CodeQL library for Java/Kotlin
codeql/java-all 5.0.1-dev (changelog, source)
Search

Predicate threatModelConfiguration

Holds configuration entries to specify which threat models are enabled.

  • kind - Specifies the threat model to configure. This can be the name of a specific threat model (for example, environment), a group (local), or all.
  • enable - true to enable the specified threat model (and its children), or false to disable it.
  • priority - The order in which the configuration should be applied. Lower values are applied first.

The final configuration is the result of processing each row in ascending order of its priority column. For example:

  • { kind: "all", enable: true, priority: 0 }
  • { kind: "remote", enable: false, priority: 1 }
  • { kind: "environment", enable: true, priority: 2 } This configuration first enables all threat models, then disables the remote group, and finally re-enables the environment threat model.

Import path

import codeql.threatmodels.ThreatModels
predicate threatModelConfiguration(string kind, boolean enable, int priority)