-
Notifications
You must be signed in to change notification settings - Fork 226
Open
Description
Pydantic throws an error for "extra inputs" when starting the program. This happened already with a previous release, but just with Ollama and Gemini being added on the .env, now it happens with several options in the .env. Here is the error:
Traceback (most recent call last):
File "/usr/bin/uvicorn", line 8, in <module>
sys.exit(main())
~~~~^^
File "/usr/lib/python3/dist-packages/click/core.py", line 1161, in __call__
return self.main(*args, **kwargs)
~~~~~~~~~^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/click/core.py", line 1082, in main
rv = self.invoke(ctx)
File "/usr/lib/python3/dist-packages/click/core.py", line 1443, in invoke
return ctx.invoke(self.callback, **ctx.params)
~~~~~~~~~~^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/click/core.py", line 788, in invoke
return __callback(*args, **kwargs)
File "/usr/lib/python3/dist-packages/uvicorn/main.py", line 423, in main
run(
~~~^
app,
^^^^
...<46 lines>...
h11_max_incomplete_event_size=h11_max_incomplete_event_size,
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
)
^
File "/usr/lib/python3/dist-packages/uvicorn/main.py", line 593, in run
server.run()
~~~~~~~~~~^^
File "/usr/lib/python3/dist-packages/uvicorn/server.py", line 67, in run
return asyncio_run(self.serve(sockets=sockets), loop_factory=self.config.get_loop_factory())
File "/usr/lib/python3.13/asyncio/runners.py", line 195, in run
return runner.run(main)
~~~~~~~~~~^^^^^^
File "/usr/lib/python3.13/asyncio/runners.py", line 118, in run
return self._loop.run_until_complete(task)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~^^^^^^
File "uvloop/loop.pyx", line 1518, in uvloop.loop.Loop.run_until_complete
File "/usr/lib/python3/dist-packages/uvicorn/server.py", line 71, in serve
await self._serve(sockets)
File "/usr/lib/python3/dist-packages/uvicorn/server.py", line 78, in _serve
config.load()
~~~~~~~~~~~^^
File "/usr/lib/python3/dist-packages/uvicorn/config.py", line 439, in load
self.loaded_app = import_from_string(self.app)
~~~~~~~~~~~~~~~~~~^^^^^^^^^^
File "/usr/lib/python3/dist-packages/uvicorn/importer.py", line 19, in import_from_string
module = importlib.import_module(module_str)
File "/usr/lib/python3.13/importlib/__init__.py", line 88, in import_module
return _bootstrap._gcd_import(name[level:], package, level)
~~~~~~~~~~~~~~~~~~~~~~^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "<frozen importlib._bootstrap>", line 1387, in _gcd_import
File "<frozen importlib._bootstrap>", line 1360, in _find_and_load
File "<frozen importlib._bootstrap>", line 1331, in _find_and_load_unlocked
File "<frozen importlib._bootstrap>", line 935, in _load_unlocked
File "<frozen importlib._bootstrap_external>", line 1023, in exec_module
File "<frozen importlib._bootstrap>", line 488, in _call_with_frames_removed
File "/home/alumno/Escritorio/NeuroSploit/backend/main.py", line 12, in <module>
from backend.config import settings
File "/home/alumno/Escritorio/NeuroSploit/backend/config.py", line 78, in <module>
settings = Settings()
File "/usr/lib/python3/dist-packages/pydantic_settings/main.py", line 194, in __init__
super().__init__(
~~~~~~~~~~~~~~~~^
**__pydantic_self__._settings_build_values(
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
...<27 lines>...
)
^
)
^
File "/usr/lib/python3/dist-packages/pydantic/main.py", line 250, in __init__
validated_self = self.__pydantic_validator__.validate_python(data, self_instance=self)
pydantic_core._pydantic_core.ValidationError: 5 validation errors for Settings
OLLAMA_BASE_URL
Extra inputs are not permitted [type=extra_forbidden, input_value='http://localhost:11434', input_type=str]
For further information visit https://errors.pydantic.dev/2.12/v/extra_forbidden
ENABLE_REASONING
Extra inputs are not permitted [type=extra_forbidden, input_value='true', input_type=str]
For further information visit https://errors.pydantic.dev/2.12/v/extra_forbidden
ENABLE_CVE_HUNT
Extra inputs are not permitted [type=extra_forbidden, input_value='true', input_type=str]
For further information visit https://errors.pydantic.dev/2.12/v/extra_forbidden
ENABLE_MULTI_AGENT
Extra inputs are not permitted [type=extra_forbidden, input_value='false', input_type=str]
For further information visit https://errors.pydantic.dev/2.12/v/extra_forbidden
ENABLE_RESEARCHER_AI
Extra inputs are not permitted [type=extra_forbidden, input_value='true', input_type=str]
For further information visit https://errors.pydantic.dev/2.12/v/extra_forbidden
This is my .env
# NeuroSploit v3 Environment Variables
# =====================================
# Copy this file to .env and configure your API keys
#
# IMPORTANT: You MUST set at least one LLM API key for the AI agent to work!
#
# =============================================================================
# LLM API Keys (REQUIRED - at least one must be set)
# =============================================================================
# Get your Claude API key at: https://console.anthropic.com/
ANTHROPIC_API_KEY=API-KEY
# OpenAI: https://platform.openai.com/api-keys
OPENAI_API_KEY=API-KEY
# Google Gemini: https://aistudio.google.com/app/apikey
GEMINI_API_KEY=API-KEY
# OpenRouter (multi-model): https://openrouter.ai/keys
OPENROUTER_API_KEY=API-KEY
# Together AI: https://api.together.xyz/settings/api-keys
TOGETHER_API_KEY=
# Fireworks AI: https://fireworks.ai/account/api-keys
FIREWORKS_API_KEY=
# =============================================================================
# Local LLM (optional - no API key needed)
# =============================================================================
# Ollama: https://ollama.ai
OLLAMA_BASE_URL=http://localhost:11434
# LM Studio: https://lmstudio.ai
#LMSTUDIO_BASE_URL=http://localhost:1234
# =============================================================================
# LLM Configuration
# =============================================================================
# Max output tokens (up to 64000 for Claude). Comment out for profile defaults.
#MAX_OUTPUT_TOKENS=64000
# Select specific model name (e.g., claude-sonnet-4-20250514, gpt-4o, llama3.2, qwen2.5)
# Leave empty for provider default
#DEFAULT_LLM_MODEL=
# Enable task-type model routing (routes to different LLM profiles per task)
ENABLE_MODEL_ROUTING=false
# =============================================================================
# Feature Flags
# =============================================================================
# Bug bounty dataset cognitive augmentation
ENABLE_KNOWLEDGE_AUGMENTATION=false
# Playwright browser-based validation + screenshot capture
ENABLE_BROWSER_VALIDATION=false
# =============================================================================
# Agent Autonomy (Phase 1-5 modules)
# =============================================================================
# Token budget per scan (limits total LLM tokens). Comment out for unlimited.
#TOKEN_BUDGET=100000
# Enable AI reasoning engine (think/plan/reflect at checkpoints)
ENABLE_REASONING=true
# Enable CVE/exploit search (NVD API + GitHub)
ENABLE_CVE_HUNT=true
# NVD API key for higher rate limits: https://nvd.nist.gov/developers/request-an-api-key
#NVD_API_KEY=
# GitHub token for exploit search (optional, increases rate limit)
#GITHUB_TOKEN=
# Enable multi-agent orchestration (replaces default 3-stream architecture)
# WARNING: Experimental - uses specialist agents instead of parallel streams
ENABLE_MULTI_AGENT=false
# Enable AI Researcher agent (0-day discovery with Kali sandbox)
# Requires enable_kali_sandbox=true per scan (frontend checkbox)
ENABLE_RESEARCHER_AI=true
# CLI Agent (AI CLI tools inside Kali sandbox)
# Runs Claude Code / Gemini CLI / Codex CLI inside Kali container as pentest engine
#ENABLE_CLI_AGENT=true
#CLI_AGENT_MAX_RUNTIME=1800
#CLI_AGENT_DEFAULT_PROVIDER=claude_code
# Kali sandbox Docker image name
#KALI_SANDBOX_IMAGE=neurosploit-kali:latest
# =============================================================================
# Smart Router (OAuth + API provider routing)
# =============================================================================
# Enable Smart Router for automatic provider failover and CLI OAuth token reuse
#ENABLE_SMART_ROUTER=true
# =============================================================================
# RAG System (Retrieval-Augmented Generation)
# =============================================================================
# Enable RAG for semantic search over vuln knowledge, bug bounty data, etc.
ENABLE_RAG=true
# RAG backend: auto (best available), chromadb, tfidf, bm25
RAG_BACKEND=auto
# =============================================================================
# Methodology File (deep injection into agent prompts)
# =============================================================================
# Path to .md methodology file (FASE-based pentest methodology)
#METHODOLOGY_FILE=/opt/Prompts-PenTest/pentestcompleto_en.md
# =============================================================================
# Vuln Type Agents (per-vuln parallel orchestration)
# =============================================================================
# Enable parallel per-vuln-type specialist agents
ENABLE_VULN_AGENTS=false
# =============================================================================
# Notifications (multi-channel scan alerts)
# =============================================================================
#ENABLE_NOTIFICATIONS=false
#NOTIFICATION_SEVERITY_FILTER=critical,high
# Discord webhook for scan alerts
#DISCORD_WEBHOOK_URL=
# Telegram bot alerts
#TELEGRAM_BOT_TOKEN=
#TELEGRAM_CHAT_ID=
# WhatsApp/Twilio alerts
#TWILIO_ACCOUNT_SID=
#TWILIO_AUTH_TOKEN=
#TWILIO_FROM_NUMBER=
#TWILIO_TO_NUMBER=
# =============================================================================
# Database (default is SQLite - no config needed)
# =============================================================================
DATABASE_URL=sqlite+aiosqlite:///./data/neurosploit.db
# =============================================================================
# Server Configuration
# =============================================================================
HOST=0.0.0.0
PORT=8000
DEBUG=false
I could "fix" it by going to Neurosploit/backend/config.py and modifying this
class Config:
env_file = ".env"
case_sensitive = True
extra = "ignore" <----- Added this line (per someone else's issue "fix")
After which it let me start the program with the given .env
I would fix it and make a PR, but I don't know enough Python to check whether it's just the fix I found, or would have to change more code.
Reactions are currently unavailable
Metadata
Metadata
Assignees
Labels
No labels