Feat/configurable sanitizers and js precision (#32)

* chore: Exclude CLAUDE.md from Cargo.toml

* feat: Add configurable analysis rules and CLI commands for custom sanitizers and terminators

* feat: Enhance resource management and analysis efficiency

- Implemented parallel summary merging in `scan_filesystem` using rayon for improved performance.
- Introduced `GlobalSummaries::merge()` for efficient merging of summaries.
- Optimized file reading and hashing to eliminate redundant I/O operations.
- Added `should_scan_with_hash()` and `upsert_file_with_hash()` methods to streamline file processing.
- Enhanced taint analysis with in-place mutations to reduce memory allocations.
- Updated resource acquisition patterns to exclude false positives for `freopen` and wrapper functions.

* feat: Implement severity downgrade for findings in non-production paths and add source kind inference

* feat: Update versioning information in SECURITY.md for new stable line

* feat: Update categories in Cargo.toml to include parser-implementations and text-processing

* feat: Update dependencies in Cargo.lock for improved compatibility and performance

* feat: Update dependencies in Cargo.lock and Cargo.toml for improved compatibility

src/labels/python.rs

@@ -22,6 +22,19 @@ pub static RULES: &[LabelRule] = &[
         matchers: &["sys.argv"],
         label: DataLabel::Source(Cap::all()),
     },
+    LabelRule {
+        matchers: &["open"],
+        label: DataLabel::Source(Cap::all()),
+    },
+    LabelRule {
+        matchers: &[
+            "argparse.parse_args",
+            "urllib.request.urlopen",
+            "requests.get",
+            "requests.post",
+        ],
+        label: DataLabel::Source(Cap::all()),
+    },
     // ───────── Sanitizers ──────────
     LabelRule {
         matchers: &["html.escape"],