huangping/starRiverProperty
1
0
Fork 0
mirror of https://github.com/hpd840321/starRiverProperty.git synced 2026-06-09 08:20:31 +08:00
Code Issues Packages Projects Releases Wiki Activity

chore(v0.11): 全路径纳入版本库与走查整改

Browse Source 
- .gitignore:显式放行全部 maven-*、scripts、dev-support、frontend、反1、artifacts、历史导出目录
- 新增跟踪:device-manager/device-sdk/legacy-public、davinci-manager、cwos-*、cwos-resource 等源码与附属资源
- davinci FileStorageManagerImpl:Feign Response 关闭、绝对 URL 拉流 SSRF 校验(协议/主机/解析地址)
- davinci OuterCallFeignClient:补充契约说明
- cwos-common-aks AksConstant:final 类 + 私有构造防误实例化
- device-manager DeviceConstant:沿用 DEFAULT_APPLICATIONID 拼写修正

Made-with: Cursor

Former-commit-id: 0a34c76a82
This commit is contained in:
反编译工作区
2026-04-24 23:54:05 +08:00
parent de6245a492
commit 27c3949045
3193 changed files with 227339 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
scripts/alibaba_heuristic_audit.py
+107
View File
@@ -0,0 +1,107 @@
#!/usr/bin/env python3
"""
Heuristic static checks aligned with common 阿里巴巴手册 themes (not full P3C).
Outputs markdown to stdout or --out file.
"""
from __future__ import annotations
import argparse
import re
import sys
from pathlib import Path
TAB = re.compile(r"^\t+")
TRAIL = re.compile(r"[ \t]+$")
LONG_LINE = re.compile(r".{121,}")
SYSTEM_OUT = re.compile(r"\bSystem\.(out|err)\.(print|println)\s*\(")
EMPTY_CATCH = re.compile(r"catch\s*\([^)]+\)\s*\{\s*\}", re.MULTILINE)
CATCH_EXCEPTION_PASS = re.compile(
r"catch\s*\(\s*Exception\s+\w+\s*\)\s*\{\s*\}", re.MULTILINE
)
TODO_FXXX = re.compile(r"\b(FIXME|XXX)\b", re.IGNORECASE)
def scan_file(path: Path, rel: str) -> list[tuple[str, int, str]]:
issues: list[tuple[str, int, str]] = []
try:
text = path.read_text(encoding="utf-8", errors="replace")
except OSError as e:
return [("ERROR", 0, f"{rel}: {e}")]
lines = text.splitlines()
for i, line in enumerate(lines, 1):
if TAB.search(line):
issues.append(("FORMAT", i, "行首含 TAB,建议仅用空格缩进(手册排版/可读)"))
if TRAIL.search(line):
issues.append(("FORMAT", i, "行尾多余空白"))
if LONG_LINE.search(line):
issues.append(("FORMAT", i, "行宽超过约 120 字符,建议换行(团队规约常见上限)"))
if SYSTEM_OUT.search(line) and "/test/" not in str(path).replace("\\", "/"):
issues.append(("STYLE", i, "使用 System.out/err,生产代码建议改用日志框架"))
if TODO_FXXX.search(line):
issues.append(("STYLE", i, "含 FIXME/XXX 标记,发版前应清理或跟踪"))
body = "\n".join(lines)
if EMPTY_CATCH.search(body):
issues.append(("RISK", 0, "存在空 catch 块 {},手册建议至少记录或处理异常"))
if CATCH_EXCEPTION_PASS.search(body):
issues.append(
("RISK", 0, "存在 catch (Exception) { } 空实现,建议细化异常类型或记录日志")
)
return issues
def main() -> int:
ap = argparse.ArgumentParser()
ap.add_argument(
"--repo",
type=Path,
default=Path(__file__).resolve().parent.parent,
help="Repo root containing maven-*",
)
ap.add_argument("--out", type=Path, default=None, help="Write markdown report")
args = ap.parse_args()
repo: Path = args.repo
roots = sorted(p for p in repo.glob("maven-*") if p.is_dir())
lines_out: list[str] = []
lines_out.append("# 阿里巴巴手册相关:启发式静态扫描\n")
lines_out.append(
"> 非 P3C 全量规则;仅覆盖 **TAB/行尾空白/超长行/System.out/空 catch/FIXME** 等易自动化项。\n"
)
grand = 0
for root in roots:
name = root.name
lines_out.append(f"\n## `{name}`\n")
mod_issues = 0
for java in sorted(root.rglob("*.java")):
sp = str(java).replace("\\", "/")
if "/target/" in sp:
continue
rel = java.relative_to(repo)
found = scan_file(java, str(rel))
if not found:
continue
mod_issues += len(found)
lines_out.append(f"\n### `{rel}`\n")
lines_out.append("| 级别 | 行 | 说明 |\n|------|----|------|\n")
for sev, ln, msg in found[:30]:
lines_out.append(f"| {sev} | {ln or '-'} | {msg} |\n")
if len(found) > 30:
lines_out.append(f"\n… 另有 {len(found) - 30} 条(同文件省略)\n")
if mod_issues == 0:
lines_out.append("\n(本模块未发现上述启发式命中项)\n")
grand += mod_issues
lines_out.append(f"\n---\n\n**启发式命中条数(含重复行规则)**:{grand}\n")
text = "".join(lines_out)
if args.out:
args.out.parent.mkdir(parents=True, exist_ok=True)
args.out.write_text(text, encoding="utf-8")
print(args.out, file=sys.stderr)
else:
sys.stdout.write(text)
return 0
if __name__ == "__main__":
sys.exit(main())
scripts/compare_jar_to_sources.py
+100
View File
@@ -0,0 +1,100 @@
#!/usr/bin/env python3
"""Compare a JAR's .class entries to decompiled .java tree (Maven src/main/java)."""
from __future__ import annotations
import argparse
import sys
import zipfile
from pathlib import Path
def jar_class_entries(jar_path: Path) -> set[str]:
"""FQN-like names for each .class (uses /), inner as Outer$Inner."""
out: set[str] = set()
with zipfile.ZipFile(jar_path, "r") as zf:
for name in zf.namelist():
if not name.endswith(".class") or "META-INF" in name:
continue
rel = name[:-6] # drop .class
out.add(rel.replace("/", "."))
return out
def java_fqns(src_root: Path) -> set[str]:
"""Best-effort FQN from path .../src/main/java/a/b/C.java -> a.b.C."""
src_root = src_root.resolve()
java_root = src_root / "src/main/java"
if not java_root.is_dir():
if src_root.name == "java" and (src_root.parent / "main").exists():
java_root = src_root
else:
return set()
fqns: set[str] = set()
for f in java_root.rglob("*.java"):
rel = f.relative_to(java_root).with_suffix("")
fqns.add(".".join(rel.parts))
return fqns
def outer_java_for_class(fqn: str, java_fqns: set[str]) -> str | None:
"""Map class FQN to expected .java outer name (strip $ inner)."""
if "$" in fqn:
outer = fqn.split("$", 1)[0]
else:
outer = fqn
if outer in java_fqns:
return outer
return None
def analyze(jar: Path, src_module_roots: list[Path]) -> dict:
classes = jar_class_entries(jar)
all_java: set[str] = set()
for root in src_module_roots:
if root.is_dir():
all_java |= java_fqns(root)
missing_outer: list[str] = []
for c in sorted(classes):
if c.startswith("module-info"):
continue
if outer_java_for_class(c, all_java) is None:
missing_outer.append(c)
# "extra" java: outer types not present as any class in jar (rough)
jar_outers = {x.split("$", 1)[0] for x in classes if not x.startswith("module-info")}
extra_java = sorted(x for x in all_java if x not in jar_outers and "$" not in x)
return {
"jar": str(jar),
"class_count": len(classes),
"java_outer_count": len(all_java),
"missing_classes": missing_outer,
"possibly_extra_sources": extra_java[:200], # cap
"possibly_extra_sources_total": len(extra_java),
}
def main() -> int:
ap = argparse.ArgumentParser()
ap.add_argument("jar", type=Path)
ap.add_argument("src_roots", nargs="+", type=Path, help="Module dirs containing src/main/java")
args = ap.parse_args()
r = analyze(args.jar, args.src_roots)
print(f"JAR: {r['jar']}")
print(f"Classes in JAR: {r['class_count']}; outer .java types under src/main/java: {r['java_outer_count']}")
miss = r["missing_classes"]
print(f"Missing (no matching outer .java): {len(miss)}")
for line in miss[:80]:
print(f" - {line}")
if len(miss) > 80:
print(f" ... and {len(miss) - 80} more")
ex = r["possibly_extra_sources"]
tot = r["possibly_extra_sources_total"]
print(f"Possibly extra .java (not as outer in JAR): {tot} (showing up to {len(ex)})")
for line in ex[:40]:
print(f" + {line}")
if tot > 40:
print(f" ...")
return 1 if miss else 0
if __name__ == "__main__":
sys.exit(main())
scripts/strip_jdcore_java_noise.py
+95
View File
@@ -0,0 +1,95 @@
#!/usr/bin/env python3
"""
Remove JD-Core decompiler noise from Java sources under maven-*:
- Line prefix comments: /* */ and /* N */ (line numbers)
- Trailing metadata block: /* Location: ... JD-Core Version: ... */
Does not strip normal Javadoc /** ... */ or arbitrary block comments.
"""
from __future__ import annotations
import argparse
import re
import sys
from pathlib import Path
RE_LINE_EMPTY_PREFIX = re.compile(r"^/\* +\*/\s*")
RE_LINE_NUM_PREFIX = re.compile(r"^/\* \d+ \*/\s*")
# Ends with line like " */" (space + */) after "* JD-Core Version: ..."
RE_TAIL_META = re.compile(
r"(?:^|\n)/\* Location:.*?\n\s*\*/\s*",
re.DOTALL,
)
def strip_content(text: str) -> str:
text = text.replace("\r\n", "\n").replace("\r", "\n")
lines = text.split("\n")
stripped = []
for line in lines:
line = RE_LINE_EMPTY_PREFIX.sub("", line)
line = RE_LINE_NUM_PREFIX.sub("", line)
stripped.append(line)
joined = "\n".join(stripped)
joined = RE_TAIL_META.sub("\n", joined)
if joined and not joined.endswith("\n"):
joined += "\n"
return joined
def process_file(path: Path, dry_run: bool) -> bool:
raw = path.read_text(encoding="utf-8", errors="replace")
new = strip_content(raw)
raw_norm = raw.replace("\r\n", "\n").replace("\r", "\n")
if raw_norm and not raw_norm.endswith("\n"):
raw_norm += "\n"
if new == raw_norm:
return False
if not dry_run:
path.write_text(new, encoding="utf-8", newline="\n")
return True
def main() -> int:
ap = argparse.ArgumentParser(description=__doc__)
ap.add_argument(
"roots",
nargs="*",
type=Path,
help="Optional roots (default: all maven-* under repo root next to scripts/)",
)
ap.add_argument("--dry-run", action="store_true", help="Report only, do not write")
args = ap.parse_args()
script_dir = Path(__file__).resolve().parent
repo = script_dir.parent
if args.roots:
roots = [Path(p).resolve() for p in args.roots]
else:
roots = sorted(repo.glob("maven-*"))
roots = [p for p in roots if p.is_dir()]
changed = 0
scanned = 0
for root in roots:
if not root.exists():
print(f"skip missing: {root}", file=sys.stderr)
continue
for path in root.rglob("*.java"):
if "/target/" in str(path).replace("\\", "/"):
continue
scanned += 1
if process_file(path, args.dry_run):
changed += 1
if args.dry_run:
print(f"would update: {path}")
print(f"Scanned: {scanned} Java files under {len(roots)} root(s)")
print(f"{'Would change' if args.dry_run else 'Changed'}: {changed} file(s)")
return 0
if __name__ == "__main__":
sys.exit(main())