CN118445209A - Software detection method, device, equipment, medium and program product - Google Patents

Abstract

The present disclosure provides a software detection method, which can be applied to the fields of software development and financial technology. The software detection method includes: in response to a software detection request, importing a target software product into a detection environment; generating a product structure list of the target software product, formulating standardized detection rules based on the product structure list, the standardized detection rules including specification detection rules, comparison detection rules and source detection rules; detecting files that do not conform to preset rules and technology stacks that do not conform to preset conditions in the product structure list based on the specification detection rules; detecting the difference between the target software product and the comparison software product based on the comparison detection rules; detecting the content source of the target software product based on the source detection rules. The present disclosure also provides a software detection device, equipment, storage medium and program product.

Description

Software detection method, device, equipment, medium and program product

Technical Field

The present disclosure relates to the fields of software development and financial technology, and specifically to a software detection method, device, equipment, medium and program product.

Background technique

In the process of continuous delivery of software products, the software version release model usually follows the process of engineering compilation, version building, and product deployment. In the software release process, the software asset form is transformed from engineering source code to version products, and then participates in the subsequent deployment and launch. As an asset entity for value delivery, version products play a key role in the trusted launch of business. At present, there are many detection solutions for engineering source code assets, but there are relatively few detection solutions for version product assets. Mainstream product management-related solutions are limited to product storage and lack detection of product trust and availability.

At present, there is a lack of effective, reliable and usable detection methods for version products. The main bottlenecks are: first, the version does not adopt a standardized release model. Since the application version building process does not implement unified standards and specifications, there are differences in the source code engineering structure of the application version library, the definition of the version building method, etc., resulting in a disorganized content composition of each application product and the inability to carry out fine-grained detection; second, the version product detection dimension is single, and the object of product detection management is limited to the product itself, lacking the linkage and combination of upstream and downstream links such as construction and deployment in the version integration process.

Summary of the invention

In view of the above problems, the present disclosure provides a software detection method, apparatus, device, medium and program product for improving detection quality.

According to a first aspect of the present disclosure, a software detection method is provided, the method comprising: in response to a software detection request, importing a target software product into a detection environment; generating a product structure list of the target software product, formulating standardized detection rules based on the product structure list, the standardized detection rules comprising specification detection rules, comparison detection rules and source detection rules; detecting files that do not comply with preset rules and technology stacks that do not comply with preset conditions in the product structure list based on the specification detection rules; detecting differences between the target software product and the comparison software product based on the comparison detection rules; and detecting the content source of the target software product based on the source detection rules.

According to an embodiment of the present disclosure, importing a target software product in response to a software detection request includes: obtaining product object information of the target software product in response to the software detection request; obtaining the target software product that matches the product object information from a preset product information library, and importing the target software product into a detection environment.

According to an embodiment of the present disclosure, the product structure list of the target software product is generated, and standardized detection rules are formulated based on the product structure list, wherein the standardized detection rules include standard detection rules, comparison detection rules and source detection rules, including: traversing the directory structure of the target software product and extracting content attributes to generate a product structure list; obtaining file attributes of files included in the target software product and technology stack attributes included in the content attributes based on the product structure list, and obtaining standard detection rules by matching in a preset standardized rule library based on the file attributes and technology stack attributes; selecting comparison items from the product structure list based on user demand selection instructions to form comparison detection rules that include at least one of a directory structure comparison item, a content attribute comparison item and a construction process comparison item between the target software product and the comparison software product; obtaining a source detection object from the product structure list based on the user demand selection instructions to generate a source detection rule for detecting the source code source, dependency source and common structure source of the source detection object.

According to an embodiment of the present disclosure, the detection of files that do not comply with preset rules and technology stacks that do not comply with preset conditions in the product structure list based on the specification detection rules includes: based on the white list specified by the specification detection rules, detecting files corresponding to file attributes that are missing from the product structure list compared to the white list; based on the black list specified by the specification detection rules, detecting files in the product structure list corresponding to file attributes that are not allowed to be included in the black list; based on the technology stack rules specified by the specification detection rules, detecting technology stack attributes that do not comply with preset conditions in the product structure list, the preset condition being that the product structure list includes a verification template file corresponding to the technology stack attributes.

According to an embodiment of the present disclosure, detecting the difference between the target software product and the comparison software product based on the comparison detection rules includes: comparing the directory structure, content attributes and build log of the target software product and the comparison software product based on the comparison detection rules, and generating a structure difference list, a content difference list and a construction process list.

According to an embodiment of the present disclosure, detecting the content source of the target software product based on the source detection rules includes: filtering content attributes related to the target software product in the product association information list based on the source detection rules; and obtaining source code source information, dependency source information and common structure source information of the target software product based on the content attributes.

According to an embodiment of the present disclosure, the method also includes: after the standardized detection rules are formulated, generating a standard detection task, a comparison detection task and a source detection task for the target software product; allocating computing resources for the standard detection task, the comparison detection task and the source detection task to respectively execute the detection of the standard detection rules, the comparison detection rules and the source detection rules.

According to an embodiment of the present disclosure, the method also includes: after generating the specification detection task, the comparison detection task and the source detection task, calling the external database of the target software product to obtain data involved in executing the detection of the specification detection rules, the comparison detection rules and the source detection rules.

According to an embodiment of the present disclosure, the method further includes: detecting the detection data generated by the target software product based on the standard detection rules, the comparison detection rules and the source detection rules, and generating a detection report for backup and user feedback.

A second aspect of the present disclosure provides a software detection device, the device comprising: a product import module, for importing a target software product into a detection environment in response to a software detection request; a rule generation module, for generating a product structure list of the target software product, and formulating standardized detection rules based on the product structure list, the standardized detection rules including specification detection rules, comparison detection rules and source detection rules; a specification detection module, for detecting files that do not comply with preset rules and technology stacks that do not comply with preset conditions in the product structure list based on the specification detection rules; a comparison detection module, for detecting differences between the target software product and the comparison software product based on the comparison detection rules; and a source detection module, for detecting the content source of the target software product based on the source detection rules.

A third aspect of the present disclosure provides an electronic device, comprising: one or more processors; and a memory for storing one or more programs, wherein when the one or more programs are executed by the one or more processors, the one or more processors execute the above-mentioned software detection method.

A fourth aspect of the present disclosure further provides a computer-readable storage medium having executable instructions stored thereon, which, when executed by a processor, causes the processor to execute the above-mentioned software detection method.

The fifth aspect of the present disclosure also provides a computer program product, including a computer program, which implements the above-mentioned software detection method when executed by a processor.

BRIEF DESCRIPTION OF THE DRAWINGS

The above contents and other purposes, features and advantages of the present disclosure will become more apparent through the following description of the embodiments of the present disclosure with reference to the accompanying drawings, in which:

FIG1 schematically shows an application scenario diagram of a software detection method, apparatus, device, medium, and program product according to an embodiment of the present disclosure;

FIG2 schematically shows a flow chart of a software detection method according to an embodiment of the present disclosure;

FIG3A schematically illustrates a standardized detection rule according to an embodiment of the present disclosure;

FIG3B schematically illustrates a specification detection rule according to an embodiment of the present disclosure;

FIG3C schematically shows a comparison detection rule according to an embodiment of the present disclosure;

FIG3D schematically illustrates a source detection rule according to an embodiment of the present disclosure;

FIG3E schematically illustrates a standardized publishing technology stack type according to an embodiment of the present disclosure;

FIG4 schematically shows a detailed process of a software detection method according to an embodiment of the present disclosure;

FIG5 schematically shows a structural block diagram of a software detection device according to an embodiment of the present disclosure;

FIG6 schematically shows a structural block diagram of a product detection system according to an embodiment of the present disclosure;

FIG. 7 schematically shows a block diagram of an electronic device suitable for implementing a software detection method according to an embodiment of the present disclosure.

Detailed ways

Hereinafter, embodiments of the present disclosure will be described with reference to the accompanying drawings. However, it should be understood that these descriptions are exemplary only and are not intended to limit the scope of the present disclosure. In the following detailed description, for ease of explanation, many specific details are set forth to provide a comprehensive understanding of the embodiments of the present disclosure. However, it is apparent that one or more embodiments may also be implemented without these specific details. In addition, in the following description, descriptions of known structures and technologies are omitted to avoid unnecessary confusion of the concepts of the present disclosure.

The terms used herein are only for describing specific embodiments and are not intended to limit the present disclosure. The terms "include", "comprising", etc. used herein indicate the existence of the features, steps, operations and/or components, but do not exclude the existence or addition of one or more other features, steps, operations or components.

All terms (including technical and scientific terms) used herein have the meanings commonly understood by those skilled in the art unless otherwise defined. It should be noted that the terms used herein should be interpreted as having a meaning consistent with the context of this specification and should not be interpreted in an idealized or overly rigid manner.

When using expressions such as "at least one of A, B, and C, etc.", they should generally be interpreted according to the meaning of the expression commonly understood by those skilled in the art (for example, "a system having at least one of A, B, and C" should include but is not limited to a system having A alone, B alone, C alone, A and B, A and C, B and C, and/or A, B, C, etc.).

It should be noted that the software detection method and device provided by the present disclosure can be used in the detection application of version iteration in software development in the financial field, and can also be used in any field other than the financial field. The application field of the software detection method and device provided by the present disclosure is not limited.

In the technical solution of the present invention, the user information (including but not limited to user personal information, user image information, user device information, such as location information, etc.) and data (including but not limited to data used for analysis, stored data, displayed data, etc.) involved are all information and data authorized by the user or fully authorized by all parties, and the collection, storage, use, processing, transmission, provision, disclosure and application of the relevant data comply with relevant laws, regulations and standards, take necessary confidentiality measures, do not violate public order and good morals, and provide corresponding operation entrances for users to choose to authorize or refuse.

In the scenario of using personal information for automated decision-making, the methods, devices, and systems provided by the embodiments of the present invention provide users with corresponding operation portals for users to choose to agree or reject the automated decision-making results; if the user chooses to reject, the expert decision-making process will be entered. The expression "automated decision-making" here refers to the activity of automatically analyzing and evaluating an individual's behavioral habits, interests and hobbies, or economic, health, credit status, etc. through computer programs, and making decisions. The expression "expert decision-making" here refers to the activity of making decisions by people who specialize in a certain field, have specialized experience, knowledge and skills, and have reached a certain level of professionalism.

Definitions of Key Terms:

Standardized release: In the field of continuous delivery, a unified and universal release implementation standard is designed and customized according to the technology stack type to address the differentiated release methods that are redundant and non-reusable.

Software products: Software products refer to software packages for deployment generated by source code projects after continuous integration and construction processes such as compilation and packaging.

An embodiment of the present disclosure provides a software detection method, which imports a target software product into a detection environment in response to a software detection request; generates a product structure list of the target software product, formulates standardized detection rules based on the product structure list, and the standardized detection rules include specification detection rules, comparison detection rules and source detection rules; detects files that do not comply with preset rules and technology stacks that do not comply with preset conditions in the product structure list based on the specification detection rules; detects the difference between the target software product and the comparison software product based on the comparison detection rules; and detects the content source of the target software product based on the source detection rules.

FIG1 schematically shows an application scenario diagram of a software detection method and device according to an embodiment of the present disclosure.

As shown in Figure 1, the application scenario 100 according to this embodiment may include a version test scenario for bank software development. A network 104 is used to provide a medium for a communication link between terminal devices 101, 102, 103 and a server 105. The network 104 may include various connection types, such as wired, wireless communication links or optical fiber cables, etc.

Users can use terminal devices 101, 102, 103 to interact with server 105 through network 104 to receive or send messages, etc. Various communication client applications can be installed on terminal devices 101, 102, 103, such as shopping applications, web browser applications, search applications, instant messaging tools, email clients, social platform software, etc. (only examples).

The terminal devices 101 , 102 , and 103 may be various electronic devices having a display screen and supporting web browsing, including but not limited to smart phones, tablet computers, laptop computers, and desktop computers.

The server 105 may be a server that provides various services, such as a background management server (only an example) that provides support for websites browsed by users using the terminal devices 101, 102, and 103. The background management server may analyze and process the received data such as user requests, and feed back the processing results (such as web pages, information, or data obtained or generated according to user requests) to the terminal device.

It should be noted that the software detection method provided in the embodiment of the present disclosure can generally be executed by the server 105. Accordingly, the software detection device provided in the embodiment of the present disclosure can generally be set in the server 105. The software detection method provided in the embodiment of the present disclosure can also be executed by a server or server cluster that is different from the server 105 and can communicate with the terminal devices 101, 102, 103 and/or the server 105. Accordingly, the software detection device provided in the embodiment of the present disclosure can also be set in a server or server cluster that is different from the server 105 and can communicate with the terminal devices 101, 102, 103 and/or the server 105.

It should be understood that the number of terminal devices, networks and servers in Figure 1 is only illustrative. Any number of terminal devices, networks and servers may be provided according to implementation requirements.

The following will describe the software detection method of the disclosed embodiment in detail based on the scenario described in FIG. 1 through FIGS. 2 to 6 .

FIG2 schematically shows a flow chart of a software detection method according to an embodiment of the present disclosure.

As shown in FIG. 2 , the software detection method of this embodiment includes operations S210 to S250 , and the transaction processing method can be executed sequentially.

In operation S210 , in response to a software detection request, a target software artifact is imported into a detection environment.

In the disclosed embodiment, on the one hand, the user can select the target software product to be detected through the interactive interface, and initiate a software detection request after selecting the target software product; on the other hand, under the condition that there are multiple software products, the software product can be matched with the software product through automated means based on the existing or user-provided software product object information, and the software detection request is automatically initiated after the target software product is obtained. In response to the software detection request, the product object information of the target software product is obtained; the target software product matching the product object information is obtained from the preset product information library, and after confirming that the software product is the target software product, the target software product is imported into the detection environment to ensure that the target software product is correctly imported.

In operation S220, a product structure list of the target software product is generated, and standardized detection rules are formulated based on the product structure list. The standardized detection rules include specification detection rules, comparison detection rules, and source detection rules.

In the disclosed embodiment, the product structure list is formed by extracting the product structure traversal and content attributes of the target software product. Specifically, the product structure list may include the directory structure, content attributes, and construction process of the target software product, wherein the directory structure reflects the file composition and dependency relationship of the target software product, and the content attributes include, for example, MD5 values, etc. The construction process may be specifically recorded in the construction log.

By customizing standardized detection rules, quality detection can be performed on software products based on standardization releases to improve the quality of software product versions. The detection method provided by the present disclosure formulates customized standardized detection rules in multiple dimensions, limits the content of standard detection, comparison detection and source detection, and assists users in detecting multi-dimensional problems in software version iteration through fine-grained multiple detection rules.

In operation S230 , files that do not conform to preset rules and technology stacks that do not conform to preset conditions in the artifact structure list are detected based on the specification detection rules.

By checking files and technology stacks, problems such as missing, included, and incorrect content in software products can be detected.

In operation S240 , the difference between the target software artifact and the comparison software artifact is detected based on the comparison detection rule.

By comparing the target software artifact with the comparison software artifact, the changes in the software artifact during the iteration process can be detected, which can solve the pain point that the iterative changes of the software artifact in the continuous integration process are not obvious.

In operation S250 , the content source of the target software product is detected based on the source detection rule.

By detecting the source of content, users can be assisted in efficiently troubleshooting content version issues of software products.

According to the software detection method provided by the embodiment of the present disclosure, the software product's trustworthiness and usability can be detected, providing a strong guarantee for the subsequent process to use the software product package to deploy and go online. For example, software products that have passed product detection are not prone to omission, inclusion, or errors in product content, and have high version quality; and for the content composition of software products, they have the functions of difference comparison and source tracing, providing users with a clear and efficient product-level process management capability.

FIG. 3A schematically illustrates a standardized detection rule according to an embodiment of the present disclosure.

As shown in FIG. 3A , based on the product directory structure traversal and content attribute extraction, the standardized detection rules of the embodiment of the present disclosure include three detection methods: specification detection rules, comparison detection rules, and source detection rules.

In the disclosed embodiment, the directory structure of the target software product is traversed and content attributes are extracted to generate a product structure list. Based on the product structure list, standardized detection rules are formulated, and the standardized detection rules include standard detection rules, comparison detection rules and source detection rules, including S310~S330.

In operation S310, the technology stack attributes included in the file attributes and content attributes of the files included in the target software product are obtained based on the product structure list, and the standard detection rules are matched in a preset standardized rule library based on the file attributes and the technology stack attributes.

In the field of continuous delivery, for versions with redundant and non-reusable differentiated release methods, a unified and universal release implementation standard is designed and customized according to the technology stack type. The file attributes and technology stack attributes of software products must be within the scope of standardization requirements, so it is necessary to set restrictions, such as defining black and white lists in rule detection, to detect whether the file attributes and technology stack of the target software product meet the standardization requirements, and to detect omissions, inclusions or errors in the file, so as to improve the quality of the version.

In operation S320, a comparison item is selected from the artifact structure list based on the user's requirement selection instruction to form a comparison detection rule including at least one of a directory structure comparison item, a content attribute comparison item, and a construction process comparison item between the target software artifact and the comparison software artifact.

In the comparison test, the iterative changes of software products are revealed through the visualization of differences, solving the pain point of unclear iterative changes of software products in the continuous integration process.

In operation S330 , a source detection object is obtained from the artifact structure list based on the user's requirement selection instruction, and a source detection rule for detecting the source code source, dependency source, and common structure source of the source detection object is generated.

In the process of continuous version iteration, the source code, dependencies and common structure of the software product are updated to varying degrees. The source of the source code, the source of the dependency and the common structure may cause product quality problems during the iteration process. Therefore, tracing the source and comparing it with the version before the iteration can help users find problems caused by source changes during the iteration process of the software product.

The process of formulating standardized detection rules is an interactive process. The user defines and confirms the specific rules for product detection and confirms that rule detection and source detection need to be performed for this detection. The defined product detection rules will be stored in the data end.

FIG. 3B schematically illustrates a specification detection rule according to an embodiment of the present disclosure.

As shown in Fig. 3B, the specification detection rules of the embodiment of the present disclosure include blacklist rules, whitelist rules, and technology stack rules. Performing specification detection includes operations S311 to S313.

In operation S311, based on the white list specified by the standard detection rule, files corresponding to the file attributes missing from the product structure list compared to the white list are detected.

Whitelist rules mean that users can specify file attributes that must exist in the product structure list as a necessary condition for detection. For example, during the detection process, by manually setting a whitelist, the file names in the product structure are checked for regular matching to prevent missing programs or configuration files in the product.

In operation S312, based on the blacklist specified by the specification detection rule, files corresponding to file attributes that are not allowed to be included in the blacklist in the artifact structure list are detected.

Blacklist rules mean that users can specify file attributes that must not exist in the product structure list as a necessary condition for detection. For example, during the detection process, by manually setting a blacklist, the file names in the product structure are checked for regular matching to prevent programs or configuration files from being included in the product.

In operation S313, based on the technology stack rules specified in the specification detection rules, technology stack attributes that do not meet the preset conditions in the artifact structure list are detected, and the preset condition is that the artifact structure list includes a verification template file corresponding to the technology stack attribute.

Technology stack rules refer to obtaining the technology stack information of the artifact from the build information library, and automatically matching the corresponding technology stack rules according to the technology stack information of the artifact, without the need for users to specify. For example, during the detection process, the product information is matched with the technology stack rules, and the technology stack rule detection is carried out to ensure that the program or configuration file brought out by the artifact meets the technology stack requirements.

FIG. 3C schematically illustrates a comparison detection rule according to an embodiment of the present disclosure.

As shown in FIG. 3C , in this embodiment, the comparison detection rules include directory structure comparison S321 , content attribute comparison S322 , and construction process comparison S323 .

Catalog structure comparison S321 means that a user can specify two different products and compare the product structure lists of the two to visualize the differences in the product structures.

Content attribute comparison S322 means that a user can specify two different products, and by comparing the product structure lists of the two, the differences in product content attributes, such as MD5 values, are visually displayed.

Build process comparison S323 means that the user can specify two different artifacts and compare the build logs of the two to visualize the differences in the artifact build processes.

Based on the comparison detection rules, the directory structure, content attributes and build log of the target software product and the comparison software product are compared to generate a structure difference list, a content difference list and a construction process list. In the comparison detection, the structure difference list, content difference list and construction process list of the target software product and the comparison software product are compared to reveal the iterative changes of the software product through the visual display of the differences.

FIG3D schematically illustrates a source detection rule according to an embodiment of the present disclosure.

As shown in FIG. 3D , in the embodiment of the present disclosure, the content detected by the source detection rule includes source code source detection S331 , dependent source detection S332 , and general source detection S333 .

Source code source refers to visually representing the source of the program part in the product content based on the product-related information list. For example, a class binary file in the source product is compiled from a specific Java program, and the submission record is linked to find out when a developer submitted the Java program.

Dependency source refers to visually representing the source of the dependency part in the artifact content based on the artifact association information list. For example, a jar package in the lib directory of the traceable artifact is brought out after Maven builds and references the public dependency.

The general structure refers to the visual representation of the general structure in the product content based on the product-related information list. For example, the configuration variable file in the traceability product is introduced through the configuration center platform.

In source detection, the content attributes related to the target software product in the product association information list are filtered based on the source detection rules; the source code source information, dependency source information and common structure source information of the target software product are obtained from the external database based on the content attributes, and the source of the content composition of the software product is revealed through traceability visualization.

FIG. 3E schematically shows a standardized publishing technology stack type according to an embodiment of the present disclosure.

As shown in FIG. 3E , in the disclosed embodiment, product detection supports a variety of standardized technology stacks, including MAVEN, NODEJS, DB, SLB, APIP, COPY, PAAS, DMQS, ETRAN, and DBF. Various technology stacks have exclusive technology stack rule verification templates, and the product content and its attributes are detected according to the verification template requirements. For example, the MAVEN technology stack verification template verifies whether there are compiled binary files such as jar, war, and class in the target product directory, the NODEJS technology stack verification template verifies whether there are front-end related files such as html and js in the dist product directory, the DB technology stack verification template verifies whether there are related sql files such as ddl, dml, and stored procedures, and the SLB, APIP, COPY, PAAS, DMQS, ETRAN, and DBF technology stack verification templates verify whether there are related files such as xls templates.

In rule testing, if the rule testing conditions are met, the test is considered to have passed, and if the conditions are not met, the test is considered to have failed. The rule testing method can reveal whether the software product meets the requirements.

FIG4 schematically shows a detailed process of a software detection method according to an embodiment of the present disclosure.

As shown in FIG. 4 , the detailed process of the software detection method according to the embodiment of the present disclosure includes operations S410 to S460 .

In operation S410, the product inspection object is confirmed. This process is an interactive process. The user confirms the product object to be inspected. In the embodiment of the present disclosure, two confirmation modes are supported: one, the user imports the specified product object to be inspected; the other is to link the product information library and confirm the product object to be inspected according to the product object information selected by the user.

In operation S420, product detection rules are defined. This process is an interactive process. The user defines and confirms the specific rules for product detection. For example, the blacklist and whitelist in the rule detection are defined, and it is confirmed that the rule detection and source detection need to be performed in this detection. The defined product detection rules will be stored in the data terminal.

In operation S430, a product detection operation is initiated, and this process is an execution process. When the user completes the confirmation of the product detection object and the definition of the product detection rules, the product detection operation can be initiated. The product detection system will perform product detection operation task allocation and resource scheduling according to the user's request. Specifically, after the standardized detection rules are formulated, the standard detection task, comparison detection task and source detection task of the target software product are generated; the computing resources of the standard detection task, comparison detection task and source detection task are allocated to respectively execute the detection of the standard detection rules, comparison detection rules and source detection rules.

In operation S440, the product-related resources are obtained, and this process is the execution process. When the product detection job is initiated, according to the product object information to be detected, the external database of the target software product is called to obtain the data involved in the detection of the execution specification detection rules, comparison detection rules and source detection rules, such as obtaining the version library information and the construction process information through the source code information library, the build information library and the product information library.

In operation S450, the product inspection operation is executed. This process is the execution process. After the product-related resources are acquired, the product inspection execution machine executes the product inspection operation according to the product inspection-related rules.

In operation S460, when the product detection operation is completed, the execution data of the product detection operation will be persistently stored. The detection data generated by the target software product is detected based on the standard detection rules, the comparison detection rules and the source detection rules, and a detection report is generated for backup, and the product detection report is returned to the interactive terminal for display to the user.

The present disclosure provides a software detection method based on standardized release, which realizes the detection of the trustworthiness and usability of software products, and provides a strong guarantee for the subsequent process to use the software product package to deploy and go online. Software products that have passed product detection are not prone to omission, inclusion, or errors in product content, and have high version quality; and for the content composition of software products, they have the functions of difference comparison and source tracing, providing users with a clear and efficient product-level process management capability.

Based on the above software detection method, the present disclosure further provides a software detection device, which will be described in detail below in conjunction with FIG. 5 .

FIG5 schematically shows a structural block diagram of a software detection device according to an embodiment of the present disclosure.

As shown in FIG. 5 , the software detection device 500 of this embodiment includes a product import module 510 , a rule generation module 520 , a specification detection module 530 , a comparison detection module 540 and a source detection module 550 .

The artifact importing module 510 is used to import the target software artifact into the detection environment in response to the software detection request. In one embodiment, the artifact importing module 510 can be used to perform the operation S210 described above, which will not be described in detail here.

The rule generation module 520 is used to generate a product structure list of the target software product, and formulate standardized detection rules based on the product structure list, wherein the standardized detection rules include specification detection rules, comparison detection rules, and source detection rules. In one embodiment, the rule generation module 520 can be used to perform the operation S220 described above, which will not be repeated here.

The specification detection module 530 is used to detect files that do not conform to preset rules and technology stacks that do not conform to preset conditions in the product structure list based on the specification detection rules. In one embodiment, the specification detection module 530 can be used to perform the operation S230 described above, which will not be repeated here.

The comparison and detection module 540 is used to detect the difference between the target software product and the comparison software product based on the comparison and detection rules. In one embodiment, the comparison and detection module 540 can be used to perform the operation S240 described above, which will not be described in detail here.

The source detection module 550 is used to detect the content source of the target software product based on the source detection rule. In one embodiment, the source detection module 550 can be used to perform the operation S250 described above, which will not be described in detail here.

According to an embodiment of the present disclosure, any multiple modules of the product import module 510, the rule generation module 520, the specification detection module 530, the comparison detection module 540 and the source detection module 550 can be combined in one module, or any one of them can be split into multiple modules. Alternatively, at least part of the functions of one or more of these modules can be combined with at least part of the functions of other modules and implemented in one module. According to an embodiment of the present disclosure, at least one of the product import module 510, the rule generation module 520, the specification detection module 530, the comparison detection module 540 and the source detection module 550 can be at least partially implemented as a hardware circuit, such as a field programmable gate array (FPGA), a programmable logic array (PLA), a system on a chip, a system on a substrate, a system on a package, an application specific integrated circuit (ASIC), or can be implemented by hardware or firmware such as any other reasonable way of integrating or packaging the circuit, or implemented in any one of the three implementation methods of software, hardware and firmware or in an appropriate combination of any of them. Alternatively, at least one of the product import module 510, the rule generation module 520, the specification detection module 530, the comparison detection module 540 and the source detection module 550 can be at least partially implemented as a computer program module, which can perform corresponding functions when executed.

FIG6 schematically shows a structural block diagram of a product detection system according to an embodiment of the present disclosure.

As shown in FIG. 6 , in an embodiment of the present disclosure, a product detection system is further provided, including the software detection device 500 and the external database 600 as shown in FIG. 5 .

The software detection device 500 is the core of the product detection system. Its components may include three modules: the product detection interactive terminal, the product detection execution terminal, and the product detection data terminal. The product detection interactive terminal is responsible for the interactive capability domain of product detection, including product detection rule definition, product detection job initiation, product detection report query and other functions. The product detection execution terminal is responsible for the execution capability domain of product detection, including product detection job task allocation, product detection job resource scheduling, product detection external resource acquisition, product detection rule execution and other functions. The product detection data terminal is responsible for the data capability domain of product detection, including product detection rule storage, product detection job data persistent storage, product detection report generation and other functions. The product import module 510 and the rule generation module 520 can be integrated with the product detection interactive terminal, and the specification detection module 530, the comparison detection module 540 and the source detection module 550 can be integrated with the product detection execution terminal.

The external database 600 provides necessary detection conditions for software product detection, and its components include a source code information library 610, a build information library 620, and a product information library 630. The source code information library contains software product version library addresses, branches, tags, submission records, and other elements. The build information library contains software product build records, build logs, and other elements. The product information library contains software product entities, software product MD5, and other elements.

The software detection method shown in FIG. 2 to FIG. 4 can be implemented based on a product detection system.

FIG. 7 schematically shows a block diagram of an electronic device suitable for implementing a software detection method according to an embodiment of the present disclosure.

As shown in FIG7 , the electronic device 700 according to an embodiment of the present disclosure includes a processor 701, which can perform various appropriate actions and processes according to a program stored in a read-only memory (ROM) 702 or a program loaded from a storage part 708 to a random access memory (RAM) 703. The processor 701 may include, for example, a general-purpose microprocessor (e.g., a CPU), an instruction set processor and/or a related chipset and/or a dedicated microprocessor (e.g., an application-specific integrated circuit (ASIC)), etc. The processor 701 may also include an onboard memory for caching purposes. The processor 701 may include a single processing unit or multiple processing units for performing different actions of the method flow according to an embodiment of the present disclosure.

In RAM 703, various programs and data required for the operation of electronic device 700 are stored. Processor 701, ROM 702 and RAM 703 are connected to each other through bus 704. Processor 701 performs various operations of the method flow according to the embodiment of the present disclosure by executing the program in ROM 702 and/or RAM 703. It should be noted that the program can also be stored in one or more memories other than ROM 702 and RAM 703. Processor 701 can also perform various operations of the method flow according to the embodiment of the present disclosure by executing the program stored in the one or more memories.

According to an embodiment of the present disclosure, the electronic device 700 may further include an input/output (I/O) interface 705, which is also connected to the bus 704. The electronic device 700 may further include one or more of the following components connected to the I/O interface 705: an input portion 706 including a keyboard, a mouse, etc.; an output portion 707 including a cathode ray tube (CRT), a liquid crystal display (LCD), etc., and a speaker, etc.; a storage portion 708 including a hard disk, etc.; and a communication portion 709 including a network interface card such as a LAN card, a modem, etc. The communication portion 709 performs communication processing via a network such as the Internet. A drive 710 is also connected to the I/O interface 705 as needed. A removable medium 711, such as a magnetic disk, an optical disk, a magneto-optical disk, a semiconductor memory, etc., is installed on the drive 710 as needed, so that a computer program read therefrom is installed into the storage portion 708 as needed.

The present disclosure also provides a computer-readable storage medium, which may be included in the device/apparatus/system described in the above embodiments; or may exist independently without being assembled into the device/apparatus/system. The above computer-readable storage medium carries one or more programs, and when the above one or more programs are executed, the method according to the embodiment of the present disclosure is implemented.

According to an embodiment of the present disclosure, the computer-readable storage medium may be a non-volatile computer-readable storage medium, for example, it may include but is not limited to: a portable computer disk, a hard disk, a random access memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), a portable compact disk read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination thereof. In the present disclosure, a computer-readable storage medium may be any tangible medium containing or storing a program, which may be used by or in combination with an instruction execution system, an apparatus or a device. For example, according to an embodiment of the present disclosure, the computer-readable storage medium may include the ROM 702 and/or RAM 703 described above and/or one or more memories other than ROM 702 and RAM 703.

The embodiment of the present disclosure also includes a computer program product, which includes a computer program, and the computer program contains program code for executing the method shown in the flowchart. When the computer program product is run in a computer system, the program code is used to enable the computer system to implement the software detection method provided by the embodiment of the present disclosure.

The above functions defined in the system/device of the embodiment of the present disclosure are performed when the computer program is executed by the processor 701. According to the embodiment of the present disclosure, the system, device, module, unit, etc. described above can be implemented by a computer program module.

In one embodiment, the computer program may rely on tangible storage media such as optical storage devices, magnetic storage devices, etc. In another embodiment, the computer program may also be transmitted and distributed in the form of signals on a network medium, and downloaded and installed through the communication part 709, and/or installed from the removable medium 711. The program code contained in the computer program may be transmitted using any appropriate network medium, including but not limited to: wireless, wired, etc., or any suitable combination of the above.

In such an embodiment, the computer program can be downloaded and installed from the network through the communication part 709, and/or installed from the removable medium 711. When the computer program is executed by the processor 701, the above functions defined in the system of the embodiment of the present disclosure are performed. According to the embodiment of the present disclosure, the system, device, apparatus, module, unit, etc. described above can be implemented by a computer program module.

According to an embodiment of the present disclosure, the program code for executing the computer program provided by the embodiment of the present disclosure can be written in any combination of one or more programming languages. Specifically, these computing programs can be implemented using high-level process and/or object-oriented programming languages, and/or assembly/machine languages. Programming languages include, but are not limited to, Java, C++, python, "C" language or similar programming languages. The program code can be executed entirely on the user computing device, partially on the user device, partially on the remote computing device, or entirely on the remote computing device or server. In the case of a remote computing device, the remote computing device can be connected to the user computing device through any type of network, including a local area network (LAN) or a wide area network (WAN), or can be connected to an external computing device (for example, using an Internet service provider to connect through the Internet).

The flow chart and block diagram in the accompanying drawings illustrate the possible architecture, function and operation of the system, method and computer program product according to various embodiments of the present disclosure. In this regard, each box in the flow chart or block diagram can represent a module, a program segment, or a part of a code, and the above-mentioned module, program segment, or a part of a code contains one or more executable instructions for realizing the specified logical function. It should also be noted that in some alternative implementations, the functions marked in the box can also occur in a different order from the order marked in the accompanying drawings. For example, two boxes represented in succession can actually be executed substantially in parallel, and they can sometimes be executed in the opposite order, depending on the functions involved. It should also be noted that each box in the block diagram or flow chart, and the combination of the boxes in the block diagram or flow chart can be implemented with a dedicated hardware-based system that performs a specified function or operation, or can be implemented with a combination of dedicated hardware and computer instructions.

It will be appreciated by those skilled in the art that the features described in the various embodiments and/or claims of the present disclosure may be combined and/or combined in various ways, even if such combinations and/or combinations are not explicitly described in the present disclosure. In particular, the features described in the various embodiments and/or claims of the present disclosure may be combined and/or combined in various ways without departing from the spirit and teachings of the present disclosure. All of these combinations and/or combinations fall within the scope of the present disclosure.

The embodiments of the present disclosure are described above. However, these embodiments are only for the purpose of illustration and are not intended to limit the scope of the present disclosure. Although the embodiments are described above separately, this does not mean that the measures in the various embodiments cannot be used in combination to advantage. The scope of the present disclosure is defined by the attached claims and their equivalents. Without departing from the scope of the present disclosure, those skilled in the art may make a variety of substitutions and modifications, which should all fall within the scope of the present disclosure.

Claims (13)

1. A software detection method, characterized in that the method comprises: In response to the software detection request, importing the target software artifact into the detection environment; Generate a product structure list of the target software product, and formulate standardized detection rules based on the product structure list, wherein the standardized detection rules include specification detection rules, comparison detection rules and source detection rules; Detecting files that do not conform to preset rules and technology stacks that do not conform to preset conditions in the product structure list based on the specification detection rules; Detecting the difference between the target software product and the comparison software product based on the comparison detection rule; The content source of the target software product is detected based on the source detection rule. 2. The method according to claim 1, wherein in response to the software detection request, importing the target software product comprises: In response to the software detection request, obtaining product object information of the target software product; The target software product matching the product object information is obtained from a preset product information library, and the target software product is imported into the detection environment. 3. The method according to claim 1, characterized in that the generating of the product structure list of the target software product and formulating standardized detection rules based on the product structure list, wherein the standardized detection rules include specification detection rules, comparison detection rules and source detection rules, including: Traversing the directory structure of the target software product and extracting content attributes to generate a product structure list; Based on the product structure list, file attributes of files included in the target software product and technology stack attributes included in the content attributes are obtained, and based on the file attributes and technology stack attributes, standard detection rules are obtained by matching in a preset standardization rule library; Selecting a comparison item from the artifact structure list based on a user's demand selection instruction, and forming a comparison detection rule including at least one of a directory structure comparison item, a content attribute comparison item, and a construction process comparison item between the target software artifact and the comparison software artifact; Based on the user's demand selection instruction, a source detection object is obtained from the product structure list, and a source detection rule for detecting the source code source, dependency source and common structure source of the source detection object is generated. 4. The method according to claim 1, characterized in that the detecting, based on the specification detection rule, the files that do not conform to the preset rules and the technology stacks that do not conform to the preset conditions in the product structure list comprises: Based on the whitelist specified by the specification detection rule, detecting files corresponding to the file attributes missing from the product structure list compared to the whitelist; Based on the blacklist specified by the specification detection rule, detect the files corresponding to the file attributes not allowed by the blacklist in the product structure list; Based on the technology stack rules specified in the specification detection rules, technology stack attributes in the product structure list that do not meet preset conditions are detected, and the preset condition is that the product structure list includes a verification template file corresponding to the technology stack attribute. 5. The method according to claim 1, wherein detecting the difference between the target software product and the comparison software product based on the comparison detection rule comprises: The directory structure, content attributes and build log of the target software product and the comparison software product are compared based on the comparison detection rules to generate a structure difference list, a content difference list and a build process list. 6. The method according to claim 1, wherein detecting the content source of the target software product based on the source detection rule comprises: Filtering content attributes related to the target software product in the product association information list based on the source detection rule; The source code source information, dependency source information and general structure source information of the target software product are obtained based on the content attributes. 7. The method according to claim 1, characterized in that the method further comprises: After the standardized detection rules are formulated, a standard detection task, a comparison detection task and a source detection task of the target software product are generated; The computing resources of the specification detection task, the comparison detection task and the source detection task are allocated to respectively execute the detection of the specification detection rules, the comparison detection rules and the source detection rules. 8. The method according to claim 7, characterized in that the method further comprises: After generating the specification detection task, the comparison detection task and the source detection task, the external database of the target software product is called to obtain data involved in executing the detection of the specification detection rules, the comparison detection rules and the source detection rules. 9. The method according to claim 1, characterized in that the method further comprises: The detection data generated by detecting the target software product is detected based on the standard detection rules, the comparison detection rules and the source detection rules, and a detection report is generated for backup and user feedback. 10. A software detection device, characterized in that the device comprises: The product import module is used to import the target software product into the detection environment in response to the software detection request; A rule generation module, used to generate a product structure list of the target software product, and formulate standardized detection rules based on the product structure list, wherein the standardized detection rules include specification detection rules, comparison detection rules and source detection rules; A specification detection module, used for detecting files that do not conform to preset rules and technology stacks that do not conform to preset conditions in the product structure list based on the specification detection rules; A comparison and detection module, used for detecting the difference between the target software product and the comparison software product based on the comparison and detection rules; A source detection module is used to detect the content source of the target software product based on the source detection rule. 11. An electronic device, comprising: one or more processors; a storage device for storing one or more computer programs, It is characterized in that the one or more processors execute the one or more computer programs to implement the steps of the method according to any one of claims 1 to 9. 12. A computer-readable storage medium having a computer program/instruction stored thereon, wherein the computer program/instruction, when executed by a processor, implements the steps of the method according to any one of claims 1 to 9. 13. A computer program product, comprising a computer program/instruction, wherein the computer program/instruction, when executed by a processor, implements the steps of the method according to any one of claims 1 to 9.