From 24555ffa1db63884aca24086ee519a7455514c97 Mon Sep 17 00:00:00 2001
From: Alexandre Dulaunoy <a@foo.be>
Date: Fri, 15 Nov 2019 07:48:32 +0100
Subject: [PATCH] chg: [doc] README fixed

---
 README.md | 21 ++++++++++++++++-----
 1 file changed, 16 insertions(+), 5 deletions(-)

diff --git a/README.md b/README.md
index 644f867..f05162e 100644
--- a/README.md
+++ b/README.md
@@ -1,7 +1,7 @@
 # git-vuln-finder
 
 Finding potential software vulnerabilities from git commit messages. The output format is a JSON with the associated commit which could contain a fix regarding
-a software vulnerability. The search is based on a set of regular expressions against the commit messages.
+a software vulnerability. The search is based on a set of regular expressions against the commit messages only.
 
 # Requirements
 
@@ -11,7 +11,7 @@ a software vulnerability. The search is based on a set of regular expressions ag
 # Usage
 
 ~~~bash
-usage: finder.py [-h] [-v] [-r R] [-o O]
+usage: finder.py [-h] [-v] [-r R] [-o O] [-s S] [-p P]
 
 Finding potential software vulnerabilities from git commit messages.
 
@@ -20,10 +20,19 @@ optional arguments:
   -v          increase output verbosity
   -r R        git repository to analyse
   -o O        Output format: [json]
-
-More info: https://github.com/cve-search/git-vuln-finder
+  -s S        State of the commit found
+  -p P        Matching pattern to use: [vulnpatterns, cryptopatterns,
+              cpatterns]
 ~~~
 
+# Patterns
+
+git-vuln-finder comes with 3 default patterns which can be selected to find the potential vulnerabilities described in the commit messages such as:
+
+- `vulnpatterns` is a generic vulnerability pattern especially targeting web application and generic security commit message. Based on an academic paper.
+- `cryptopatterns` is a vulnerability pattern for cryptographic errors mentioned in commit messages.
+- `cpatterns` is a set of standard vulnerability patterns see for C/C++-like languages.
+
 ## A sample partial output from Curl git repository
 
 ~~~bash
@@ -70,10 +79,12 @@ python3 finder.py -r /home/adulau/git/curl | jq .
 ...
 ~~~
 
-# License
+# License and author(s)
 
 This software is free software and licensed under the AGPL version 3.
 
+Copyright (c) 2019 Alexandre Dulaunoy - https://github.com/adulau/
+
 # References
 
 - [Notes](https://gist.github.com/adulau/dce5a6ca5c65017869bb01dfee576303#file-finding-vuln-git-commit-messages-md)