-
公开(公告)号:US20190205122A1
公开(公告)日:2019-07-04
申请号:US16229569
申请日:2018-12-21
Applicant: SEMMLE LIMITED
Inventor: Arthur Baars , Sebastiaan Johannes van Schaik
IPC: G06F8/71 , G06F8/41 , G06K9/62 , G06F16/901
CPC classification number: G06F8/71 , G06F8/41 , G06F16/9024 , G06K9/6267
Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for classifying system-generated code. One of the methods includes generating data representing a state of source code files of the snapshot before performing a build process for the snapshot. An instrumented build process is performed for the snapshot, including intercepting each compiler call of a plurality of compiler calls by the build process for the snapshot, and designating one or more respective source code files of each compiler call as source code files compiled during the build process for the snapshot. One or more source code files that are new or were modified after the build process was initiated are classified as source code files having system-generated source code.
-
公开(公告)号:US20190205107A1
公开(公告)日:2019-07-04
申请号:US16229653
申请日:2018-12-21
Applicant: SEMMLE LIMITED
Inventor: Pavel Avgustinov , Julian Tibble
IPC: G06F8/41 , G06F16/172
CPC classification number: G06F8/433 , G06F16/172
Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for how a build system uses import graphs to maintain a current compilation cache and determine when compilation targets should be recompiled. A request is received to compile a compilation target. A plurality of files are identified that are used to build the compilation target. An import graph that represents import dependencies among the files used the build the compilation target is generated for the compilation target. The import graph is traversed to assign a respective identifier to each node in the import graph. A cache key is generated from data representing import relationships represented by the import graph and data representing contents of files used to build the compilation target. If the cache key is invalid or does not exist, compiling the compilation target.
-
公开(公告)号:US20190205105A1
公开(公告)日:2019-07-04
申请号:US15858279
申请日:2017-12-29
Applicant: SEMMLE LIMITED
Inventor: Jonas B. Jensen
CPC classification number: G06F8/41 , G06F8/61 , G06F8/71 , G06F8/75 , G06F9/45512 , G06F16/148
Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for automatically identifying and installing missing packages during an instrumented build. One of the methods includes intercepting, by a source code analysis system, a call from a build system that references a file system path. If the file system path does not exist on the build system, a search is performed to identify a source code package having a filename in the file system path, and the source code package is installed on the build system. After installing the source code package on the build system, the intercepted call is executed.
-
公开(公告)号:US10255065B1
公开(公告)日:2019-04-09
申请号:US15857967
申请日:2017-12-29
Applicant: SEMMLE LIMITED
Inventor: Jonas B. Jensen
Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for performing automatic builds of snapshots using software packages with highly similar contents. One of the methods includes computing, by a source code analysis system, a respective similarity score between contents of a particular snapshot and contents of each software package of a plurality of software packages in one or more package repositories. A highest-scoring software package for the snapshot is determined using the computed similarity scores. An automatic build of the snapshot using the highest-scoring software package is performed, including identifying one or more dependencies and one or more build commands from the highest-scoring software package, installing the one or more dependencies in a build environment of the snapshot, and executing the one or more build commands in the build environment of the snapshot.
-
公开(公告)号:USD809008S1
公开(公告)日:2018-01-30
申请号:US29586317
申请日:2016-12-02
Applicant: Semmle Limited
Designer: Sophie Conchonnet
-
Patent Agency Ranking
公开(公告)号:US09830148B1
公开(公告)日:2017-11-28
申请号:US15418480
申请日:2017-01-27
Applicant: SEMMLE LIMITED
Inventor: Man Yue Mo
IPC: G06F9/44
Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for providing user-specific source code alert information. One of the methods includes receiving a user identifier of a user that has previously accessed source code of a code base, and receiving source code access data that includes access metrics related to prior user access of the source code. Based on the source code access data and on source code that has previously been accessed by the user, relevant source code that has previously been accessed by other users is determined. Source code alerts are received for the code base, and a user-specific organization of alerts is provided for the user that identifies alerts for source code problems occurring in the source code, including at least one source code unit that has previously been accessed by another user.
-
公开(公告)号:US09823912B2
公开(公告)日:2017-11-21
申请号:US14884590
申请日:2015-10-15
Applicant: SEMMLE LIMITED
Inventor: Alexander Spoon
CPC classification number: G06F8/433 , G06F11/3604 , G06F21/577 , G06F21/6227
Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for performing data flow analysis using collapsed contexts. One of the methods includes obtaining data representing a plurality of software elements, wherein one or more software elements are initially designated as elements having the particular property; iteratively designating other software elements to which data of the one or more elements having the particular property flows, including: whenever the program includes multiple calls to a function, analyzing the function in a collapsed context to determine whether any argument flows to a return value of the function, and whenever any data in an argument that has the particular property according to the collapsed context flows to a return value of the function, adding each call to the function throughout the program having one argument having the particular property; and providing the set of software elements having the particular property.
-
公开(公告)号:US09798540B1
公开(公告)日:2017-10-24
申请号:US15498227
申请日:2017-04-26
Applicant: SEMMLE LIMITED
Inventor: Jean Helie
CPC classification number: G06F8/77 , G06F8/42 , G06F8/75 , G06F11/3616
Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for automatically classifying static analysis rules as being anomalous or not. One of the methods includes receiving alerts generated by a particular static analysis rule for a plurality of different software projects analyzed by a static analysis system. For each project, a respective alert proportion metric value is computed. Each of the plurality of different software projects is classified according to the alert proportion metric values as being one non-outlier projects or outlier projects. If more than a threshold number of projects were classified as being outlier projects for the particular static analysis rule, the particular static analysis rule is classified as an anomalous static analysis rule.
-
公开(公告)号:US09690690B1
公开(公告)日:2017-06-27
申请号:US15282714
申请日:2016-09-30
Applicant: SEMMLE LIMITED
Inventor: Anders Starcke Henriksen
CPC classification number: G06F8/77 , G06F8/71 , G06F8/75 , G06F11/3604 , G06F11/3616 , G06F11/3692
Abstract: Methods for reducing storage and performing static analysis on violations across code base revisions are disclosed. An example method begins with receiving a child snapshot representing a code base at a specific revision. A parent snapshot is identified. Then, canonical representations for violations representing coding defects in the parent and child snapshots are computed. An example method determines matching violations between the snapshots, unmatched parent violations, and unmatched child violations. For matching violations that have different canonical representations, a mapping between the parent snapshot violation and the child snapshot violation is stored using their respective canonical representations. For unmatched parent violations, each violation's canonical representation is stored with an indication that the violation has been eliminated from the child snapshot. For unmatched child violations, each violation's canonical representation is stored with an indication that the violation has been introduced in the child snapshot.
-
公开(公告)号:US09684492B2
公开(公告)日:2017-06-20
申请号:US14867969
申请日:2015-09-28
Applicant: SEMMLE LIMITED
Inventor: Peter Cawley
CPC classification number: G06F8/37 , G06F8/41 , G06F8/423 , G06F8/43 , G06F8/447 , G06F8/71 , G06F9/455 , G06F9/45508 , G06F9/45516 , G06F11/3668
Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for automatically determining configuration properties of a compiler. One of the methods includes determining that an executable of the newly created process is a compiler called by the build system to compile source code of a source code file. In response to the determining, a plurality of configuration properties of the compiler called by the build system are determined, the configuration properties including first properties of a plurality of built-in functions of the compiler, second properties of a plurality of built-in types of the compiler, or both. A compiler emulator is configured to emulate the behavior of the compiler called by the build system using the determined configuration properties. Access to the source code is provided to the compiler emulator configured using the determined configuration properties.
-
-
-
-
-
-
-
-
-
Search Results
135
records
(took 0.024 seconds)
