Hey HN, I built foxguard because most security scanners use bloated python to use locally. Semgrep takes 10-30s on a medium repo. foxguard finishes in under a second on the same codebase (61x faster on the express codebase for example).
It's a Rust binary using tree-sitter for AST parsing and rayon for parallelism. 100+ built-in rules across JS/TS, Python, Go, Ruby, Java, PHP, Rust, C#, Swift. No JVM, no Python runtime, no network calls.
The idea:
if your security scanner is fast enough to run on every save (not just in CI), people might actually use it.
> npx foxguard .
to try it
Happy to answer questions about the tree-sitter approach, rule implementation, or the Semgrep compatibility layer.
It's a Rust binary using tree-sitter for AST parsing and rayon for parallelism. 100+ built-in rules across JS/TS, Python, Go, Ruby, Java, PHP, Rust, C#, Swift. No JVM, no Python runtime, no network calls.
The idea: if your security scanner is fast enough to run on every save (not just in CI), people might actually use it.
> npx foxguard . to try it
Happy to answer questions about the tree-sitter approach, rule implementation, or the Semgrep compatibility layer.