Add multi-language AST-pattern scanning support

- Introduced `patterns` module with language-specific vulnerability patterns. - Added `query_cache` utility for caching compiled queries. - Expanded `scan.rs` to support scanning multiple languages dynamically. - Updated `Cargo.toml` with additional tree-sitter dependencies. - Added severity filtering to `ScannerConfig` for better configuration.
2026-06-09 19:45:13 +02:00 · 2025-06-17 01:17:48 +02:00 · 2025-06-17 01:17:48 +02:00 · 22369cc404
commit 22369cc404
parent 0831b9fb48
17 changed files with 665 additions and 25 deletions
--- a/src/utils/query_cache.rs
+++ b/src/utils/query_cache.rs
@ -0,0 +1,37 @@
+use std::collections::HashMap;
+use std::sync::{Arc, RwLock};
+
+use once_cell::sync::Lazy;
+use tree_sitter::{Language, Query};
+
+use crate::patterns::{self, Pattern};
+
+#[derive(Clone)]
+pub struct CompiledQuery {
+  pub meta: Pattern,
+  pub query: Arc<Query>,         
+}
+
+static CACHE: Lazy<RwLock<HashMap<&'static str, Vec<CompiledQuery>>>> =
+  Lazy::new(|| RwLock::new(HashMap::new()));
+
+pub fn for_lang(lang: &'static str, ts_lang: Language) -> Vec<CompiledQuery> {
+  // fast-path read
+  if let Some(v) = CACHE.read().unwrap().get(lang) {
+    return v.clone();
+  }
+
+  // compile under write-lock exactly once
+  let patterns = patterns::load(lang);
+  let mut vec = Vec::with_capacity(patterns.len());
+
+  for p in patterns {
+    match Query::new(&ts_lang, p.query) {
+      Ok(q) => vec.push(CompiledQuery { meta: p, query: Arc::new(q) }),
+      Err(e) => tracing::warn!(lang, id = p.id, "query compile error: {e}"),
+    }
+  }
+
+  CACHE.write().unwrap().insert(lang, vec.clone());
+  vec
+}