Code Change Risk Visualization and Quality Assurance Practices at Meituan

1 Software System Risk and Change

Change drives software evolution but also creates risk. The article classifies three change dimensions—infra, external, and internal—and lists typical incidents such as fiber cuts, Gmail feature side‑effects, Knight code upgrades, configuration errors, and accidental data deletions. In Meituan's massive "to‑home" traffic system, these risks amplify, affecting many stakeholders across micro‑service architectures.

Because internal changes are the most frequent source of failures, the team focuses on code‑change risk as the core quality‑building target.

2 Houyi Code‑Change Risk Visualization System Construction

Traditional testing lacks comprehensive code‑change visibility and relies heavily on developer and QA experience. The solution is built in three stages: (1) perception of all code changes across various project structures, (2) feature extraction and labeling of changed code, and (3) embedding the capability into all testing pipelines for continuous quality defense.

The resulting system, named Houyi (after the archer), consists of four layers:

Foundation component layer.

Code analysis layer for precise change detection across code forms.

Feature‑tagging layer for structured annotation of code.

Business‑application layer that integrates visualization into various stages, providing a complete risk‑interception capability.

Houyi also offers Open API access to share its insights with other internal tools.

Key workflow: asynchronous tasks fetch changed files, methods, and line numbers; bytecode parsing builds call‑graph data stored in a graph database; features are tagged; a visual analysis report is generated for QA.

3 Houyi System Practice

Eight core application scenarios are deployed:

Technical‑plan calibration diagnostics.

Enhanced Code Review.

Change impact assessment.

Interface‑level test‑case recommendation.

Configuration‑change risk diagnosis.

Compatibility‑risk diagnosis.

Code‑feature risk alerts.

Open API exposure.

Examples include detecting missing items in technical plans, generating diff reports, and providing QA with actionable diagnostics.

In Code Review, Houyi extracts changed methods, variables, and associated risk features, offers upstream/downstream jump links, and renders call‑topology graphs to surface impact quickly.

Impact assessment covers basic code attributes, support for HTTP/RPC/JAR, generic risk patterns (e.g., transaction recursion), custom business‑specific risks (permissions, algorithms), single‑service impact, and cross‑service impact, delivering precise influence maps.

Configuration‑change risk diagnosis identifies added or modified configs, evaluates downstream interfaces, messages, and scheduled tasks, and measures test‑coverage using traffic recording.

Compatibility diagnosis flags field additions, type changes, and indirect VO‑class modifications, providing pre‑emptive alerts.

Automated test‑case recommendation links changed interfaces to relevant existing automated cases.

Feature‑risk alerts handle special scenarios such as financial‑loss logic, pagination, and retry mechanisms, with both generic models and business‑specific strategies.

Open API enables other platforms—interface management, code‑coverage, anomaly testing, delivery, and automation—to consume Houyi insights.

4 Future Plans and Outlook

Four directions are outlined:

Enhance code‑analysis with dynamic link tracing.

Leverage large language models for risk‑feature identification and test‑strategy recommendation.

Expand the ecosystem of application scenarios across testing stages.

Open‑source the core capabilities for broader community benefit.

5 Q&A

Analysis report generation takes 1‑2 minutes per iteration batch.

Call‑graph topology is built using AST, ASM, and supplemental Mtrace data.

Cross‑module service calls (HTTP → RPC) are recognized.

Risk tags (e.g., financial loss, configuration) help prioritize testing; DB changes are detected via MyBatis mapper scanning.

Case recommendation currently returns single‑interface test cases.

Analysis of a single codebase also takes 1‑2 minutes.

Key benefits include intercepting compatibility bugs, configuration errors, and providing rapid impact visualization.

The platform does not affect online service availability; it analyzes deployed JARs offline.

Core techniques rely on AST/ASM; challenges lie in broad language support and precise feature recognition.

Large call graphs are aggregated for readability; Java is the primary focus.

Upstream/downstream impact detection is supported.

Pre‑embedded code without callers ("dead code") is flagged as a potential risk.

Houyi can be used in both pre‑deployment (admission) and post‑deployment (release) phases.

Noise is mitigated, achieving >98% interface recognition accuracy.