vcode-analysis 0.1.0__tar.gz → 0.3.0__tar.gz
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- {vcode_analysis-0.1.0/vcode_analysis.egg-info → vcode_analysis-0.3.0}/PKG-INFO +78 -23
- {vcode_analysis-0.1.0 → vcode_analysis-0.3.0}/README.md +77 -22
- {vcode_analysis-0.1.0 → vcode_analysis-0.3.0}/analyzers/directory.py +6 -13
- {vcode_analysis-0.1.0 → vcode_analysis-0.3.0}/analyzers/security.py +28 -9
- vcode_analysis-0.3.0/cli.py +978 -0
- {vcode_analysis-0.1.0 → vcode_analysis-0.3.0}/core/analyzer.py +52 -1
- {vcode_analysis-0.1.0 → vcode_analysis-0.3.0}/core/config.py +8 -5
- vcode_analysis-0.3.0/core/ignore.py +156 -0
- {vcode_analysis-0.1.0 → vcode_analysis-0.3.0}/docs/USER_MANUAL.md +57 -33
- {vcode_analysis-0.1.0 → vcode_analysis-0.3.0}/pyproject.toml +4 -1
- {vcode_analysis-0.1.0 → vcode_analysis-0.3.0/vcode_analysis.egg-info}/PKG-INFO +78 -23
- {vcode_analysis-0.1.0 → vcode_analysis-0.3.0}/vcode_analysis.egg-info/SOURCES.txt +2 -0
- {vcode_analysis-0.1.0 → vcode_analysis-0.3.0}/vcode_analysis.egg-info/top_level.txt +1 -0
- {vcode_analysis-0.1.0 → vcode_analysis-0.3.0}/LICENSE +0 -0
- {vcode_analysis-0.1.0 → vcode_analysis-0.3.0}/MANIFEST.in +0 -0
- {vcode_analysis-0.1.0 → vcode_analysis-0.3.0}/analyzers/__init__.py +0 -0
- {vcode_analysis-0.1.0 → vcode_analysis-0.3.0}/analyzers/architecture.py +0 -0
- {vcode_analysis-0.1.0 → vcode_analysis-0.3.0}/analyzers/code_review.py +0 -0
- {vcode_analysis-0.1.0 → vcode_analysis-0.3.0}/analyzers/documentation.py +0 -0
- {vcode_analysis-0.1.0 → vcode_analysis-0.3.0}/core/__init__.py +0 -0
- {vcode_analysis-0.1.0 → vcode_analysis-0.3.0}/core/git_handler.py +0 -0
- {vcode_analysis-0.1.0 → vcode_analysis-0.3.0}/core/llm_client.py +0 -0
- {vcode_analysis-0.1.0 → vcode_analysis-0.3.0}/docs/design/c-parser-design.md +0 -0
- {vcode_analysis-0.1.0 → vcode_analysis-0.3.0}/docs/design/code-analysis-tool.md +0 -0
- {vcode_analysis-0.1.0 → vcode_analysis-0.3.0}/docs/design/kotlin-parser-design.md +0 -0
- {vcode_analysis-0.1.0 → vcode_analysis-0.3.0}/parsers/__init__.py +0 -0
- {vcode_analysis-0.1.0 → vcode_analysis-0.3.0}/parsers/c/__init__.py +0 -0
- {vcode_analysis-0.1.0 → vcode_analysis-0.3.0}/parsers/c/ast_parser.py +0 -0
- {vcode_analysis-0.1.0 → vcode_analysis-0.3.0}/parsers/c/models.py +0 -0
- {vcode_analysis-0.1.0 → vcode_analysis-0.3.0}/parsers/c/patterns.py +0 -0
- {vcode_analysis-0.1.0 → vcode_analysis-0.3.0}/parsers/c/regex_parser.py +0 -0
- {vcode_analysis-0.1.0 → vcode_analysis-0.3.0}/parsers/c_parser.py +0 -0
- {vcode_analysis-0.1.0 → vcode_analysis-0.3.0}/parsers/java_parser.py +0 -0
- {vcode_analysis-0.1.0 → vcode_analysis-0.3.0}/parsers/javascript_parser.py +0 -0
- {vcode_analysis-0.1.0 → vcode_analysis-0.3.0}/parsers/kotlin/__init__.py +0 -0
- {vcode_analysis-0.1.0 → vcode_analysis-0.3.0}/parsers/kotlin/ast_parser.py +0 -0
- {vcode_analysis-0.1.0 → vcode_analysis-0.3.0}/parsers/kotlin/models.py +0 -0
- {vcode_analysis-0.1.0 → vcode_analysis-0.3.0}/parsers/kotlin/patterns.py +0 -0
- {vcode_analysis-0.1.0 → vcode_analysis-0.3.0}/parsers/kotlin/regex_parser.py +0 -0
- {vcode_analysis-0.1.0 → vcode_analysis-0.3.0}/parsers/kotlin_parser.py +0 -0
- {vcode_analysis-0.1.0 → vcode_analysis-0.3.0}/parsers/python_parser.py +0 -0
- {vcode_analysis-0.1.0 → vcode_analysis-0.3.0}/parsers/typescript_parser.py +0 -0
- {vcode_analysis-0.1.0 → vcode_analysis-0.3.0}/requirements.txt +0 -0
- {vcode_analysis-0.1.0 → vcode_analysis-0.3.0}/setup.cfg +0 -0
- {vcode_analysis-0.1.0 → vcode_analysis-0.3.0}/tests/test_batch_operations.py +0 -0
- {vcode_analysis-0.1.0 → vcode_analysis-0.3.0}/tests/test_c_parser.py +0 -0
- {vcode_analysis-0.1.0 → vcode_analysis-0.3.0}/tests/test_kotlin_parser.py +0 -0
- {vcode_analysis-0.1.0 → vcode_analysis-0.3.0}/tests/test_security_rules.py +0 -0
- {vcode_analysis-0.1.0 → vcode_analysis-0.3.0}/vcode_analysis.egg-info/dependency_links.txt +0 -0
- {vcode_analysis-0.1.0 → vcode_analysis-0.3.0}/vcode_analysis.egg-info/entry_points.txt +0 -0
- {vcode_analysis-0.1.0 → vcode_analysis-0.3.0}/vcode_analysis.egg-info/requires.txt +0 -0
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
Metadata-Version: 2.4
|
|
2
2
|
Name: vcode-analysis
|
|
3
|
-
Version: 0.
|
|
3
|
+
Version: 0.3.0
|
|
4
4
|
Summary: 基于大模型的智能代码分析工具,支持代码审查、文档生成、架构分析和安全扫描
|
|
5
5
|
Author-email: Wellchang <2483808264@qq.com>
|
|
6
6
|
License: MIT
|
|
@@ -40,7 +40,8 @@ Dynamic: license-file
|
|
|
40
40
|
|
|
41
41
|
# Code Analysis - 智能代码分析工具
|
|
42
42
|
|
|
43
|
-
[](https://pypi.org/project/vcode-analysis/)
|
|
44
|
+
[](https://www.python.org/downloads/)
|
|
44
45
|
[](https://opensource.org/licenses/MIT)
|
|
45
46
|
|
|
46
47
|
基于私有化部署大模型的智能代码分析工具,支持代码审查、文档生成、架构分析和安全扫描。
|
|
@@ -53,6 +54,7 @@ Dynamic: license-file
|
|
|
53
54
|
| 📝 **文档生成** | 自动生成模块文档、API 文档 |
|
|
54
55
|
| 🏗️ **架构分析** | 分析项目结构、依赖关系、代码度量 |
|
|
55
56
|
| 🔒 **安全扫描** | 检测常见安全漏洞和风险代码 |
|
|
57
|
+
| ⚡ **并发分析** | 支持多线程并发分析,默认 5 个线程 |
|
|
56
58
|
| 📦 **批量操作** | 批量克隆、批量 Git 操作、多仓库管理 |
|
|
57
59
|
| 📂 **目录分析** | 扫描项目结构、识别技术栈 |
|
|
58
60
|
| 🌐 **多语言支持** | Python, Java, Kotlin, C, JavaScript, TypeScript 等 |
|
|
@@ -62,20 +64,32 @@ Dynamic: license-file
|
|
|
62
64
|
|
|
63
65
|
### 安装
|
|
64
66
|
|
|
67
|
+
**方式一:从 PyPI 安装(推荐)**
|
|
68
|
+
|
|
69
|
+
```bash
|
|
70
|
+
# 基础安装
|
|
71
|
+
pip install vcode-analysis
|
|
72
|
+
|
|
73
|
+
# 安装额外解析器支持
|
|
74
|
+
pip install vcode-analysis[parsers]
|
|
75
|
+
|
|
76
|
+
# 安装所有可选依赖
|
|
77
|
+
pip install vcode-analysis[parsers,rich]
|
|
78
|
+
```
|
|
79
|
+
|
|
80
|
+
**方式二:从源码安装**
|
|
81
|
+
|
|
65
82
|
```bash
|
|
66
|
-
# 克隆项目
|
|
67
83
|
git clone https://gitcode.com/wellchang/code-analysis.git
|
|
68
84
|
cd code-analysis
|
|
69
|
-
|
|
70
|
-
# 安装依赖
|
|
71
|
-
pip install httpx docopt pyyaml
|
|
85
|
+
pip install -e .
|
|
72
86
|
```
|
|
73
87
|
|
|
74
88
|
### 配置
|
|
75
89
|
|
|
76
90
|
```bash
|
|
77
91
|
# 初始化配置文件
|
|
78
|
-
|
|
92
|
+
vcode-analysis config --init
|
|
79
93
|
|
|
80
94
|
# 编辑配置文件
|
|
81
95
|
# ~/.code-analysis/config.yaml
|
|
@@ -84,17 +98,20 @@ python cli.py config --init
|
|
|
84
98
|
### 使用
|
|
85
99
|
|
|
86
100
|
```bash
|
|
87
|
-
#
|
|
88
|
-
|
|
101
|
+
# 代码审查(结果自动保存到 result/目录名_review_时间戳.md)
|
|
102
|
+
vcode-analysis review ./src
|
|
89
103
|
|
|
90
104
|
# 架构分析
|
|
91
|
-
|
|
105
|
+
vcode-analysis arch ./src
|
|
92
106
|
|
|
93
107
|
# 安全扫描
|
|
94
|
-
|
|
108
|
+
vcode-analysis security ./src --deep
|
|
109
|
+
|
|
110
|
+
# 使用 10 个并发线程加速分析
|
|
111
|
+
vcode-analysis review ./src --workers 10
|
|
95
112
|
|
|
96
113
|
# 目录扫描
|
|
97
|
-
|
|
114
|
+
vcode-analysis scan-dir ./project
|
|
98
115
|
```
|
|
99
116
|
|
|
100
117
|
## 📖 命令概览
|
|
@@ -140,7 +157,8 @@ code-analysis/
|
|
|
140
157
|
│ ├── analyzer.py # 分析引擎核心
|
|
141
158
|
│ ├── llm_client.py # LLM 客户端
|
|
142
159
|
│ ├── git_handler.py # Git 操作 + 批量操作
|
|
143
|
-
│
|
|
160
|
+
│ ├── config.py # 配置管理
|
|
161
|
+
│ └── ignore.py # 统一过滤规则
|
|
144
162
|
├── analyzers/
|
|
145
163
|
│ ├── code_review.py # 代码审查
|
|
146
164
|
│ ├── documentation.py # 文档生成
|
|
@@ -160,28 +178,37 @@ code-analysis/
|
|
|
160
178
|
### 代码审查
|
|
161
179
|
|
|
162
180
|
```bash
|
|
163
|
-
#
|
|
164
|
-
|
|
181
|
+
# 审查整个项目(结果保存到 result/src_review_20260320_120000.md)
|
|
182
|
+
vcode-analysis review ./src
|
|
183
|
+
|
|
184
|
+
# 使用 10 个线程加速分析
|
|
185
|
+
vcode-analysis review ./src --workers 10
|
|
186
|
+
|
|
187
|
+
# 自定义输出路径
|
|
188
|
+
vcode-analysis review ./src --output custom_report.md
|
|
165
189
|
|
|
166
190
|
# 审查最新提交
|
|
167
|
-
|
|
191
|
+
vcode-analysis review-commit HEAD
|
|
168
192
|
```
|
|
169
193
|
|
|
170
194
|
### 安全扫描
|
|
171
195
|
|
|
172
196
|
```bash
|
|
173
197
|
# 深度安全扫描
|
|
174
|
-
|
|
198
|
+
vcode-analysis security ./src --deep
|
|
199
|
+
|
|
200
|
+
# 快速扫描
|
|
201
|
+
vcode-analysis security ./src
|
|
175
202
|
```
|
|
176
203
|
|
|
177
204
|
### 批量操作
|
|
178
205
|
|
|
179
206
|
```bash
|
|
180
207
|
# 批量克隆(从文件读取 URL 列表)
|
|
181
|
-
|
|
208
|
+
vcode-analysis batch-clone repos.txt ./projects --parallel
|
|
182
209
|
|
|
183
210
|
# 查看多仓库状态
|
|
184
|
-
|
|
211
|
+
vcode-analysis git-status ~/projects
|
|
185
212
|
```
|
|
186
213
|
|
|
187
214
|
## ⚙️ 配置示例
|
|
@@ -197,11 +224,16 @@ llm:
|
|
|
197
224
|
|
|
198
225
|
analysis:
|
|
199
226
|
max_file_size: 102400
|
|
227
|
+
max_workers: 5 # 并发分析线程数
|
|
200
228
|
ignore_patterns:
|
|
201
|
-
|
|
202
|
-
|
|
203
|
-
|
|
204
|
-
|
|
229
|
+
# 默认已包含多语言依赖目录和缓存文件
|
|
230
|
+
# Python: .venv, venv, __pycache__, .pytest_cache, .mypy_cache
|
|
231
|
+
# Node.js: node_modules, .npm, .yarn
|
|
232
|
+
# Java: target, .gradle
|
|
233
|
+
# Go: vendor
|
|
234
|
+
# .NET: bin, obj
|
|
235
|
+
# 以及: .git, .idea, .vscode, *.pyc, *.min.js 等
|
|
236
|
+
# 用户可在此添加额外的自定义忽略规则
|
|
205
237
|
```
|
|
206
238
|
|
|
207
239
|
## 🤝 扩展开发
|
|
@@ -236,11 +268,34 @@ parser = CASTParser()
|
|
|
236
268
|
result = parser.parse_file('main.c', mode='fast')
|
|
237
269
|
```
|
|
238
270
|
|
|
271
|
+
## 📦 发布到 PyPI
|
|
272
|
+
|
|
273
|
+
### 发布新版本
|
|
274
|
+
|
|
275
|
+
```bash
|
|
276
|
+
# 安装发布工具
|
|
277
|
+
pip install build twine
|
|
278
|
+
|
|
279
|
+
# 构建包
|
|
280
|
+
python -m build
|
|
281
|
+
|
|
282
|
+
# 上传到 PyPI
|
|
283
|
+
twine upload dist/*
|
|
284
|
+
```
|
|
285
|
+
|
|
286
|
+
### 发布到 TestPyPI(测试)
|
|
287
|
+
|
|
288
|
+
```bash
|
|
289
|
+
# 上传到 TestPyPI
|
|
290
|
+
twine upload --repository testpypi dist/*
|
|
291
|
+
```
|
|
292
|
+
|
|
239
293
|
## 📄 许可证
|
|
240
294
|
|
|
241
295
|
[MIT License](LICENSE)
|
|
242
296
|
|
|
243
297
|
## 🔗 链接
|
|
244
298
|
|
|
299
|
+
- [PyPI 包地址](https://pypi.org/project/vcode-analysis/)
|
|
245
300
|
- [项目主页](https://gitcode.com/wellchang/code-analysis)
|
|
246
301
|
- [问题反馈](https://gitcode.com/wellchang/code-analysis/issues)
|
|
@@ -1,6 +1,7 @@
|
|
|
1
1
|
# Code Analysis - 智能代码分析工具
|
|
2
2
|
|
|
3
|
-
[](https://pypi.org/project/vcode-analysis/)
|
|
4
|
+
[](https://www.python.org/downloads/)
|
|
4
5
|
[](https://opensource.org/licenses/MIT)
|
|
5
6
|
|
|
6
7
|
基于私有化部署大模型的智能代码分析工具,支持代码审查、文档生成、架构分析和安全扫描。
|
|
@@ -13,6 +14,7 @@
|
|
|
13
14
|
| 📝 **文档生成** | 自动生成模块文档、API 文档 |
|
|
14
15
|
| 🏗️ **架构分析** | 分析项目结构、依赖关系、代码度量 |
|
|
15
16
|
| 🔒 **安全扫描** | 检测常见安全漏洞和风险代码 |
|
|
17
|
+
| ⚡ **并发分析** | 支持多线程并发分析,默认 5 个线程 |
|
|
16
18
|
| 📦 **批量操作** | 批量克隆、批量 Git 操作、多仓库管理 |
|
|
17
19
|
| 📂 **目录分析** | 扫描项目结构、识别技术栈 |
|
|
18
20
|
| 🌐 **多语言支持** | Python, Java, Kotlin, C, JavaScript, TypeScript 等 |
|
|
@@ -22,20 +24,32 @@
|
|
|
22
24
|
|
|
23
25
|
### 安装
|
|
24
26
|
|
|
27
|
+
**方式一:从 PyPI 安装(推荐)**
|
|
28
|
+
|
|
29
|
+
```bash
|
|
30
|
+
# 基础安装
|
|
31
|
+
pip install vcode-analysis
|
|
32
|
+
|
|
33
|
+
# 安装额外解析器支持
|
|
34
|
+
pip install vcode-analysis[parsers]
|
|
35
|
+
|
|
36
|
+
# 安装所有可选依赖
|
|
37
|
+
pip install vcode-analysis[parsers,rich]
|
|
38
|
+
```
|
|
39
|
+
|
|
40
|
+
**方式二:从源码安装**
|
|
41
|
+
|
|
25
42
|
```bash
|
|
26
|
-
# 克隆项目
|
|
27
43
|
git clone https://gitcode.com/wellchang/code-analysis.git
|
|
28
44
|
cd code-analysis
|
|
29
|
-
|
|
30
|
-
# 安装依赖
|
|
31
|
-
pip install httpx docopt pyyaml
|
|
45
|
+
pip install -e .
|
|
32
46
|
```
|
|
33
47
|
|
|
34
48
|
### 配置
|
|
35
49
|
|
|
36
50
|
```bash
|
|
37
51
|
# 初始化配置文件
|
|
38
|
-
|
|
52
|
+
vcode-analysis config --init
|
|
39
53
|
|
|
40
54
|
# 编辑配置文件
|
|
41
55
|
# ~/.code-analysis/config.yaml
|
|
@@ -44,17 +58,20 @@ python cli.py config --init
|
|
|
44
58
|
### 使用
|
|
45
59
|
|
|
46
60
|
```bash
|
|
47
|
-
#
|
|
48
|
-
|
|
61
|
+
# 代码审查(结果自动保存到 result/目录名_review_时间戳.md)
|
|
62
|
+
vcode-analysis review ./src
|
|
49
63
|
|
|
50
64
|
# 架构分析
|
|
51
|
-
|
|
65
|
+
vcode-analysis arch ./src
|
|
52
66
|
|
|
53
67
|
# 安全扫描
|
|
54
|
-
|
|
68
|
+
vcode-analysis security ./src --deep
|
|
69
|
+
|
|
70
|
+
# 使用 10 个并发线程加速分析
|
|
71
|
+
vcode-analysis review ./src --workers 10
|
|
55
72
|
|
|
56
73
|
# 目录扫描
|
|
57
|
-
|
|
74
|
+
vcode-analysis scan-dir ./project
|
|
58
75
|
```
|
|
59
76
|
|
|
60
77
|
## 📖 命令概览
|
|
@@ -100,7 +117,8 @@ code-analysis/
|
|
|
100
117
|
│ ├── analyzer.py # 分析引擎核心
|
|
101
118
|
│ ├── llm_client.py # LLM 客户端
|
|
102
119
|
│ ├── git_handler.py # Git 操作 + 批量操作
|
|
103
|
-
│
|
|
120
|
+
│ ├── config.py # 配置管理
|
|
121
|
+
│ └── ignore.py # 统一过滤规则
|
|
104
122
|
├── analyzers/
|
|
105
123
|
│ ├── code_review.py # 代码审查
|
|
106
124
|
│ ├── documentation.py # 文档生成
|
|
@@ -120,28 +138,37 @@ code-analysis/
|
|
|
120
138
|
### 代码审查
|
|
121
139
|
|
|
122
140
|
```bash
|
|
123
|
-
#
|
|
124
|
-
|
|
141
|
+
# 审查整个项目(结果保存到 result/src_review_20260320_120000.md)
|
|
142
|
+
vcode-analysis review ./src
|
|
143
|
+
|
|
144
|
+
# 使用 10 个线程加速分析
|
|
145
|
+
vcode-analysis review ./src --workers 10
|
|
146
|
+
|
|
147
|
+
# 自定义输出路径
|
|
148
|
+
vcode-analysis review ./src --output custom_report.md
|
|
125
149
|
|
|
126
150
|
# 审查最新提交
|
|
127
|
-
|
|
151
|
+
vcode-analysis review-commit HEAD
|
|
128
152
|
```
|
|
129
153
|
|
|
130
154
|
### 安全扫描
|
|
131
155
|
|
|
132
156
|
```bash
|
|
133
157
|
# 深度安全扫描
|
|
134
|
-
|
|
158
|
+
vcode-analysis security ./src --deep
|
|
159
|
+
|
|
160
|
+
# 快速扫描
|
|
161
|
+
vcode-analysis security ./src
|
|
135
162
|
```
|
|
136
163
|
|
|
137
164
|
### 批量操作
|
|
138
165
|
|
|
139
166
|
```bash
|
|
140
167
|
# 批量克隆(从文件读取 URL 列表)
|
|
141
|
-
|
|
168
|
+
vcode-analysis batch-clone repos.txt ./projects --parallel
|
|
142
169
|
|
|
143
170
|
# 查看多仓库状态
|
|
144
|
-
|
|
171
|
+
vcode-analysis git-status ~/projects
|
|
145
172
|
```
|
|
146
173
|
|
|
147
174
|
## ⚙️ 配置示例
|
|
@@ -157,11 +184,16 @@ llm:
|
|
|
157
184
|
|
|
158
185
|
analysis:
|
|
159
186
|
max_file_size: 102400
|
|
187
|
+
max_workers: 5 # 并发分析线程数
|
|
160
188
|
ignore_patterns:
|
|
161
|
-
|
|
162
|
-
|
|
163
|
-
|
|
164
|
-
|
|
189
|
+
# 默认已包含多语言依赖目录和缓存文件
|
|
190
|
+
# Python: .venv, venv, __pycache__, .pytest_cache, .mypy_cache
|
|
191
|
+
# Node.js: node_modules, .npm, .yarn
|
|
192
|
+
# Java: target, .gradle
|
|
193
|
+
# Go: vendor
|
|
194
|
+
# .NET: bin, obj
|
|
195
|
+
# 以及: .git, .idea, .vscode, *.pyc, *.min.js 等
|
|
196
|
+
# 用户可在此添加额外的自定义忽略规则
|
|
165
197
|
```
|
|
166
198
|
|
|
167
199
|
## 🤝 扩展开发
|
|
@@ -196,11 +228,34 @@ parser = CASTParser()
|
|
|
196
228
|
result = parser.parse_file('main.c', mode='fast')
|
|
197
229
|
```
|
|
198
230
|
|
|
231
|
+
## 📦 发布到 PyPI
|
|
232
|
+
|
|
233
|
+
### 发布新版本
|
|
234
|
+
|
|
235
|
+
```bash
|
|
236
|
+
# 安装发布工具
|
|
237
|
+
pip install build twine
|
|
238
|
+
|
|
239
|
+
# 构建包
|
|
240
|
+
python -m build
|
|
241
|
+
|
|
242
|
+
# 上传到 PyPI
|
|
243
|
+
twine upload dist/*
|
|
244
|
+
```
|
|
245
|
+
|
|
246
|
+
### 发布到 TestPyPI(测试)
|
|
247
|
+
|
|
248
|
+
```bash
|
|
249
|
+
# 上传到 TestPyPI
|
|
250
|
+
twine upload --repository testpypi dist/*
|
|
251
|
+
```
|
|
252
|
+
|
|
199
253
|
## 📄 许可证
|
|
200
254
|
|
|
201
255
|
[MIT License](LICENSE)
|
|
202
256
|
|
|
203
257
|
## 🔗 链接
|
|
204
258
|
|
|
259
|
+
- [PyPI 包地址](https://pypi.org/project/vcode-analysis/)
|
|
205
260
|
- [项目主页](https://gitcode.com/wellchang/code-analysis)
|
|
206
261
|
- [问题反馈](https://gitcode.com/wellchang/code-analysis/issues)
|
|
@@ -11,6 +11,8 @@ from typing import Optional
|
|
|
11
11
|
from collections import defaultdict
|
|
12
12
|
from enum import Enum
|
|
13
13
|
|
|
14
|
+
from core.ignore import get_ignore_dirs, get_ignore_files
|
|
15
|
+
|
|
14
16
|
|
|
15
17
|
class ProjectType(Enum):
|
|
16
18
|
"""项目类型"""
|
|
@@ -187,20 +189,11 @@ FRAMEWORK_INDICATORS = {
|
|
|
187
189
|
"GitHub Actions": {"dirs": [".github/workflows"]},
|
|
188
190
|
}
|
|
189
191
|
|
|
190
|
-
#
|
|
191
|
-
IGNORE_DIRS =
|
|
192
|
-
"node_modules", ".git", "__pycache__", ".venv", "venv", "env",
|
|
193
|
-
"dist", "build", "target", ".idea", ".vscode", ".tox",
|
|
194
|
-
".pytest_cache", ".mypy_cache", "coverage", "htmlcov",
|
|
195
|
-
"vendor", "Pods", "Carthage", ".gradle", ".mvn",
|
|
196
|
-
"bin", "obj", "pkg", ".cache",
|
|
197
|
-
}
|
|
192
|
+
# 忽略的目录(使用统一配置)
|
|
193
|
+
IGNORE_DIRS = get_ignore_dirs()
|
|
198
194
|
|
|
199
|
-
#
|
|
200
|
-
IGNORE_FILES =
|
|
201
|
-
".DS_Store", "Thumbs.db", "*.pyc", "*.pyo", "*.o", "*.a",
|
|
202
|
-
"*.so", "*.dylib", "*.dll", "*.exe", "*.log",
|
|
203
|
-
}
|
|
195
|
+
# 忽略的文件(使用统一配置)
|
|
196
|
+
IGNORE_FILES = get_ignore_files()
|
|
204
197
|
|
|
205
198
|
|
|
206
199
|
class DirectoryAnalyzer:
|
|
@@ -657,15 +657,34 @@ class SecurityAnalyzer:
|
|
|
657
657
|
return self.scan_file(file_info)
|
|
658
658
|
|
|
659
659
|
def scan_project(self, target_path: str, deep: bool = False) -> list[SecurityResult]:
|
|
660
|
-
"""
|
|
661
|
-
|
|
662
|
-
file_infos = list(self.analyzer.scan_files(target_path))
|
|
660
|
+
"""扫描整个项目(并发)"""
|
|
661
|
+
from concurrent.futures import ThreadPoolExecutor, as_completed
|
|
663
662
|
|
|
664
|
-
|
|
665
|
-
|
|
666
|
-
|
|
667
|
-
|
|
668
|
-
|
|
669
|
-
|
|
663
|
+
file_infos = list(self.analyzer.scan_files(target_path))
|
|
664
|
+
total = len(file_infos)
|
|
665
|
+
results: list[SecurityResult] = [None] * total # type: ignore
|
|
666
|
+
|
|
667
|
+
# 选择扫描函数
|
|
668
|
+
scan_func = self.deep_scan if deep else self.scan_file
|
|
669
|
+
max_workers = self.analyzer.config.analysis.max_workers
|
|
670
|
+
|
|
671
|
+
with ThreadPoolExecutor(max_workers=max_workers) as executor:
|
|
672
|
+
future_to_index = {
|
|
673
|
+
executor.submit(scan_func, file_info): i
|
|
674
|
+
for i, file_info in enumerate(file_infos)
|
|
675
|
+
}
|
|
676
|
+
|
|
677
|
+
for future in as_completed(future_to_index):
|
|
678
|
+
index = future_to_index[future]
|
|
679
|
+
try:
|
|
680
|
+
results[index] = future.result()
|
|
681
|
+
except Exception as e:
|
|
682
|
+
file_info = file_infos[index]
|
|
683
|
+
results[index] = SecurityResult(
|
|
684
|
+
file_path=file_info.relative_path,
|
|
685
|
+
issues=[],
|
|
686
|
+
risk_score=0,
|
|
687
|
+
passed=True,
|
|
688
|
+
)
|
|
670
689
|
|
|
671
690
|
return results
|