Update dependencies and enhance pattern handling

- Added `tracing-appender` and `log` dependencies to improve error logging.
- Enhanced `walk.rs` to add error handling with warning logs for ignore patterns.
- Expanded Rust and JavaScript patterns with additional security vulnerability checks.
- Simplified and updated pattern queries for improved accuracy and consistency.
- Removed unused print statement in `index.rs`.

src/patterns/rust.rs

@@ -1,9 +1,5 @@
 use crate::patterns::{Pattern, Severity};
 
-/// The full catalogue.
-///
-/// *Feel free to prune, extend, or tweak severities to suit your own threat
-/// model.*
 pub const PATTERNS: &[Pattern] = &[
   Pattern {
     id: "unsafe_block",
@@ -14,19 +10,57 @@ pub const PATTERNS: &[Pattern] = &[
   Pattern {
     id: "unsafe_fn",
     description: "`unsafe fn` declaration",
-    query: "(function_item (modifier) @kw (#eq? @kw \"unsafe\")) @vuln",
+    query: "(function_item
+               (function_modifiers) @mods
+               (#match? @mods \"^unsafe\\b\")) @vuln",
+    severity: Severity::High,
+  },
+  Pattern {
+    id: "transmute_call",
+    description: "`std::mem::transmute` call",
+    query: "(call_expression
+                  function: (scoped_identifier
+                              path: (identifier) @p (#eq? @p \"mem\")
+                              name: (identifier) @f (#eq? @f \"transmute\")))
+                @vuln",
+    severity: Severity::High,
+  },
+  Pattern {
+    id: "copy_nonoverlapping",
+    description: "Raw pointer `copy_nonoverlapping`",
+    query: "(call_expression
+                  function: (scoped_identifier
+                              path: (identifier) @p (#eq? @p \"ptr\")
+                              name: (identifier) @f (#eq? @f \"copy_nonoverlapping\")))
+                @vuln",
+    severity: Severity::High,
+  },
+  Pattern {
+    id: "get_unchecked",
+    description: "`get_unchecked` / `get_unchecked_mut` slice access",
+    query: "(call_expression
+                  function: (field_expression
+                              field: (field_identifier) @m
+                              (#match? @m \"get_unchecked(_mut)?\"))) @vuln",
     severity: Severity::High,
   },
   Pattern {
     id: "unwrap_call",
     description: "`.unwrap()` call (may panic)",
-    query: "(call_expression function: (field_expression field: (field_identifier) @name (#eq? @name \"unwrap\"))) @vuln",
+    query: "(call_expression
+              function: (field_expression
+                          field: (field_identifier) @name
+                          (#eq? @name \"unwrap\")))   ; exact match
+            @vuln",
     severity: Severity::Medium,
   },
   Pattern {
     id: "expect_call",
     description: "`.expect()` call (may panic)",
-    query: "(call_expression function: (field_expression field: (field_identifier) @name (#eq? @name \"expect\"))) @vuln",
+    query: "(call_expression
+                  function: (field_expression
+                              field: (field_identifier) @name
+                              (#eq? @name \"expect\"))) @vuln",
     severity: Severity::Medium,
   },
   Pattern {
@@ -38,31 +72,47 @@ pub const PATTERNS: &[Pattern] = &[
   Pattern {
     id: "todo_or_unimplemented",
     description: "`todo!()` / `unimplemented!()` placeholder",
-    query: "(macro_invocation (identifier) @id (#match? @id \"todo|unimplemented\")) @vuln",
+    query: "(macro_invocation
+                  (identifier) @id
+                  (#match? @id \"todo|unimplemented\")) @vuln",
     severity: Severity::Low,
   },
-  Pattern {
-    id: "transmute_call",
-    description: "`std::mem::transmute` call",
-    query: "(call_expression function: (scoped_identifier path: (identifier) @p (#eq? @p \"mem\") name: (identifier) @f (#eq? @f \"transmute\"))) @vuln",
-    severity: Severity::High,
-  },
-  Pattern {
-    id: "get_unchecked",
-    description: "`get_unchecked` or `get_unchecked_mut` slice access",
-    query: "(call_expression function: (field_expression field: (field_identifier) @m (#match? @m \"get_unchecked(_mut)?\"))) @vuln",
-    severity: Severity::High,
-  },
-  Pattern {
-    id: "copy_nonoverlapping",
-    description: "Raw pointer `copy_nonoverlapping`",
-    query: "(call_expression function: (scoped_identifier path: (identifier) @p (#eq? @p \"ptr\") name: (identifier) @f (#eq? @f \"copy_nonoverlapping\"))) @vuln",
-    severity: Severity::High,
-  },
   Pattern {
     id: "narrow_cast_with_as",
     description: "`as` cast to an 8-/16-bit integer (possible truncation)",
-    query: "(as_expression left: (_) right: (primitive_type) @to (#match? @to \"u8|i8|u16|i16\")) @vuln",
+    query: "(type_cast_expression
+                  type: (primitive_type) @to
+                  (#match? @to \"^u?i(8|16)$\")) @vuln",
     severity: Severity::Low,
   },
+  Pattern { 
+    id: "mem_zeroed",     
+    description: "`std::mem::zeroed()`",          
+    query: "(call_expression function:(scoped_identifier path:(identifier)@p (#eq? @p \"mem\") name:(identifier)@n (#eq? @n \"zeroed\")))@vuln", 
+    severity: Severity::High 
+  },
+  Pattern { 
+    id: "mem_forget",     
+    description: "`std::mem::forget()`",          
+    query: "(call_expression function:(scoped_identifier path:(identifier)@p (#eq? @p \"mem\") name:(identifier)@n (#eq? @n \"forget\")))@vuln", 
+    severity: Severity::Medium 
+  },
+  Pattern { 
+    id: "ptr_read",       
+    description: "`ptr::read_*` raw-ptr read",    
+    query: "(call_expression function:(scoped_identifier path:(identifier)@p (#eq? @p \"ptr\") name:(identifier)@n (#match? @n \"read(_volatile)?\")))@vuln", 
+    severity: Severity::High 
+  },
+  Pattern { 
+    id: "arc_unwrap",     
+    description: "`Arc::unwrap_or_else_unchecked`",
+    query: "(call_expression function:(scoped_identifier name:(identifier)@n (#eq? @n \"unwrap_or_else_unchecked\")))@vuln", 
+    severity: Severity::High 
+  },
+  Pattern { 
+    id: "dbg_macro",      
+    description: "`dbg!()` left in code",         
+    query: "(macro_invocation (identifier)@id (#eq? @id \"dbg\"))@vuln", 
+    severity: Severity::Low 
+  },
 ];