~8,500 lines of near-identical taint analysis spread across three files:
- `javascript_taint.rs`
- `python_taint.rs`
- `go_taint.rs`
`javascript_taint.rs` already notes it was "ported from python_taint.rs" and that "a future refactor is cheap."
Approach
- Extract shared traversal, propagation, and source/sink matching into a generic taint engine
- Language-specific files provide source/sink definitions and AST adapters
- Also addresses the 56 `.clone()` calls in `javascript_taint.rs` — many exist because ownership isn't structured for the shared traversal pattern
~8,500 lines of near-identical taint analysis spread across three files:
`javascript_taint.rs` already notes it was "ported from python_taint.rs" and that "a future refactor is cheap."
Approach