Semgrep
Semgrep shipped a string of performance improvements and pro-tier enhancements across the interfile analysis stack. The team redesigned pro taint analysis with an estimated 20-40% performance lift, parallelized taint config computation and file targeting to scale with job count, and adjusted the memory policy default from "eager" to "balanced" to reduce scan times at the cost of slightly higher memory use. Language support expanded with PowerShell (beta), improved Kotlin parsing, and better Scala 3 optional braces handling, while cross-file tracking grew smarter for taint through lambda calls, globals, and virtual method resolution in Java and Scala. The supply chain subsystem migrated its npm lock file parser from Python to a proprietary OCaml version and now uploads symbol analysis per-subproject.
March expanded pattern matching capabilities and language support while optimizing the analysis engine. Taint tracking through lambda calls and cross-file globals improved for Pro users, class name matching with metavariable-type graduated to general availability, and PowerShell entered beta with full parsing and pattern matching support. Performance work included parallelized file targeting for large repositories and a memory policy shift to "balanced" that trades modest memory overhead for notably faster scans.