Python: Remove 'response' from default threat-models

RasmusWL · RasmusWL · commit 8f7dec07b8c6 · 2024-08-19T10:54:48.000+02:00
I didn't want to put the configuration file in
`semmle/python/frameworks/**/*.model.yml`, so created `ext/` as in other
languages
diff --git a/python/ql/lib/ext/default-threat-models-fixup.model.yml b/python/ql/lib/ext/default-threat-models-fixup.model.yml
@@ -0,0 +1,8 @@
+extensions:
+  - addsTo:
+      pack: codeql/threat-models
+      extensible: threatModelConfiguration
+    data:
+    # Since responses are enabled by default in the shared threat-models configuration,
+    # we need to disable it here to keep existing behavior for the python analysis.
+      - ["response", false, -2147483647]
diff --git a/python/ql/lib/qlpack.yml b/python/ql/lib/qlpack.yml
@@ -16,4 +16,5 @@ dependencies:
   codeql/yaml: ${workspace}
 dataExtensions:
   - semmle/python/frameworks/**/*.model.yml
+  - ext/*.model.yml
 warnOnImplicitThis: true
diff --git a/python/ql/test/library-tests/threat-models/default/ActiveKinds.expected b/python/ql/test/library-tests/threat-models/default/ActiveKinds.expected
@@ -1,4 +1,3 @@
 | default |
 | remote |
 | request |
-| response |
