by the project leader himself, the flow of personnel leads to management ...
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Abstract

The invention relates to a code auditing method based on version number comparison, which comprises the following steps: acquiring a latest published version number of a to-be-audited project from a source code warehouse of the project, and pulling a corresponding code and/or file to a local directory; searching a version number published by the project last time, and obtaining a corresponding code and/or file to a local directory; comparing the difference between the two versions, and storing the difference code and/or file in an audit database; obtaining a web routing address influenced by the difference code and/or the difference file; and checking the difference between the latest submitted version and the last version of the project according to the web routing address and auditing the latest submitted version and the last version. An auditor audits the simulation test of the difference code and/or file of the latest version and the last version, the workload is reduced, the codeauditing efficiency is improved, and due to the fact that only the difference code and/or file is obtained, leakage of a complete source code can be prevented.

Application Domain

Technology Topic

WorkloadCode audit +1

Image

  • Code auditing method and device based on version number comparison and medium

Examples

  • Experimental program(1)

Example Embodiment

[0030] In order to make the objectives, technical solutions and advantages of the present invention clearer, the present invention will be further described in detail below in conjunction with the accompanying drawings. Obviously, the described embodiments are only a part of the embodiments of the present invention, rather than all of them. Based on the embodiments of the present invention, all other embodiments obtained by those of ordinary skill in the art without creative work shall fall within the protection scope of the present invention.
[0031] The terms used in the embodiments of the present invention are only for the purpose of describing specific embodiments, and are not intended to limit the present invention. The singular forms of "a", "said" and "the" used in the embodiments of the present invention and the appended claims are also intended to include plural forms, unless the context clearly indicates other meanings, "multiple" Generally contains at least two.
[0032] It should be understood that the term "and/or" used herein is only an association relationship describing associated objects, which means that there can be three types of relationships, for example, A and/or B can mean that there is A alone, and both A and B, there are three cases of B alone. In addition, the character "/" in this text generally indicates that the associated objects before and after are in an "or" relationship.
[0033] It should be understood that although the terms first, second, third, etc. may be used to describe... in the embodiments of the present invention, these... should not be limited to these terms. These terms are only used to distinguish... For example, without departing from the scope of the embodiments of the present invention, the first...may also be called the second..., and similarly, the second...may also be called the first...
[0034] Depending on the context, the words "if" and "if" as used herein can be interpreted as "when" or "when" or "in response to determination" or "in response to detection". Similarly, depending on the context, the phrase "if determined" or "if detected (statement or event)" can be interpreted as "when determined" or "in response to determination" or "when detected (statement or event) )" or "in response to detection (statement or event)".
[0035] It should also be noted that the terms "including", "including" or any other variants thereof are intended to cover non-exclusive inclusion, so that a commodity or device including a series of elements not only includes those elements, but also includes Other elements of, or also include elements inherent to this commodity or device. If there are no more restrictions, the element defined by the sentence "including a..." does not exclude the existence of other identical elements in the commodity or device that includes the element.
[0036] reference figure 1 , Shown as an embodiment of the technical solution of the present invention,
[0037] A code audit method based on version number comparison is applied to a code audit device. The audit device includes an acquisition unit, a search unit, a comparison storage unit, and an audit unit. The method includes the following steps:
[0038] Step 1. The obtaining unit obtains the latest version number of the project to be audited from the source code warehouse of the project, and pulls the corresponding code and/or files to the local directory;
[0039] Step 2. The search unit searches for the last released version number of the project and obtains the corresponding code and/or files to the local directory;
[0040] Step 3. The comparison saving unit compares the differences between the two versions, and saves the difference codes and/or files to the audit database;
[0041] Step 4. The audit unit obtains the web routing address affected by the difference code and/or the difference file, and checks the difference between the latest submitted version of the project and the previous version according to the web routing address and conducts audit.
[0042] In a specific embodiment, a unified code push and build platform (devops) is first deployed, and a unified code repository (git, svn) is used. Project push is performed through an automated code build code platform (devops) every time it is officially launched.
[0043] When the developer initiates a code push operation after the development is completed, the system uses the submitted project name to get the latest submitted version number hash in the source code warehouse, and pulls the code from the source code warehouse to the local system.
[0044] Query whether this project has the last online version hash recorded in the current system. If not, the project that is online this time is considered a brand new project. If there is a version hash of the last online version in the system, pull the code of the previous version To the system local.
[0045] Compare the difference files and codes between the two versions through the corresponding api interfaces provided by git, svn, etc. If there is no record of the last version online in the system, the code this time is considered to be new code. Add different html tags for the difference code, highlight them in different colors, match the web routing addresses affected by the modified code, and format the final data into the database.
[0046] After the difference code comparison is completed, the auditor will view the code difference submitted this time through the web page, conduct an audit, and construct an http request simulation test through the affected route. After the audit is passed, the auditor and the audited version interval are recorded, and the online version number recorded by the system is updated. If the audit fails, it is returned to the developer for modification, and the above operation is repeated again for audit.
[0047] In one embodiment, a code auditing device based on version number comparison is provided, the code auditing device is used to implement the above method, and is characterized in that:
[0048] The audit device includes an acquisition unit, a search unit, a comparison and storage unit, and an audit unit;
[0049] The obtaining unit is used to obtain the latest version number of the project to be audited from the source code warehouse of the project, and pull the corresponding code and/or files to the local directory;
[0050] The search unit is used to search for the last released version number of the project and obtain the corresponding code and/or files to the local directory;
[0051] The comparison saving unit is used to compare the differences between the two versions and save the difference codes and/or files to the audit database;
[0052] The audit unit is used to obtain the web routing address affected by the difference code and/or the difference file, and to check and audit the difference between the latest submitted version of the project and the previous version according to the web routing address.
[0053] The embodiments of the present disclosure provide a non-volatile computer storage medium, the computer storage medium stores computer-executable instructions, and the computer-executable instructions can execute the method in any of the foregoing method embodiments.
[0054] In an embodiment, an electronic device is provided. The electronic device in the embodiments of the present disclosure may include, but is not limited to, mobile phones, notebook computers, digital broadcast receivers, PDAs (personal digital assistants), and PADs (tablet computers). , PMP (portable multimedia player), mobile terminal such as car navigation terminal, etc. and fixed terminal such as digital TV, desktop computer, etc.
[0055] The electronic device may include a processing device (such as a central processing unit, a graphics processor, etc.), which can execute various programs according to a program stored in a read-only memory (ROM) or a program loaded from a storage device into a random access memory (RAM). Kind of appropriate actions and processing. In RAM, various programs and data required for the operation of electronic devices are also stored. The processing device, ROM, and RAM are connected to each other through a bus. Input/output (I/O) interfaces are also connected to the bus.
[0056] Generally, the following devices can be connected to the I/O interface: including input devices such as touch screens, touch pads, keyboards, mice, cameras, microphones, accelerometers, gyroscopes, etc.; including, for example, liquid crystal displays (LCD), speakers, vibrators, etc. The output device; including storage devices such as tapes, hard disks, etc.; and communication devices. The communication device may allow the electronic device to perform wireless or wired communication with other devices to exchange data.
[0057] In particular, according to an embodiment of the present disclosure, the process described above with reference to the flowchart can be implemented as a computer software program. For example, an embodiment of the present disclosure includes a computer program product, which includes a computer program carried on a computer-readable medium, and the computer program contains program code for executing the method shown in the flowchart. In such an embodiment, the computer program may be downloaded and installed from a network through a communication device, or installed from a storage device, or installed from a ROM. When the computer program is executed by the processing device, the above-mentioned functions defined in the method of the embodiment of the present disclosure are executed.
[0058] It should be noted that the above-mentioned computer-readable medium in the present disclosure may be a computer-readable signal medium or a computer-readable storage medium or any combination of the two. The computer-readable storage medium may be, for example, but not limited to, an electrical, magnetic, optical, electromagnetic, infrared, or semiconductor system, device, or device, or any combination of the above. More specific examples of computer-readable storage media may include, but are not limited to: electrical connections with one or more wires, portable computer disks, hard disks, random access memory (RAM), read-only memory (ROM), erasable Programmable read only memory (EPROM or flash memory), optical fiber, portable compact disk read only memory (CD-ROM), optical storage device, magnetic storage device, or any suitable combination of the above. In the present disclosure, a computer-readable storage medium may be any tangible medium that contains or stores a program, and the program may be used by or in combination with an instruction execution system, apparatus, or device. In the present disclosure, a computer-readable signal medium may include a data signal propagated in a baseband or as a part of a carrier wave, and a computer-readable program code is carried therein. This propagated data signal can take many forms, including but not limited to electromagnetic signals, optical signals, or any suitable combination of the foregoing. The computer-readable signal medium may also be any computer-readable medium other than the computer-readable storage medium. The computer-readable signal medium may send, propagate, or transmit the program for use by or in combination with the instruction execution system, apparatus, or device . The program code contained on the computer-readable medium can be transmitted by any suitable medium, including but not limited to: wire, optical cable, RF (Radio Frequency), etc., or any suitable combination of the above.
[0059] The above-mentioned computer-readable medium may be included in the above-mentioned electronic device; or it may exist alone without being assembled into the electronic device.
[0060] The computer program code used to perform the operations of the present disclosure may be written in one or more programming languages ​​or a combination thereof. The above-mentioned programming languages ​​include object-oriented programming languages—such as Java, Smalltalk, C++, and also conventional Procedural programming language-such as "C" language or similar programming language. The program code can be executed entirely on the user's computer, partly on the user's computer, executed as an independent software package, partly on the user's computer and partly executed on a remote computer, or entirely executed on the remote computer or server. In the case of a remote computer, the remote computer can be connected to the user's computer through any kind of network, including a local area network (LAN) or a wide area network (WAN), or it can be connected to an external computer (for example, using an Internet service provider to pass Internet connection).
[0061] The flowcharts and block diagrams in the accompanying drawings illustrate the possible implementation architecture, functions, and operations of the system, method, and computer program product according to various embodiments of the present disclosure. In this regard, each block in the flowchart or block diagram can represent a module, program segment, or part of code, and the module, program segment, or part of code contains one or more for realizing the specified logical function Executable instructions. It should also be noted that, in some alternative implementations, the functions marked in the block may also occur in a different order from the order marked in the drawings. For example, two blocks shown in succession can actually be executed substantially in parallel, and they can sometimes be executed in the reverse order, depending on the functions involved. It should also be noted that each block in the block diagram and/or flowchart, and the combination of the blocks in the block diagram and/or flowchart, can be implemented by a dedicated hardware-based system that performs the specified functions or operations Or it can be realized by a combination of dedicated hardware and computer instructions.
[0062] The units involved in the embodiments described in the present disclosure may be implemented in a software manner, and may also be implemented in a hardware manner. Wherein, the name of the unit does not constitute a limitation on the unit itself under certain circumstances. For example, the first obtaining unit can also be described as "a unit for obtaining at least two Internet Protocol addresses."
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

no PUM

Description & Claims & Application Information

We can also present the details of the Description, Claims and Application information to help users get a comprehensive understanding of the technical details of the patent, such as background art, summary of invention, brief description of drawings, description of embodiments, and other original content. On the other hand, users can also determine the specific scope of protection of the technology through the list of claims; as well as understand the changes in the life cycle of the technology with the presentation of the patent timeline. Login to view more.
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Similar technology patents

Device and method for inner bore type component brush plating

InactiveCN101514468ALow costReduce workloadRotary actuatorMechanical engineering
Owner:ACADEMY OF ARMORED FORCES ENG PLA

Teaching quality assessment cloud service platform

InactiveCN107958351AReduce workloadLarge number of samplesSemantic analysisSpeech analysisData acquisition moduleQuality assessment
Owner:重庆大争科技有限公司

Classification and recommendation of technical efficacy words

  • Improve audit efficiency
  • Reduce workload

Desktop screen auditing method based on user behaviors

InactiveCN104700231ASave storage and network bandwidth resourcesImprove audit efficiencyHardware monitoringResourcesClient-sideImage compression
Owner:FUZHOU UNIVERSITY

Method and device for realizing database auditing

InactiveCN106202560AImprove audit efficiencySpecial data processing applicationsTraffic volumeDatabase access
Owner:HANGZHOU DPTECH TECH

Power grid marketing inspection risk management and control method based on risk calculation model

ActiveCN106709623AImprove audit efficiencyResourcesPower gridRisk index
Owner:SHENZHEN POWER SUPPLY BUREAU +1

Hospital gown

InactiveUS7181773B1Reduce workloadQuickly exposePyjamasUndergarmentsRight clavicleSurface plate
Owner:WILLIAM BEAUMONT HOSPITAL

Method and apparatus for directionally grabbing page resource

InactiveCN101452463AIncrease yield and recallReduce workloadSpecial data processing applicationsRegular expressionDatabase
Owner:ZHEJIANG UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products