Facebook vula i-analyzer emile (I-Python Static Analyzer), eklanyelwe ukukhomba ubungozi obungaba khona kukhodi yePython. I-analyzer entsha idizayinelwe njengesengezo kukhithi yamathuluzi yokuhlola uhlobo futhi ibekwe endaweni yakhe yokugcina. Ikhodi ngaphansi kwelayisensi ye-MIT.
I-Pysa ihlinzeka ngokuhlaziywa kokugeleza kwedatha njengomphumela wokwenziwa kwekhodi, okukuvumela ukuthi ukhombe ubungozi obuningi obunamandla nezinkinga zobumfihlo ezihlobene nokusebenzisa idatha ezindaweni lapho kungafanele ivele khona.
Isibonelo, i-Pysa ingakwazi ukulandelela ukusetshenziswa kwedatha yangaphandle eluhlaza kumakholi aqala izinhlelo zangaphandle, ekusebenzeni kwamafayela, kanye nasekwakheni kwe-SQL.
Umsebenzi wokuhlaziya wehlela ekuhlonzeni imithombo yedatha namakholi ayingozi lapho idatha yoqobo akufanele isetshenziswe khona. Idatha evela kuzicelo zewebhu (isibonelo, isichazamazwi se-HttpRequest.GET ngesi-Django) ithathwa njengomthombo, futhi amakholi afana ne-eval ne-os.open abhekwa njengokusetshenziswa okuyingozi. I-Pysa ilandelela ukuhamba kwedatha ngochungechunge lwezingcingo zokusebenza futhi ihlobanise idatha yomthombo nezindawo ezingaba yingozi kukhodi. Ukuba sengozini okujwayelekile okuhlonzwe kusetshenziswa i-Pysa kuyinkinga evulekile yokuqondisa kabusha () endaweni yemiyalezo ye-Zulip, ebangelwa ukudlulisa amapharamitha angaphandle angcolile lapho unikeza izithonjana.
Amandla okulandelela ukugeleza kwedatha ye-Pysa angakwazi ukuze kuqinisekiswe ukusetshenziswa okulungile kwezinhlaka ezengeziwe kanye nokunquma ukuthobela inqubomgomo yokusetshenziswa kwedatha yomsebenzisi. Isibonelo, i-Pysa ngaphandle kwezilungiselelo ezengeziwe ingasetshenziswa ukuhlola amaphrojekthi usebenzisa uhlaka lwe-Django ne-Tornado. I-Pysa ingakwazi futhi ukubona ubungozi obuvamile ezinhlelweni zokusebenza zewebhu, ezifana nomjovo we-SQL kanye ne-cross-site scripting (XSS).
Ku-Facebook, i-analyzer isetshenziselwa ukuhlola ikhodi yesevisi ye-Instagram. Ngekota yokuqala ka-2020, uPysa usize ukuhlonza ama-44% azo zonke izinkinga onjiniyela be-Facebook abatholakala ku-codebase eseceleni ye-Instagram.
Sekukonke, inqubo yokubuyekeza izinguquko ezizenzakalelayo ye-Pysa ihlonze izingqinamba ezingama-330, kuzo ezingama-49 (15%) zilinganiswe njengezinkulu nezingu-131 (40%) njengezinganzima. Emacaleni angu-150 (45%) izinkinga zichazwe njengemibono engamanga.
Source: opennet.ru