Configuration
Configure Alprina to match your workflow.
Configuration File
Create ~/.alprina/config.yml:
config.yml
# Global configuration
default_profile: "default"
output_format: "text"
verbose: false
# LLM Provider (optional)
llm_provider: "openai" # or "anthropic", "ollama"
# Authentication
api_key: "${ALPRINA_API_KEY}" # Use environment variable
# Scan settings
scan:
safe_only: true
max_file_size: "10MB"
exclude_patterns:
- "node_modules/**"
- ".git/**"
- "**/*.min.js"
# Report settings
report:
format: "html"
output_dir: "~/.alprina/out"
open_browser: trueEnvironment Variables
Set these in your shell profile:
# Authentication
export ALPRINA_API_KEY="your-api-key-here"
# LLM Provider (optional)
export OPENAI_API_KEY="sk-..."
# OR
export ANTHROPIC_API_KEY="sk-ant-..."
# OR
export ALPRINA_LLM_PROVIDER="ollama"
# Backend URL (optional)
export ALPRINA_BACKEND="https://api.alprina.com"Command-Line Flags
Override configuration with flags:
alprina scan ./src \\
--profile code-audit \\
--output json \\
--verboseProfiles
Create custom scan profiles in ~/.alprina/profiles/:
~/.alprina/profiles/strict.yml
name: "strict"
description: "Strict security scanning"
agents:
- "secret-detector"
- "sql-injection"
- "xss-detector"
- "csrf-detector"
options:
fail_on: "medium" # Fail on medium+ severity
safe_only: trueUse a profile:
alprina scan ./src --profile strictNext Steps
- CLI Reference - All commands
- Security Policies - Custom rules
- Advanced Configuration - Power user features
Last updated on