GitHub ya sanar da ƙarin tsarin koyo na injin gwaji zuwa sabis ɗin duba lambar don gano nau'ikan lahani na gama gari a cikin lamba. A matakin gwaji, sabon aikin a halin yanzu yana samuwa ne kawai don ma'ajiyar bayanai tare da lamba a JavaScript da TypeScript. An lura cewa yin amfani da tsarin koyo na na'ura ya ba da damar fadada kewayon matsalolin da aka gano, yayin da ake nazarin tsarin ba a iyakance shi ga duba samfurori masu kyau ba kuma ba a haɗa shi da sanannun tsarin ba. Daga cikin matsalolin da sabon tsarin ya gano, an ambaci kurakurai da ke haifar da rubutun giciye (XSS), karkatar da hanyoyin fayil (misali, ta hanyar nunin "/ ..."), maye gurbin tambayoyin SQL da NoSQL.
Sabis ɗin duba lambar yana ba ku damar gano lahani a farkon matakin haɓakawa ta hanyar bincika kowane aikin "git push" don matsalolin matsaloli. Sakamakon yana haɗe kai tsaye zuwa buƙatar ja. A baya can, an gudanar da rajistan ta hanyar amfani da injin CodeQL, wanda ke nazarin samfura tare da misalan misalan lambobi masu rauni (CodeQL yana ba ku damar ƙirƙirar samfuri mai rauni don gano kasancewar irin wannan rauni a cikin lambar sauran ayyukan). Sabuwar injin, wanda ke amfani da koyan na'ura, zai iya gano raunin da ba a san shi ba a baya saboda ba a haɗa shi da ƙididdige samfuran lambobin da ke bayyana takamaiman lahani ba. Farashin wannan fasalin shine haɓakawa a cikin adadin ƙididdiga na ƙarya idan aka kwatanta da binciken tushen CodeQL.
source: budenet.ru