From 6126cfef36d4847d68b6a9839bc4448ec8468e8e Mon Sep 17 00:00:00 2001
From: elipeter <eli.peter@es.fcm.travel>
Date: Tue, 17 Jun 2025 11:20:19 +0200
Subject: [PATCH] Expand README with detailed project description, features,
 usage examples, configuration guide, and license section. Add new TypeScript
 vulnerability patterns to improve scanning capabilities.

---
 README.md                  | 130 +++++++++++++++++++++++++++++++++++++
 src/patterns/typescript.rs |  60 +++++++++++++++++
 2 files changed, 190 insertions(+)

diff --git a/README.md b/README.md
index 8b137891..8cbcad06 100644
--- a/README.md
+++ b/README.md
@@ -1 +1,131 @@
 
+
+# Nyx - Lightweight Multi-Language Vulnerability Scanner
+
+Nyx is a lightweight Rust CLI tool for scanning code across multiple programming languages to detect potential vulnerabilities and code quality issues. It works by converting source code to Abstract Syntax Trees (ASTs), analyzing control flow graphs, performing taint analysis, and searching for common vulnerability patterns.
+
+## Features
+
+- **Fast and Lightweight**: Written in Rust for optimal performance
+- **Multi-Language Support**: Scans code in multiple programming languages
+- **AST-Based Analysis**: Uses tree-sitter for accurate code parsing
+- **Project Indexing**: Maintains an index to avoid rescanning unchanged files
+- **Configurable**: Extensive configuration options for customizing scans
+- **Multiple Output Formats**: Supports table, JSON, CSV, and SARIF output formats
+
+## Installation
+
+### From Source
+
+```bash
+# Clone the repository
+git clone https://github.com/yourusername/nyx.git
+cd nyx
+
+# Build the project
+cargo build --release
+
+# Install the binary
+cargo install --path .
+```
+
+## Usage
+
+### Basic Scanning
+
+```bash
+# Scan the current directory
+nyx scan
+
+# Scan a specific directory
+nyx scan /path/to/project
+
+# Scan with specific output format
+nyx scan --format json
+
+# Scan only for high severity issues
+nyx scan --high-only
+```
+
+### Managing Project Indexes
+
+```bash
+# Build or update index for current project
+nyx index build
+
+# Force rebuild index
+nyx index build --force
+
+# Show index status
+nyx index status
+
+# List all indexed projects
+nyx list
+
+# List all indexed projects with details
+nyx list --verbose
+
+# Remove a project from index
+nyx clean project-name
+
+# Clean all projects
+nyx clean --all
+```
+
+## Supported Languages
+
+Nyx currently supports scanning code in the following languages:
+
+- Rust
+- C
+- C++
+- Java
+- Go
+- PHP
+- Python
+- TypeScript
+- JavaScript
+
+## How It Works
+
+1. **Code Traversal**: Nyx walks through your project's directory structure, respecting ignore files and exclusion patterns.
+
+2. **AST Generation**: For each supported file, Nyx uses tree-sitter to parse the code into an Abstract Syntax Tree (AST).
+
+3. **Pattern Matching**: Nyx applies language-specific vulnerability patterns to the AST to identify potential issues.
+
+4. **Control Flow Analysis**: (Planned) Nyx will convert ASTs to control flow graphs for more sophisticated analysis.
+
+5. **Taint Analysis**: (Planned) Nyx will track the flow of untrusted data through your application.
+
+6. **Reporting**: Issues are reported with severity levels, file locations, and descriptions.
+
+## Configuration
+
+Nyx uses a configuration system with defaults that can be overridden by a user-specific configuration file. The configuration file is located at:
+
+- Linux/macOS: `~/.config/nyx/nyx.local`
+- Windows: `C:\Users\<username>\AppData\Roaming\ecpeter23\nyx\config\nyx.local`
+
+Example configuration:
+
+```toml
+[scanner]
+min_severity = "Medium"
+follow_symlinks = true
+
+[output]
+default_format = "json"
+color_output = true
+
+[performance]
+worker_threads = 8
+```
+
+## License
+
+[Add your license information here]
+
+## Contributing
+
+[Add contribution guidelines here]
diff --git a/src/patterns/typescript.rs b/src/patterns/typescript.rs
index 30627c16..83647e5c 100644
--- a/src/patterns/typescript.rs
+++ b/src/patterns/typescript.rs
@@ -43,4 +43,64 @@ pub const PATTERNS: &[Pattern] = &[
     query: "(call_expression function: (member_expression object: (identifier) @obj (#eq? @obj \"JSON\") property: (property_identifier) @prop (#eq? @prop \"parse\"))) @vuln",
     severity: Severity::Low,
   },
+  Pattern {
+    id: "as_any_assertion",
+    description: "Type assertion to `any` using `as any`",
+    query: "(as_expression type: (predefined_type) @t (#eq? @t \"any\")) @vuln",
+    severity: Severity::Low,
+  },
+  Pattern {
+    id: "type_assertion_any",
+    description: "Type assertion to `any` using `<any>` syntax",
+    query: "(type_assertion type: (predefined_type) @t (#eq? @t \"any\")) @vuln",
+    severity: Severity::Low,
+  },
+  Pattern {
+    id: "outer_html_assignment",
+    description: "Assignment to element.outerHTML",
+    query: "(assignment_expression left: (member_expression property: (property_identifier) @prop (#eq? @prop \"outerHTML\"))) @vuln",
+    severity: Severity::Medium,
+  },
+  Pattern {
+    id: "insert_adjacent_html",
+    description: "insertAdjacentHTML() call",
+    query: "(call_expression function: (member_expression property: (property_identifier) @prop (#eq? @prop \"insertAdjacentHTML\"))) @vuln",
+    severity: Severity::Medium,
+  },
+  Pattern {
+    id: "document_cookie_write",
+    description: "Write to document.cookie",
+    query: "(assignment_expression left: (member_expression object: (identifier) @obj (#eq? @obj \"document\") property: (property_identifier) @prop (#eq? @prop \"cookie\"))) @vuln",
+    severity: Severity::Low,
+  },
+  Pattern {
+    id: "onclick_setattribute",
+    description: "Element.setAttribute('onclick', …)",
+    query: "(call_expression function: (member_expression property: (property_identifier) @prop (#eq? @prop \"setAttribute\")) arguments: (arguments (string) @name (#eq? @name \"\\\"onclick\\\"\") . (string) @handler)) @vuln",
+    severity: Severity::Medium,
+  },
+  Pattern {
+    id: "math_random_call",
+    description: "Use of Math.random() for security-sensitive randomness",
+    query: "(call_expression function: (member_expression object: (identifier) @obj (#eq? @obj \"Math\") property: (property_identifier) @prop (#eq? @prop \"random\"))) @vuln",
+    severity: Severity::Low,
+  },
+  Pattern {
+    id: "crypto_createhash_md5",
+    description: "Insecure hash algorithm: crypto.createHash('md5')",
+    query: "(call_expression function: (member_expression object: (identifier) @obj (#eq? @obj \"crypto\") property: (property_identifier) @prop (#eq? @prop \"createHash\")) arguments: (arguments (string) @alg (#match? @alg \"(?i)\\\"md5\\\"\"))) @vuln",
+    severity: Severity::Medium,
+  },
+  Pattern {
+    id: "fetch_http_url",
+    description: "fetch() over plain HTTP",
+    query: "(call_expression function: (identifier) @id (#eq? @id \"fetch\") arguments: (arguments (string) @url (#match? @url \"^\\\"http://\"))) @vuln",
+    severity: Severity::Low,
+  },
+  Pattern {
+    id: "xhr_eval_response",
+    description: "eval() of XMLHttpRequest.responseText",
+    query: "(call_expression function: (identifier) @id (#eq? @id \"eval\") arguments: (arguments (member_expression property: (property_identifier) @prop (#eq? @prop \"responseText\")))) @vuln",
+    severity: Severity::High,
+  },
 ];
\ No newline at end of file