专栏首页DevOps持续集成SonarQube实践-规则自动翻译

SonarQube实践-规则自动翻译

调研web接口

api/rules/search?languages=java&ps=500&p=1 搜索java规则(所有)

{
    "total":1838,
    "p":1,
    "ps":1,
    "rules":[
        {
            "key":"squid:S2589",
            "repo":"squid",
            "name":"Boolean expressions should not be gratuitous",
            "createdAt":"2019-05-02T19:14:49+0800",
            "htmlDesc":"<p>If a boolean expression doesn't change the evaluation of the condition, then it is entirely unnecessary, and can be removed. If it is gratuitous
because it does not match the programmer's intent, then it's a bug and the expression should be fixed.</p>
<h2>Noncompliant Code Example</h2>
<pre>
a = true;
if (a) { // Noncompliant
doSomething();
}

if (b && a) { // Noncompliant; "a" is always "true"
doSomething();
}

if (c || !a) { // Noncompliant; "!a" is always "false"
doSomething();
}
</pre>
<h2>Compliant Solution</h2>
<pre>
a = true;
if (foo(a)) {
doSomething();
}

if (b) {
doSomething();
}

if (c) {
doSomething();
}
</pre>
<h2>See</h2>
<ul>
<li> MISRA C:2004, 13.7 - Boolean operations whose results are invariant shall not be permitted. </li>
<li> MISRA C:2012, 14.3 - Controlling expressions shall not be invariant </li>
<li> <a href="http://cwe.mitre.org/data/definitions/571">MITRE, CWE-571</a> - Expression is Always True </li>
<li> <a href="http://cwe.mitre.org/data/definitions/570">MITRE, CWE-570</a> - Expression is Always False </li>
<li> <a href="http://cwe.mitre.org/data/definitions/489">MITRE, CWE-489</a> - Leftover Debug Code </li>
<li> <a href="https://www.securecoding.cert.org/confluence/x/NYA5">CERT, MSC12-C.</a> - Detect and remove code that has no effect or is never
executed </li>
</ul>",
            "mdDesc":"<p>If a boolean expression doesn't change the evaluation of the condition, then it is entirely unnecessary, and can be removed. If it is gratuitous
because it does not match the programmer's intent, then it's a bug and the expression should be fixed.</p>
<h2>Noncompliant Code Example</h2>
<pre>
a = true;
if (a) { // Noncompliant
doSomething();
}

if (b && a) { // Noncompliant; "a" is always "true"
doSomething();
}

if (c || !a) { // Noncompliant; "!a" is always "false"
doSomething();
}
</pre>
<h2>Compliant Solution</h2>
<pre>
a = true;
if (foo(a)) {
doSomething();
}

if (b) {
doSomething();
}

if (c) {
doSomething();
}
</pre>
<h2>See</h2>
<ul>
<li> MISRA C:2004, 13.7 - Boolean operations whose results are invariant shall not be permitted. </li>
<li> MISRA C:2012, 14.3 - Controlling expressions shall not be invariant </li>
<li> <a href="http://cwe.mitre.org/data/definitions/571">MITRE, CWE-571</a> - Expression is Always True </li>
<li> <a href="http://cwe.mitre.org/data/definitions/570">MITRE, CWE-570</a> - Expression is Always False </li>
<li> <a href="http://cwe.mitre.org/data/definitions/489">MITRE, CWE-489</a> - Leftover Debug Code </li>
<li> <a href="https://www.securecoding.cert.org/confluence/x/NYA5">CERT, MSC12-C.</a> - Detect and remove code that has no effect or is never
executed </li>
</ul>",
            "severity":"MAJOR",
            "status":"READY",
            "isTemplate":false,
            "tags":[

            ],
            "sysTags":[
                "based-on-misra",
                "cert",
                "cwe",
                "misra",
                "redundant"
            ],
            "lang":"java",
            "langName":"Java",
            "params":[

            ],
            "defaultDebtRemFnType":"CONSTANT_ISSUE",
            "defaultDebtRemFnOffset":"10min",
            "debtOverloaded":false,
            "debtRemFnType":"CONSTANT_ISSUE",
            "debtRemFnOffset":"10min",
            "defaultRemFnType":"CONSTANT_ISSUE",
            "defaultRemFnBaseEffort":"10min",
            "remFnType":"CONSTANT_ISSUE",
            "remFnBaseEffort":"10min",
            "remFnOverloaded":false,
            "type":"CODE_SMELL"
        }
    ]
}

api/qualityprofiles/search?language=java&qualityProfile=java1 java1质量信息

  • response
{
    "profiles":[
        {
            "key":"AWtqxGzkP99GHtfoWcir",
            "name":"java1",
            "language":"java",
            "languageName":"Java",
            "isInherited":false,
            "isDefault":true,
            "activeRuleCount":546,
            "activeDeprecatedRuleCount":8,
            "rulesUpdatedAt":"2019-06-19T01:11:40+0000",
            "userUpdatedAt":"2019-06-19T09:11:40+0800",
            "organization":"default-organization",
            "isBuiltIn":false,
            "actions":{
                "edit":true,
                "setAsDefault":true,
                "copy":true
            }
        }
    ],
    "actions":{
        "create":true
    }
}

api/rules/search?activation=true&qprofile=AWtqxGzkP99GHtfoWcir java1质量规则

{
    "total":546,
    "p":1,
    "ps":1,
    "rules":[
        {
            "key":"squid:S2589",
            "repo":"squid",
            "name":"Boolean expressions should not be gratuitous",
            "createdAt":"2019-05-02T19:14:49+0800",
            "htmlDesc":"<p>If a boolean expression doesn't change the evaluation of the condition, then it is entirely unnecessary, and can be removed. If it is gratuitous
because it does not match the programmer's intent, then it's a bug and the expression should be fixed.</p>
<h2>Noncompliant Code Example</h2>
<pre>
a = true;
if (a) { // Noncompliant
doSomething();
}

if (b && a) { // Noncompliant; "a" is always "true"
doSomething();
}

if (c || !a) { // Noncompliant; "!a" is always "false"
doSomething();
}
</pre>
<h2>Compliant Solution</h2>
<pre>
a = true;
if (foo(a)) {
doSomething();
}

if (b) {
doSomething();
}

if (c) {
doSomething();
}
</pre>
<h2>See</h2>
<ul>
<li> MISRA C:2004, 13.7 - Boolean operations whose results are invariant shall not be permitted. </li>
<li> MISRA C:2012, 14.3 - Controlling expressions shall not be invariant </li>
<li> <a href="http://cwe.mitre.org/data/definitions/571">MITRE, CWE-571</a> - Expression is Always True </li>
<li> <a href="http://cwe.mitre.org/data/definitions/570">MITRE, CWE-570</a> - Expression is Always False </li>
<li> <a href="http://cwe.mitre.org/data/definitions/489">MITRE, CWE-489</a> - Leftover Debug Code </li>
<li> <a href="https://www.securecoding.cert.org/confluence/x/NYA5">CERT, MSC12-C.</a> - Detect and remove code that has no effect or is never
executed </li>
</ul>",
            "mdDesc":"<p>If a boolean expression doesn't change the evaluation of the condition, then it is entirely unnecessary, and can be removed. If it is gratuitous
because it does not match the programmer's intent, then it's a bug and the expression should be fixed.</p>
<h2>Noncompliant Code Example</h2>
<pre>
a = true;
if (a) { // Noncompliant
doSomething();
}

if (b && a) { // Noncompliant; "a" is always "true"
doSomething();
}

if (c || !a) { // Noncompliant; "!a" is always "false"
doSomething();
}
</pre>
<h2>Compliant Solution</h2>
<pre>
a = true;
if (foo(a)) {
doSomething();
}

if (b) {
doSomething();
}

if (c) {
doSomething();
}
</pre>
<h2>See</h2>
<ul>
<li> MISRA C:2004, 13.7 - Boolean operations whose results are invariant shall not be permitted. </li>
<li> MISRA C:2012, 14.3 - Controlling expressions shall not be invariant </li>
<li> <a href="http://cwe.mitre.org/data/definitions/571">MITRE, CWE-571</a> - Expression is Always True </li>
<li> <a href="http://cwe.mitre.org/data/definitions/570">MITRE, CWE-570</a> - Expression is Always False </li>
<li> <a href="http://cwe.mitre.org/data/definitions/489">MITRE, CWE-489</a> - Leftover Debug Code </li>
<li> <a href="https://www.securecoding.cert.org/confluence/x/NYA5">CERT, MSC12-C.</a> - Detect and remove code that has no effect or is never
executed </li>
</ul>",
            "severity":"MAJOR",
            "status":"READY",
            "isTemplate":false,
            "tags":[

            ],
            "sysTags":[
                "based-on-misra",
                "cert",
                "cwe",
                "misra",
                "redundant"
            ],
            "lang":"java",
            "langName":"Java",
            "params":[

            ],
            "defaultDebtRemFnType":"CONSTANT_ISSUE",
            "defaultDebtRemFnOffset":"10min",
            "debtOverloaded":false,
            "debtRemFnType":"CONSTANT_ISSUE",
            "debtRemFnOffset":"10min",
            "defaultRemFnType":"CONSTANT_ISSUE",
            "defaultRemFnBaseEffort":"10min",
            "remFnType":"CONSTANT_ISSUE",
            "remFnBaseEffort":"10min",
            "remFnOverloaded":false,
            "type":"CODE_SMELL"
        }
    ]
}

Python 测试

>>> import requests
>>> import json
>>> 
>>> r = requests.get(url="http://xxxxxx:9000/api/rules/search?languages=java&ps=1000&p=1")
>>> 
>>> 
>>> data = json.loads(r.text)
>>> type(data)
<class 'dict'>
>>> data.keys()
dict_keys(['total', 'p', 'ps', 'rules'])
>>> data['rules'][0].keys()
dict_keys(['key', 'repo', 'name', 'createdAt', 'htmlDesc', 'mdDesc', 'severity', 'status', 'isTemplate', 'tags', 'sysTags', 'lang', 'langName', 'params', 'defaultDebtRemFnType', 'defaultDebtRemFnOffset', 'debtOverloaded', 'debtRemFnType', 'debtRemFnOffset', 'defaultRemFnType', 'defaultRemFnBaseEffort', 'remFnType', 'remFnBaseEffort', 'remFnOverloaded', 'type'])

谷歌翻译脚本

#coding:utf8
import requests
import json
import time
import re
import urllib
import os
import execjs #必须,需要先用pip 安装,用来执行js脚本
import sys
import csv
import subprocess
from bs4 import BeautifulSoup

class Py4Js():     
    def __init__(self):  
        self.ctx = execjs.compile(""" 
              function TL(a) { 
              var k = ""; 
              var b = 406644; 
              var b1 = 3293161072;       
              var jd = "."; 
              var $b = "+-a^+6"; 
              var Zb = "+-3^+b+-f";    
              for (var e = [], f = 0, g = 0; g < a.length; g++) { 
                  var m = a.charCodeAt(g); 
                  128 > m ? e[f++] = m : (2048 > m ? e[f++] = m >> 6 | 192 : (55296 == (m & 64512) && g + 1 < a.length && 56320 == (a.charCodeAt(g + 1) & 64512) ? (m = 65536 + ((m & 1023) << 10) + (a.charCodeAt(++g) & 1023), 
                  e[f++] = m >> 18 | 240, 
                  e[f++] = m >> 12 & 63 | 128) : e[f++] = m >> 12 | 224, 
                  e[f++] = m >> 6 & 63 | 128), 
                  e[f++] = m & 63 | 128) 
              } 
              a = b; 
              for (f = 0; f < e.length; f++) a += e[f], 
              a = RL(a, $b); 
              a = RL(a, Zb); 
              a ^= b1 || 0; 
              0 > a && (a = (a & 2147483647) + 2147483648); 
              a %= 1E6; 
              return a.toString() + jd + (a ^ b) 
            };      
            function RL(a, b) { 
              var t = "a"; 
              var Yb = "+"; 
              for (var c = 0; c < b.length - 2; c += 3) { 
                  var d = b.charAt(c + 2), 
                  d = d >= t ? d.charCodeAt(0) - 87 : Number(d), 
                  d = b.charAt(c + 1) == Yb ? a >>> d: a << d; 
                  a = b.charAt(c) == Yb ? a + d & 4294967295 : a ^ d 
              } 
              return a 
        } 
       """)  

    def getTk(self,text):  
        return self.ctx.call("TL",text)

def buildUrl(text,tk):
    baseUrl='https://translate.google.cn/translate_a/single'
    baseUrl+='?client=t&'
    baseUrl+='sl=auto&'
    baseUrl+='t1=zh-CN&'
    baseUrl+='hl=zh-CN&'
    baseUrl+='dt=at&'
    baseUrl+='dt=bd&'
    baseUrl+='dt=ex&'
    baseUrl+='dt=ld&'
    baseUrl+='dt=md&'
    baseUrl+='dt=qca&'
    baseUrl+='dt=rw&'
    baseUrl+='dt=rm&'
    baseUrl+='dt=ss&'
    baseUrl+='dt=t&'
    baseUrl+='ie=UTF-8&'
    baseUrl+='oe=UTF-8&'
    baseUrl+='otf=1&'
    baseUrl+='pc=1&'
    baseUrl+='ssel=0&'
    baseUrl+='tsel=0&'
    baseUrl+='kc=2&'
    baseUrl+='tk='+str(tk)+'&'
    baseUrl+='q='+text
    
    return baseUrl

def translate(text,index):
    header={
        'authority':'translate.google.cn',
        'method':'GET',
        'path':'',
        'scheme':'https',
        'accept':'*/*',
        'accept-encoding':'gzip, deflate, br',
        'accept-language':'zh-CN,zh;q=0.9',
        'cookie':'',
        'user-agent':'Mozilla/5.0 (Windows NT 10.0; WOW64)  AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.108 Safari/537.36',
        'x-client-data':'CIa2yQEIpbbJAQjBtskBCPqcygEIqZ3KAQioo8oBGJGjygE='
    }
    url=buildUrl(text,js.getTk(text))
    res=''
    try:
      r=requests.get(url)
      result=json.loads(r.text)
      if result[7]!=None:
      # 如果我们文本输错,提示你是不是要找xxx的话,那么重新把xxx正确的翻译之后返回
        try:
              correctText=result[7][0].replace('<b><i>',' ').replace('</i></b>','')
              print(correctText)
              correctUrl=buildUrl(correctText,js.getTk(correctText))
              correctR=requests.get(correctUrl)
              newResult=json.loads(correctR.text)
              res=newResult[0]
        except Exception as e:
              print(e)
              res=result[0][0][0]
      else:

        res = ''
        for i in range(int(index)):
          res= res + result[0][i][0]


  except Exception as e:
      res=''
      print(url)
      print("翻译"+text+"失败")
      print("错误信息:")
      print(e)
  finally:
      return res


class SonarRule(object):

    def __init__(self):
        self.sonarserver = 'http://119.3.228.122:9000/api/rules/search?'
        self.languages = 'java'
        self.searchapi = 'http://119.3.228.122:9000/api/rules/search?activation=true&qprofile=AWtqxGzkP99GHtfoWcir&ps=500'


    def GetRule(self):
        r = requests.get(url=self.searchapi)
        #print(r.status_code)
        #print(r.text)
        if int(r.status_code) == 200 :
            response = json.loads(r.text)

        return response['rules']

    '''
    #print(response.keys())
    #dict_keys(['total', 'p', 'ps', 'rules'])

    #print(response['rules'][0].keys())
    #dict_keys(['key', 'repo', 'name', 'createdAt', 
    #'htmlDesc', 'mdDesc', 'severity', 'status', 'isTemplate', 
    #'tags', 'sysTags', 'lang', 'langName', 'params', 
    #'defaultDebtRemFnType', 'defaultDebtRemFnOffset', 'debtOverloaded', 'debtRemFnType', 'debtRemFnOffset',
     'defaultRemFnType', 'defaultRemFnBaseEffort', 'remFnType', 'remFnBaseEffort', 'remFnOverloaded', 'type'])

    '''


    #filter[name,htmlDesc]
    def FilterTrans(self):
        rules = self.GetRule()
        for i in range(100,499):
            ruleName = rules[i]['name']
            #ruleDesc = rule['htmlDesc'].split('<h2>')[0].replace('<p>','').replace('</p>','').replace('\n','').replace('<code></code>','')
            
            print("Get Rule  [name] and [desc]")
            pattern = re.compile(r'<[^>]+>',re.S)
            ruleDesc = re.sub(pattern,'',rules[i]['htmlDesc'].split('<h2>')[0].replace('\n',' '))
            
            print(i,ruleName)
            print("----------------------")
            print(ruleDesc)
            print("----------------------")

            print("Trans Rule   " + ruleName  )
            
            #计算句点的数量
            index = ruleDesc.count('. ')

            print("----------------------" + str(index))
            res = translate(ruleDesc,index)

            print(type(res))
            print(res)
            
            #save
            with open("sonarqube-rule.txt",'a+',newline='',encoding='utf-8') as datacsv:
              csvwriter = csv.writer(datacsv,dialect=("excel"))
              csvwriter.writerow([str(i),ruleName,str(res),'\n']) 

            '''f = open('','a+')
            f.write(str(i) + ',' + ruleName + ',' + str(res) + '\n')
            f.close()'''

            
            time.sleep(5)


    

if __name__ == '__main__':
    server = SonarRule()
    js=Py4Js()
    server.FilterTrans()

规则翻译内容

0,Boolean expressions should not be gratuitous,如果布尔表达式不改变条件的评估,则完全没有必要,并且可以将其删除。如果它是无偿的,因为它与程序员的意图不匹配,那么这是一个错误,表达式应该被修复。,"
"
1,Servlets should not have mutable instance fields,通过契约,servlet容器创建每个servlet的一个实例,然后将专用线程附加到每个新的传入HTTP请求以处理请求。因此,所有线程共享servlet实例,并通过扩展共享它们的实例字段。为了防止在运行时出现任何误解和意外行为,所有servlet字段应该是静态的和/或最终的,或者只是删除。使用Struts 1.X,org.apache.struts.action.Action上存在相同的约束。,"
"
2,"""default"" clauses should be last",switch可以包含一个默认子句,原因有多种:处理意外值,以显示所有案例都已正确考虑。出于可读性目的,为了帮助开发人员快速找到switch语句的默认行为,建议将default子句放在switch语句的末尾。如果default子句不是switch的最后一个案例,则此规则会引发问题。,"
"
3,"""Optional"" should not be used for parameters",Java语言作者非常坦率地说,Optional仅用作返回类型,作为传达方法可能返回值或不返回值的方法。为此,它很有价值,但在输入端使用Optional会增加您在方法中必须完成的工作,而不会真正增加值。使用Optional参数,您可以从两个可能的输入:null和not-null,到三:null,非null-without-value和non-null-with-value。除此之外,长期可以使用重载来传达某些参数是可选的,并且没有理由拥有可选参数。该规则还检查Guava的Optional,因为它是JDK Optional的灵感。虽然在某些方面(序列化,建议用作集合元素)有所不同,但将其用作参数类型会导致与JDK Optional完全相同的问题。,"
"
4,Conditionally executed blocks should be reachable,始终为true或false的条件表达式可能导致死代码。这样的代码总是错误的,不应该在生产中使用。,"
"
5,Overrides should match their parent class methods in synchronization,当同步方法的@Overrides本身不同步时,结果可能是不正确的同步,因为调用者依赖于父类承诺的线程安全性。,"
"

本文分享自微信公众号 - DevOps持续集成(devopsadmin),作者:努力,奋斗~~

原文出处及转载信息见文内详细说明,如有侵权,请联系 yunjia_community@tencent.com 删除。

原始发表时间:2019-06-19

本文参与腾讯云自媒体分享计划,欢迎正在阅读的你也加入,一起分享。

我来说两句

0 条评论
登录 后参与评论

相关文章

  • MFS-master节点故障切换

    六个节点底层部署了mfs分布式存储,node4(mfsmaster), 其中node1-6都为mfschunkserver,分别开启了metalogger服务。...

    泽阳
  • Prometheus 入门基础知识总结

    <metric name>{<label name>=<label value>, ...},

    泽阳
  • 一文简单了解Python运算符

    泽阳
  • Python里那些深不见底的“坑”

    用户2398817
  • C# VS2015 winform TreeView 之后点击树中的一个节点,触发事件问题

    string name;         private void treeView1_NodeMouseClick(obje...

    静谧的小码农
  • numpy.all

    原文链接:https://numpy.org/doc/1.17/reference/generated/numpy.a...

    于小勇
  • CTF之PHP黑魔法总结

    php黑魔法,是以前做CTF时遇到并记录的,很适合在做CTF代码审计的时候翻翻看看。 一、要求变量原值不同但md5或sha1相同的情况下 1.0e开头的全部相等...

    wangxl
  • windows API 开发飞机订票系统 图形化界面 (三)

    来吧,接下来是各个功能的函数的实现代码。 首先,程序运行时加载读入账户信息和航班信息。接下来就该读取文件了。 我把账户资料和航班信息储存在了.txt文件里 那么...

    欠扁的小篮子
  • 43.python 进程互斥锁Lock

    和前面讲到的  python线程互斥锁Lock 类似,当有多个进程Process同时读写同一个文件时,为了避免数据读写产生异常,我们需要为正在操作的进程加上互斥...

    Python教程
  • 以太坊潜伏多年令全球黑客为之疯狂的“偷渡”漏洞引发偷币狂潮

    世界上有一群人,互联网对于他们来说就是提款机。 是的,过去是,现在更是,因为电子货币的出现,他们提款的速度变得更疯狂。 在2017年,我们的蜜罐监测到一起针对以...

    区块链领域

扫码关注云+社区

领取腾讯云代金券