Updated Readme

Author: Ksenia Peguero

README.md

@@ -4,45 +4,46 @@ These simple linting rules flag points of interest where a security problem may
 
 ## Getting Started
 
-Use the compiled rules from `\dist\src` with your installation of TSLint. In the project that you plan to scan (target project), go to the `node_modules` folder and create a folder called `tslint-angular-security`.
-```
-git clone -q https://github.com/Synopsys-SIG/tslint-angular-security
-cd targetproject\node_modules && mkdir tslint-angular-security
-```
+TSLint must be installed locally in the target project. And the project must have tsconfig.json file in the root folder. Install `tslint-angular-security` from npm.
 
-Copy files from `\dist\src` in this project to the `node_modules\tslint-angular-security` folder in the target project.
 ```
-cp tslint-angular-security\dist\src\* targetproject\node_modules\tslint-angular-security
+cd targetproject
+npm init -y
+npm i tslint typescript
+npm i tslint-angular-security
+./node_modules/tslint/bin/tslint --init
 ```
 
 ## Configuration
 
-Copy the `tslint_custom_rules.json` configuration file from the root of this project to the root of the target project.
+Configure the target project `tslint.json` file to include the needed rules from the `tslint-angular-security` package. 
+
 ```
-cp tslint-angular-security\tslint_custom_rules.json targetproject\
+{
+  "rulesDirectory": [
+    "node_modules/tslint-angular-security"
+  ],
+
+  "rules": {
+    "flag-local-storage-angular-plugin": true,
+    "no-bypass-security": true,
+    "no-element-reference": true
+  }
+}
 ```
 
-Alternatively, modify the `tslint.json` file in the project to include the rules you need from the tslint-angular-security package.
+See example configuration in `tslint_custom_rules.json`.
 
-## Prerequisites
-
-TSLint must be installed locally in the target project. And the project must have tsconfig.json file in the root folder.
-```
-cd targetproject
-npm init -y
-npm i tslint typescript
-npm i tslint-microsoft-contrib
-./node_modules/tslint/bin/tslint --init
-```
 
 ## Running
 
 In the root of the target project run:
 
 ```
-./node_modules/.bin/tslint --project tsconfig.json --config tslint_custom_rules.json
+./node_modules/.bin/tslint --project tsconfig.json --config tslint.json
 ```
-*Warning: this repository is a work-in-progress. Things may break while we transition this project to open source. This is not an officially supported Synopsys product.*
+
+*Warning: This repository is a work-in-progress. Things may break while we transition this project to open source. This is not an officially supported Synopsys product.*
 
 ## Rules
 
@@ -54,12 +55,12 @@ Rule Name   | Description | Vulnerability | CWE
 
 ## Developing
 
-Feel free to update/add new rules in your local version. After you update the .ts files in `src`, compile them using the [TypeScript compiler](https://www.npmjs.com/package/typescript) from the root folder:
+Feel free to update/add new rules in your local version. After you add/update the .ts, compile them using the [TypeScript compiler](https://www.npmjs.com/package/typescript) from the root folder:
 
 ```
 tsc
 ```
-The compiled JavaScript files will be in `dist\src`. Copy them to `node_modules\tslint-angular-security` in the target project and use them there. 
+The compiled JavaScript files will be in the root directory. Copy them to `node_modules\tslint-angular-security` in the target project and use them. 
 
 ## Authors
 

flagLocalStorageAngularPluginRule.js

@@ -9,12 +9,9 @@
 * may return false positives.
 */
 var __extends = (this && this.__extends) || (function () {
-    var extendStatics = function (d, b) {
-        extendStatics = Object.setPrototypeOf ||
-            ({ __proto__: [] } instanceof Array && function (d, b) { d.__proto__ = b; }) ||
-            function (d, b) { for (var p in b) if (b.hasOwnProperty(p)) d[p] = b[p]; };
-        return extendStatics(d, b);
-    }
+    var extendStatics = Object.setPrototypeOf ||
+        ({ __proto__: [] } instanceof Array && function (d, b) { d.__proto__ = b; }) ||
+        function (d, b) { for (var p in b) if (b.hasOwnProperty(p)) d[p] = b[p]; };
     return function (d, b) {
         extendStatics(d, b);
         function __() { this.constructor = d; }

noBypassSecurityRule.js

@@ -5,12 +5,9 @@
 * which may lead to XSS.
 */
 var __extends = (this && this.__extends) || (function () {
-    var extendStatics = function (d, b) {
-        extendStatics = Object.setPrototypeOf ||
-            ({ __proto__: [] } instanceof Array && function (d, b) { d.__proto__ = b; }) ||
-            function (d, b) { for (var p in b) if (b.hasOwnProperty(p)) d[p] = b[p]; };
-        return extendStatics(d, b);
-    }
+    var extendStatics = Object.setPrototypeOf ||
+        ({ __proto__: [] } instanceof Array && function (d, b) { d.__proto__ = b; }) ||
+        function (d, b) { for (var p in b) if (b.hasOwnProperty(p)) d[p] = b[p]; };
     return function (d, b) {
         extendStatics(d, b);
         function __() { this.constructor = d; }

noElementReferenceRule.js

@@ -5,12 +5,9 @@
 * allows access to the underlying DOM element.
 */
 var __extends = (this && this.__extends) || (function () {
-    var extendStatics = function (d, b) {
-        extendStatics = Object.setPrototypeOf ||
-            ({ __proto__: [] } instanceof Array && function (d, b) { d.__proto__ = b; }) ||
-            function (d, b) { for (var p in b) if (b.hasOwnProperty(p)) d[p] = b[p]; };
-        return extendStatics(d, b);
-    }
+    var extendStatics = Object.setPrototypeOf ||
+        ({ __proto__: [] } instanceof Array && function (d, b) { d.__proto__ = b; }) ||
+        function (d, b) { for (var p in b) if (b.hasOwnProperty(p)) d[p] = b[p]; };
     return function (d, b) {
         extendStatics(d, b);
         function __() { this.constructor = d; }