Go/Java/C#: Rename ThreatModelFlowSource to ActiveThreatModelSource
#17424
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
As part of adding support for threat-models to Python/JS (see github#17203), we ran into some trouble with name clashes. Naming in existing languages supporting threat-models: - `SourceNode` (for QL only modeling) - `ThreatModelFlowSource` (for active sources from QL or data-extensions) However, since we use `LocalSourceNode` in Python, and `SourceNode` in JS (for local source nodes), it seems a bit confusing to follow the same naming convention as other languages, and we had to come up with new names. Initially I used `ThreatModelSource` for the "QL only modeling", but that meant that we needed a new name to represent the active sources coming from either QL or data-extensions... for this I came up with `ActiveThreatModelSource`, and I really liked it. To me, it's much clearer that this class only contains the currently active threat model sources. So to align languages, I got approval from @michaelnebel to rename the existing classes.
csharp/ql/lib/semmle/code/csharp/security/auth/InsecureDirectObjectReferenceQuery.qll
Outdated
Show resolved
Hide resolved
RasmusWL
force-pushed
the
active-threat-model-source
branch
from
76a6ffc
to
66b61ee
Compare
egregius313
reviewed
Sep 12, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Go/Java/C#: Rename to
ActiveThreatModelSourceContext for wanting this change
As part of adding support for threat-models to Python/JS (see #17203), we ran into some trouble with name clashes.
Naming in existing languages supporting threat-models:
SourceNode(for QL only modeling)ThreatModelFlowSource(for active sources from QL or data-extensions)However, since we use
LocalSourceNodein Python, andSourceNodein JS (for local source nodes), it seems a bit confusing to follow the same naming convention as other languages, and we had to come up with new names.Initially I used
ThreatModelSourcefor the "QL only modeling", but that meant that we needed a new name to represent the active sources coming from either QL or data-extensions... for this I came up withActiveThreatModelSource, and I really liked it. To me, it's much clearer that this class only contains the currently active threat model sources.So to align languages, I got approval from @michaelnebel to rename the existing classes.