Update dependencies and enhance pattern handling

- Added `tracing-appender` and `log` dependencies to improve error logging.
- Enhanced `walk.rs` to add error handling with warning logs for ignore patterns.
- Expanded Rust and JavaScript patterns with additional security vulnerability checks.
- Simplified and updated pattern queries for improved accuracy and consistency.
- Removed unused print statement in `index.rs`.

src/patterns/javascript.rs

@@ -37,4 +37,86 @@ pub const PATTERNS: &[Pattern] = &[
     query: "(call_expression function: (member_expression object: (identifier) @obj (#eq? @obj \"JSON\") property: (property_identifier) @prop (#eq? @prop \"parse\"))) @vuln",
     severity: Severity::Low,
   },
+  Pattern {
+    id: "outer_html_assignment",
+    description: "Assignment to element.outerHTML",
+    query: "(assignment_expression
+               left: (member_expression
+                        property: (property_identifier) @prop
+                        (#eq? @prop \"outerHTML\"))) @vuln",
+    severity: Severity::Medium,
+  },
+  Pattern {
+    id: "insert_adjacent_html",
+    description: "insertAdjacentHTML() call",
+    query: "(call_expression
+               function: (member_expression
+                           property: (property_identifier) @prop
+                           (#eq? @prop \"insertAdjacentHTML\"))) @vuln",
+    severity: Severity::Medium,
+  },
+  Pattern {
+    id: "location_href_assignment",
+    description: "Assignment to window.location / location.href",
+    query: "(assignment_expression
+               left: (member_expression
+                        object: (identifier)? @obj
+                        property: (property_identifier) @prop
+                        (#match? @prop \"location|href\"))) @vuln",
+    severity: Severity::High,
+  },
+  Pattern {
+    id: "cookie_assignment",
+    description: "Write to document.cookie",
+    query: "(assignment_expression
+               left: (member_expression
+                        object: (identifier) @obj
+                        (#eq? @obj \"document\")
+                        property: (property_identifier) @prop
+                        (#eq? @prop \"cookie\"))) @vuln",
+    severity: Severity::Medium,
+  },
+  Pattern {
+    id: "proto_pollution",
+    description: "Assignment to __proto__ (prototype pollution)",
+    query: "(assignment_expression
+               left: (member_expression
+                        property: (property_identifier) @prop
+                        (#eq? @prop \"__proto__\"))) @vuln",
+    severity: Severity::High,
+  },
+  Pattern {
+    id: "weak_hash_md5",
+    description: "crypto.createHash(\"md5\")",
+    query: "(call_expression
+               function: (member_expression
+                           object: (identifier) @obj
+                           (#eq? @obj \"crypto\")
+                           property: (property_identifier) @prop
+                           (#eq? @prop \"createHash\"))
+               arguments: (arguments
+                            (string) @alg
+                            (#eq? @alg \"md5\"))) @vuln",
+    severity: Severity::Low,
+  },
+  Pattern {
+    id: "regexp_constructor_string",
+    description: "new RegExp() with a dynamic string",
+    query: "(new_expression
+               constructor: (identifier) @id
+               (#eq? @id \"RegExp\")
+               arguments: (arguments (string) @pattern)) @vuln",
+    severity: Severity::Low,
+  },
+  Pattern {
+    id: "dangerous_extend_builtin",
+    description: "Extending Object.prototype (may lead to collisions/pollution)",
+    query: "(assignment_expression
+               left: (member_expression
+                        object: (identifier) @obj
+                        (#eq? @obj \"Object\")
+                        property: (property_identifier) @prop
+                        (#eq? @prop \"prototype\"))) @vuln",
+    severity: Severity::Medium,
+  },
 ];