forked from BradMoonUESTC/finite-monkey-engine
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathenv.example
More file actions
134 lines (107 loc) · 5.41 KB
/
env.example
File metadata and controls
134 lines (107 loc) · 5.41 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
# ===============================================
# Finite Monkey Engine 环境配置文件
# Environment Configuration for Finite Monkey Engine
# ===============================================
# 数据库连接URL,使用PostgreSQL数据库
# Database connection URL using PostgreSQL
DATABASE_URL=postgresql://postgres:1234@127.0.0.1:5432/postgres
# ===============================================
# AI模型配置 / AI Model Configuration
# ===============================================
# OpenAI API基础URL
# OpenAI API base URL
OPENAI_API_BASE="api.openai-proxy.org"
# OpenAI API密钥
# OpenAI API key
OPENAI_API_KEY="sk-xxxxx"
# ===============================================
# 扫描模式配置 / Scan Mode Configuration
# ===============================================
# 扫描模式设置
# Scan mode setting
# / PURE_SCAN(纯扫描)
# / COMMON_PROJECT_FINE_GRAINED(通用项目CHECKLIST逐个提问)(成本提升10倍)
# Available options: PURE_SCAN / COMMON_PROJECT_FINE_GRAINED
SCAN_MODE=COMMON_PROJECT_FINE_GRAINED
SCAN_MODE_AVA=False
# 是否启用单文件扫描模式
# Whether to enable single file scan mode
# true: 以文件为单位进行扫描,不获取函数的downstream上下文,不使用RAG
# 每个文件作为一个完整的business_flow_code进行扫描和验证
# false: 以函数为单位进行扫描,使用call tree获取downstream上下文,使用RAG增强
# 适用范围:PURE_SCAN 和 COMMON_PROJECT_FINE_GRAINED 模式
# Note: When enabled, RAG is disabled and no downstream context is fetched
SINGLE_FILE_MODE=false
# 是否启用复杂度过滤功能(基于圈复杂度和认知复杂度过滤简单函数)
# Whether to enable complexity filtering (filter simple functions based on cyclomatic and cognitive complexity)
# true: 启用复杂度过滤,跳过简单函数(认知复杂度低且圈复杂度低)
# false: 禁用复杂度过滤,不基于复杂度跳过函数
ENABLE_COMPLEXITY_FILTER=true
# 函数长度过滤阈值(字符数)
# Function length filter threshold (in characters)
# 函数内容长度小于此值的函数将被跳过(独立于ENABLE_COMPLEXITY_FILTER)
# Functions with content length less than this value will be skipped (independent of ENABLE_COMPLEXITY_FILTER)
# 设置为0表示不进行长度过滤
# Set to 0 to disable length filtering
#
# 配置组合示例:
# ENABLE_COMPLEXITY_FILTER=true, MIN_FUNCTION_LENGTH=50 → 同时使用复杂度和长度过滤
# ENABLE_COMPLEXITY_FILTER=false, MIN_FUNCTION_LENGTH=200 → 只使用长度过滤(>200字符)
# ENABLE_COMPLEXITY_FILTER=true, MIN_FUNCTION_LENGTH=0 → 只使用复杂度过滤
# ENABLE_COMPLEXITY_FILTER=false, MIN_FUNCTION_LENGTH=0 → 禁用所有过滤
MIN_FUNCTION_LENGTH=50
# ===============================================
# 性能调优配置 / Performance Tuning Configuration
# ===============================================
# 扫描阶段的最大线程数
# Maximum number of threads for scanning phase
MAX_THREADS_OF_SCAN=10
# 确认阶段的最大线程数
# Maximum number of threads for confirmation phase
MAX_THREADS_OF_CONFIRMATION=50
# 业务流程重复数量(触发幻觉的数量,数字越大幻觉越多,输出越多,时间越长)
# Business flow repeat count (number of hallucinations triggered, higher number means more hallucinations, more output, longer time)
BUSINESS_FLOW_COUNT=4
# ===============================================
# 高级功能配置 / Advanced Feature Configuration
# ===============================================
# 忽略的文件夹(逗号分隔)
# Folders to ignore (comma-separated)
IGNORE_FOLDERS=node_modules,build,dist,test,tests,.git
# ===============================================
# 检查清单配置 / Checklist Configuration
# ===============================================
# 检查清单文件路径
# Path to checklist file
CHECKLIST_PATH=src/knowledges/checklist.xlsx
# 检查清单工作表名称
# Checklist worksheet name
CHECKLIST_SHEET=Sheet1
# ===============================================
# Reasoning配置 / Reasoning Configuration
# ===============================================
# 是否在推理阶段启用同组总结
# Whether to enable group summary in reasoning phase
# True: 将同组已完成任务的结果总结放入prompt中
# False: 每一轮都是新的提问,不使用历史总结
SUMMARY_IN_REASONING=True
# 是否在推理阶段启用项目设计文档上下文
# Whether to enable project design document context in reasoning phase
# True: 将项目设计文档内容添加到漏洞检测prompt中,提供更丰富的上下文
# False: 不使用设计文档,仅使用代码本身进行扫描
ENABLE_DESIGN_DOC_CONTEXT=False
# 项目设计文档路径
# Path to project design document
# 设计文档应该包含项目的核心设计思路、架构说明、业务逻辑等
# 这些信息将帮助AI更好地理解项目意图,从而提供更准确的漏洞检测
PROJECT_DESIGN_DOC_PATH=project_design.md
# 是否启用固定不变量检查
# Whether to enable fixed invariants checking
# True: 将固定不变量添加到每个任务的检查列表中
# False: 不使用固定不变量,仅检查动态生成的assumption/invariant
ENABLE_FIXED_INVARIANTS=False
# 固定不变量文件路径
# Path to fixed invariants file
# 固定不变量是需要在所有任务中检查的通用属性
# 这些不变量会自动添加到每个扫描任务的检查列表中
FIXED_INVARIANTS_PATH=fixed_invariants.md