Show HN: I wrote a Semgrep alternative in Rust with cross-file taint tracking

  • Posted 3 hours ago by bumahkib7
  • 1 points
https://github.com/bumahkib7/rust-monorepo-analyzer
I built RMA because I was frustrated with Semgrep's single-file limitation. Most real vulnerabilities span multiple files — HTTP handler receives input in Controller.java, passes it through a service layer, and it ends up in a raw SQL query in Repository.java. Semgrep can't see that chain. RMA can. Technical details:

Written in Rust, uses tree-sitter for parsing Cross-file taint propagation with BFS (max depth 15) 647 Semgrep rules pre-compiled at build time Supports 28 languages, 20+ frameworks (Spring, Django, Express, etc.) SARIF output for GitHub Security tab integration Sub-500ms for 100k lines

I scanned Spring Boot's own framework source and found 36 cross-file data flows including 8 SQL injection paths. Not toy examples — real multi-hop flows across 5-15 files. It's free and open source. Happy to answer questions about the taint analysis implementation or anything else.

0 comments