Update README

breml · Nov 6, 2021 · 81fdf48 · 81fdf48
1 parent 5e88d47
commit 81fdf48
Showing 1 changed file with 41 additions and 1 deletion.
diff --git a/README.md b/README.md
@@ -1,6 +1,6 @@
 # bidichk - checks for dangerous unicode character sequences
 
-[![Test Status](https://github.com/breml/bidichk/workflows/Go%20Matrix/badge.svg)](https://github.com/breml/logstash-config/actions?query=workflow%3AGo%20Matrix) [![License](https://img.shields.io/badge/license-MIT-blue.svg)](LICENSE)
+[![Test Status](https://github.com/breml/bidichk/workflows/Go%20Matrix/badge.svg)](https://github.com/breml/bidichk/actions?query=workflow%3AGo%20Matrix) [![Go Report Card](https://goreportcard.com/badge/github.com/breml/bidichk)](https://goreportcard.com/report/github.com/breml/bidichk) [![License](https://img.shields.io/badge/license-MIT-blue.svg)](LICENSE)
 
 bidichk finds dangerous unicode character sequences in Go source files.
 
@@ -18,6 +18,46 @@ The following unicode characters are considered dangerous:
 * U+2068: FIRST-STRONG-ISOLATE
 * U+2069: POP-DIRECTIONAL-ISOLATE
 
+## Installation
+
+Download `bidichk` from the [releases](https://github.com/breml/bidichk/releases) or get the latest version from source with:
+
+```shell
+go get github.com/breml/bidichk/cmd/bidichk
+```
+
+## Usage
+
+### golangci-lint
+
+[golangci-lint](https://golangci-lint.run) supports thelper, so you can enable this linter and use it.
+
+### Shell
+
+Check everything:
+
+```shell
+bidichk ./...
+```
+
+### Enable only required unicode runes
+
+If you run bidichk via golangci-lint look at [.golangci.example.yml](https://golangci-lint.run/usage/configuration/#config-file) for an example of the configuration.
+
+Otherwise you can run bidichk with `--disallowed-runes` flag to specify the runes you consider harmful.
+
+E.g. the following command considers only the `LEFT-TO-RIGHT-OVERRIDE` unicode rune as dangerous:
+
+```shell
+bidichk --disallowed-runes LEFT-TO-RIGHT-OVERRIDE ./...
+```
+
+For the full list of supported unicode runes [see above](#considered-dangerous-unicode-characters) or use
+
+```shell
+bidichk --help
+```
+
 ## Inspiration
 
 * ['Trojan Source' Bug Threatens the Security of All Code](https://krebsonsecurity.com/2021/11/trojan-source-bug-threatens-the-security-of-all-code/)