refactor: move threshold configuration to defaults.ini

AmineRaouane · AmineRaouane · commit d0a0d65939cc · 2025-09-06T02:31:12.000+01:00
Signed-off-by: Amine &lt;amine.raouane@enim.ac.ma&gt;
diff --git a/src/macaron/config/defaults.ini b/src/macaron/config/defaults.ini
@@ -609,6 +609,9 @@ popular_packages_path =
 # A boolean value that determines whether to check the deliverability of the email address.
 check_deliverability = True
 
+# The threshold for a package's description score to be considered secure.
+score_threshold = 70
+
 # ==== The following sections are for source code analysis using Semgrep ====
 # rulesets: a reference to a 'ruleset' in this section refers to a Semgrep .yaml file containing one or more rules.
 # rules: a reference to a 'rule' in this section refers to an individual rule ID, specified by the '- id:' field in
diff --git a/src/macaron/malware_analyzer/pypi_heuristics/metadata/inconsistent_description.py b/src/macaron/malware_analyzer/pypi_heuristics/metadata/inconsistent_description.py
@@ -6,6 +6,7 @@
 import logging
 
 from macaron.ai.clients.ai_factory import AIClientFactory
+from macaron.config.defaults import defaults
 from macaron.errors import HeuristicAnalyzerValueError
 from macaron.json_tools import JsonType, json_extract
 from macaron.malware_analyzer.pypi_heuristics.base_analyzer import BaseHeuristicAnalyzer
@@ -35,8 +36,6 @@ class InconsistentDescriptionAnalyzer(BaseHeuristicAnalyzer):
     }
     """
 
-    THRESHOLD = 60
-
     RESPONSE_FORMAT = {
         "type": "json_schema",
         "json_schema": {
@@ -65,9 +64,18 @@ def __init__(self) -> None:
         super().__init__(
             name="inconsistent_description_analyzer", heuristic=Heuristics.INCONSISTENT_DESCRIPTION, depends_on=None
         )
+        self.threshold = self._load_defaults()
         factory = AIClientFactory()
         self.client = factory.create_client(self.SYSTEM_PROMPT.strip())
 
+    def _load_defaults(self) -> int:
+        """Load the default values from defaults.ini."""
+        section_name = "heuristic.pypi"
+        if defaults.has_section(section_name):
+            section = defaults[section_name]
+            return section.getint("score_threshold", 70)
+        return 70
+
     def analyze(self, pypi_package_json: PyPIPackageJsonAsset) -> tuple[HeuristicResult, dict[str, JsonType]]:
         """Analyze the package.
 
@@ -100,7 +108,7 @@ def analyze(self, pypi_package_json: PyPIPackageJsonAsset) -> tuple[HeuristicRes
             response_format=self.RESPONSE_FORMAT,
         )
 
-        if analysis_result["score"] < self.THRESHOLD:
+        if analysis_result["score"] < self.threshold:
             return HeuristicResult.FAIL, {
                 "message": f"inconsistent description with score {analysis_result['score']}. because {analysis_result['reason']}"
             }
