Merge pull request #17424 from RasmusWL/active-threat-model-source

Go/Java/C#: Rename `ThreatModelFlowSource` to `ActiveThreatModelSource`
2026-04-25 16:55:19 +02:00 · 2024-09-26 13:08:17 +02:00
parent d7fb7ab551 63c3a71d95
commit 381ea93ec3
141 changed files with 216 additions and 183 deletions
--- a/csharp/ql/lib/change-notes/2024-09-10-ActiveThreatModelSource.md
+++ b/csharp/ql/lib/change-notes/2024-09-10-ActiveThreatModelSource.md
@@ -0,0 +1,4 @@
+---
+category: deprecated
+---
+* The class `ThreatModelFlowSource` has been renamed to `ActiveThreatModelSource` to more clearly reflect it only contains the currently active threat model sources. `ThreatModelFlowSource` has been marked as deprecated.
--- a/csharp/ql/lib/semmle/code/csharp/security/auth/InsecureDirectObjectReferenceQuery.qll
+++ b/csharp/ql/lib/semmle/code/csharp/security/auth/InsecureDirectObjectReferenceQuery.qll
@@ -18,7 +18,7 @@ private predicate needsChecks(ActionMethod m) { m.isEdit() and not m.isAdmin() }
 * that may indicate that it's used as the ID for some resource
 */
 private predicate hasIdParameter(ActionMethod m) {
-  exists(ThreatModelFlowSource src | src.getEnclosingCallable() = m |
+  exists(ActiveThreatModelSource src | src.getEnclosingCallable() = m |
    src.asParameter().getName().toLowerCase().matches(["%id", "%idx"])
    or
    // handle cases like `Request.QueryString["Id"]`
--- a/csharp/ql/lib/semmle/code/csharp/security/dataflow/CodeInjectionQuery.qll
+++ b/csharp/ql/lib/semmle/code/csharp/security/dataflow/CodeInjectionQuery.qll
@@ -55,7 +55,7 @@ deprecated class RemoteSource extends DataFlow::Node instanceof RemoteFlowSource
 deprecated class LocalSource extends DataFlow::Node instanceof LocalFlowSource { }

 /** A source supported by the current threat model. */
-class ThreatModelSource extends Source instanceof ThreatModelFlowSource { }
+class ThreatModelSource extends Source instanceof ActiveThreatModelSource { }

 private class SimpleTypeSanitizer extends Sanitizer, SimpleTypeSanitizedExpr { }

--- a/csharp/ql/lib/semmle/code/csharp/security/dataflow/CommandInjectionQuery.qll
+++ b/csharp/ql/lib/semmle/code/csharp/security/dataflow/CommandInjectionQuery.qll
@@ -57,7 +57,7 @@ module CommandInjection = TaintTracking::Global<CommandInjectionConfig>;
 deprecated class RemoteSource extends DataFlow::Node instanceof RemoteFlowSource { }

 /** A source supported by the current threat model. */
-class ThreatModelSource extends Source instanceof ThreatModelFlowSource { }
+class ThreatModelSource extends Source instanceof ActiveThreatModelSource { }

 /** Command Injection sinks defined through Models as Data. */
 private class ExternalCommandInjectionExprSink extends Sink {
--- a/csharp/ql/lib/semmle/code/csharp/security/dataflow/ConditionalBypassQuery.qll
+++ b/csharp/ql/lib/semmle/code/csharp/security/dataflow/ConditionalBypassQuery.qll
@@ -54,7 +54,7 @@ module ConditionalBypass = TaintTracking::Global<ConditionalBypassConfig>;
 deprecated class RemoteSource extends DataFlow::Node instanceof RemoteFlowSource { }

 /** A source supported by the current threat model. */
-class ThreatModelSource extends Source instanceof ThreatModelFlowSource { }
+class ThreatModelSource extends Source instanceof ActiveThreatModelSource { }

 /** The result of a reverse dns may be user-controlled. */
 class ReverseDnsSource extends Source {
--- a/csharp/ql/lib/semmle/code/csharp/security/dataflow/ExternalAPIsQuery.qll
+++ b/csharp/ql/lib/semmle/code/csharp/security/dataflow/ExternalAPIsQuery.qll
@@ -73,14 +73,14 @@ class ExternalApiDataNode extends DataFlow::Node {
  }
 }

-/** A configuration for tracking flow from `ThreatModelFlowSource`s to `ExternalApiDataNode`s. */
+/** A configuration for tracking flow from `ActiveThreatModelSource`s to `ExternalApiDataNode`s. */
 private module RemoteSourceToExternalApiConfig implements DataFlow::ConfigSig {
-  predicate isSource(DataFlow::Node source) { source instanceof ThreatModelFlowSource }
+  predicate isSource(DataFlow::Node source) { source instanceof ActiveThreatModelSource }

  predicate isSink(DataFlow::Node sink) { sink instanceof ExternalApiDataNode }
 }

-/** A module for tracking flow from `ThreatModelFlowSource`s to `ExternalApiDataNode`s. */
+/** A module for tracking flow from `ActiveThreatModelSource`s to `ExternalApiDataNode`s. */
 module RemoteSourceToExternalApi = TaintTracking::Global<RemoteSourceToExternalApiConfig>;

 /** A node representing untrusted data being passed to an external API. */
--- a/csharp/ql/lib/semmle/code/csharp/security/dataflow/LDAPInjectionQuery.qll
+++ b/csharp/ql/lib/semmle/code/csharp/security/dataflow/LDAPInjectionQuery.qll
@@ -60,7 +60,7 @@ module LdapInjection = TaintTracking::Global<LdapInjectionConfig>;
 deprecated class RemoteSource extends DataFlow::Node instanceof RemoteFlowSource { }

 /** A source supported by the current threat model. */
-class ThreatModelSource extends Source instanceof ThreatModelFlowSource { }
+class ThreatModelSource extends Source instanceof ActiveThreatModelSource { }

 /** LDAP sinks defined through Models as Data. */
 private class ExternalLdapExprSink extends Sink {
--- a/csharp/ql/lib/semmle/code/csharp/security/dataflow/LogForgingQuery.qll
+++ b/csharp/ql/lib/semmle/code/csharp/security/dataflow/LogForgingQuery.qll
@@ -43,7 +43,7 @@ private module LogForgingConfig implements DataFlow::ConfigSig {
 module LogForging = TaintTracking::Global<LogForgingConfig>;

 /** A source of remote user input. */
-private class ThreatModelSource extends Source instanceof ThreatModelFlowSource { }
+private class ThreatModelSource extends Source instanceof ActiveThreatModelSource { }

 private class HtmlSanitizer extends Sanitizer {
  HtmlSanitizer() { this.asExpr() instanceof HtmlSanitizedExpr }
--- a/csharp/ql/lib/semmle/code/csharp/security/dataflow/MissingXMLValidationQuery.qll
+++ b/csharp/ql/lib/semmle/code/csharp/security/dataflow/MissingXMLValidationQuery.qll
@@ -48,7 +48,7 @@ private module MissingXmlValidationConfig implements DataFlow::ConfigSig {
 module MissingXmlValidation = TaintTracking::Global<MissingXmlValidationConfig>;

 /**
- * DEPRECATED: Use `ThreatModelFlowSource` instead.
+ * DEPRECATED: Use `ActiveThreatModelSource` instead.
 *
 * A source of remote user input.
 */
@@ -57,7 +57,7 @@ deprecated class RemoteSource extends DataFlow::Node instanceof RemoteFlowSource
 /**
 * A source supported by the current threat model.
 */
-class ThreatModelSource extends Source instanceof ThreatModelFlowSource { }
+class ThreatModelSource extends Source instanceof ActiveThreatModelSource { }

 /**
 * The input argument to a call to `XmlReader.Create` where the input will not be validated against
--- a/csharp/ql/lib/semmle/code/csharp/security/dataflow/ReDoSQuery.qll
+++ b/csharp/ql/lib/semmle/code/csharp/security/dataflow/ReDoSQuery.qll
@@ -49,7 +49,7 @@ module ReDoS = TaintTracking::Global<ReDoSConfig>;
 deprecated class RemoteSource extends DataFlow::Node instanceof RemoteFlowSource { }

 /** A source supported by the current threat model. */
-class ThreatModelSource extends Source instanceof ThreatModelFlowSource { }
+class ThreatModelSource extends Source instanceof ActiveThreatModelSource { }

 /**
 * An expression that represents a regular expression with potential exponential behavior.
--- a/csharp/ql/lib/semmle/code/csharp/security/dataflow/RegexInjectionQuery.qll
+++ b/csharp/ql/lib/semmle/code/csharp/security/dataflow/RegexInjectionQuery.qll
@@ -48,7 +48,7 @@ module RegexInjection = TaintTracking::Global<RegexInjectionConfig>;
 deprecated class RemoteSource extends DataFlow::Node instanceof RemoteFlowSource { }

 /** A source supported by the current threat model. */
-class ThreatModelSource extends Source instanceof ThreatModelFlowSource { }
+class ThreatModelSource extends Source instanceof ActiveThreatModelSource { }

 /**
 * A `pattern` argument to a construction of a `Regex`.
--- a/csharp/ql/lib/semmle/code/csharp/security/dataflow/ResourceInjectionQuery.qll
+++ b/csharp/ql/lib/semmle/code/csharp/security/dataflow/ResourceInjectionQuery.qll
@@ -54,7 +54,7 @@ deprecated class RemoteSource extends DataFlow::Node instanceof RemoteFlowSource
 deprecated class LocalSource extends DataFlow::Node instanceof LocalFlowSource { }

 /** A source supported by the current threat model. */
-class ThreatModelSource extends Source instanceof ThreatModelFlowSource { }
+class ThreatModelSource extends Source instanceof ActiveThreatModelSource { }

 /** An argument to the `ConnectionString` property on a data connection class. */
 class SqlConnectionStringSink extends Sink {
--- a/csharp/ql/lib/semmle/code/csharp/security/dataflow/SqlInjectionQuery.qll
+++ b/csharp/ql/lib/semmle/code/csharp/security/dataflow/SqlInjectionQuery.qll
@@ -65,7 +65,7 @@ deprecated class RemoteSource extends DataFlow::Node instanceof RemoteFlowSource
 deprecated class LocalSource extends DataFlow::Node instanceof LocalFlowSource { }

 /** A source supported by the current threat model. */
-class ThreatModelSource extends Source instanceof ThreatModelFlowSource { }
+class ThreatModelSource extends Source instanceof ActiveThreatModelSource { }

 /** An SQL expression passed to an API call that executes SQL. */
 class SqlInjectionExprSink extends Sink {
--- a/csharp/ql/lib/semmle/code/csharp/security/dataflow/TaintedPathQuery.qll
+++ b/csharp/ql/lib/semmle/code/csharp/security/dataflow/TaintedPathQuery.qll
@@ -50,7 +50,7 @@ module TaintedPath = TaintTracking::Global<TaintedPathConfig>;
 deprecated class RemoteSource extends DataFlow::Node instanceof RemoteFlowSource { }

 /** A source supported by the current threat model. */
-class ThreatModelSource extends Source instanceof ThreatModelFlowSource { }
+class ThreatModelSource extends Source instanceof ActiveThreatModelSource { }

 /**
 * A path argument to a `File` method call.
--- a/csharp/ql/lib/semmle/code/csharp/security/dataflow/UnsafeDeserializationQuery.qll
+++ b/csharp/ql/lib/semmle/code/csharp/security/dataflow/UnsafeDeserializationQuery.qll
@@ -49,7 +49,7 @@ abstract private class ConstructorOrStaticMethodSink extends Sink { }
 */
 abstract class Sanitizer extends DataFlow::Node { }

-private class ThreatModelSource extends Source instanceof ThreatModelFlowSource { }
+private class ThreatModelSource extends Source instanceof ActiveThreatModelSource { }

 /**
 * User input to object method call deserialization flow tracking configuration.
--- a/csharp/ql/lib/semmle/code/csharp/security/dataflow/UrlRedirectQuery.qll
+++ b/csharp/ql/lib/semmle/code/csharp/security/dataflow/UrlRedirectQuery.qll
@@ -52,7 +52,7 @@ module UrlRedirect = TaintTracking::Global<UrlRedirectConfig>;
 deprecated class RemoteSource extends DataFlow::Node instanceof RemoteFlowSource { }

 /** A source supported by the current threat model. */
-class ThreatModelSource extends Source instanceof ThreatModelFlowSource { }
+class ThreatModelSource extends Source instanceof ActiveThreatModelSource { }

 /** URL Redirection sinks defined through Models as Data. */
 private class ExternalUrlRedirectExprSink extends Sink {
--- a/csharp/ql/lib/semmle/code/csharp/security/dataflow/XMLEntityInjectionQuery.qll
+++ b/csharp/ql/lib/semmle/code/csharp/security/dataflow/XMLEntityInjectionQuery.qll
@@ -15,7 +15,7 @@ private import semmle.code.csharp.security.Sanitizers
 */
 abstract class Source extends DataFlow::Node { }

-private class ThreatModelSource extends Source instanceof ThreatModelFlowSource { }
+private class ThreatModelSource extends Source instanceof ActiveThreatModelSource { }

 /**
 * A data flow sink for untrusted user input used in XML processing.
--- a/csharp/ql/lib/semmle/code/csharp/security/dataflow/XPathInjectionQuery.qll
+++ b/csharp/ql/lib/semmle/code/csharp/security/dataflow/XPathInjectionQuery.qll
@@ -58,7 +58,7 @@ module XpathInjection = TaintTracking::Global<XpathInjectionConfig>;
 deprecated class RemoteSource extends DataFlow::Node instanceof RemoteFlowSource { }

 /** A source supported by the current threat model. */
-class ThreatModelSource extends Source instanceof ThreatModelFlowSource { }
+class ThreatModelSource extends Source instanceof ActiveThreatModelSource { }

 /** The `xpath` argument to an `XPathExpression.Compile(..)` call. */
 class XPathExpressionCompileSink extends Sink {
--- a/csharp/ql/lib/semmle/code/csharp/security/dataflow/XSSQuery.qll
+++ b/csharp/ql/lib/semmle/code/csharp/security/dataflow/XSSQuery.qll
@@ -165,7 +165,7 @@ module XssTrackingConfig implements DataFlow::ConfigSig {
 module XssTracking = TaintTracking::Global<XssTrackingConfig>;

 /** A source supported by the current threat model. */
-private class ThreatModelSource extends Source instanceof ThreatModelFlowSource { }
+private class ThreatModelSource extends Source instanceof ActiveThreatModelSource { }

 private class SimpleTypeSanitizer extends Sanitizer, SimpleTypeSanitizedExpr { }

--- a/csharp/ql/lib/semmle/code/csharp/security/dataflow/flowsources/FlowSources.qll
+++ b/csharp/ql/lib/semmle/code/csharp/security/dataflow/flowsources/FlowSources.qll
@@ -20,11 +20,18 @@ abstract class SourceNode extends DataFlow::Node {
 }

 /**
+ * DEPRECATED: Use `ActiveThreatModelSource` instead.
+ *
 * A class of data flow sources that respects the
 * current threat model configuration.
 */
-class ThreatModelFlowSource extends DataFlow::Node {
-  ThreatModelFlowSource() {
+deprecated class ThreatModelFlowSource = ActiveThreatModelSource;
+
+/**
+ * A data flow source that is enabled in the current threat model configuration.
+ */
+class ActiveThreatModelSource extends DataFlow::Node {
+  ActiveThreatModelSource() {
    exists(string kind |
      // Specific threat model.
      currentThreatModel(kind) and
--- a/Features/CWE-091/XMLInjection.ql
+++ b/Features/CWE-091/XMLInjection.ql
@@ -20,7 +20,7 @@ import XmlInjection::PathGraph
 * A taint-tracking configuration for untrusted user input used in XML.
 */
 module XmlInjectionConfig implements DataFlow::ConfigSig {
-  predicate isSource(DataFlow::Node source) { source instanceof ThreatModelFlowSource }
+  predicate isSource(DataFlow::Node source) { source instanceof ActiveThreatModelSource }

  predicate isSink(DataFlow::Node sink) {
    exists(MethodCall mc |
--- a/Features/CWE-114/AssemblyPathInjection.ql
+++ b/Features/CWE-114/AssemblyPathInjection.ql
@@ -21,7 +21,7 @@ import AssemblyPathInjection::PathGraph
 * A taint-tracking configuration for untrusted user input used to load a DLL.
 */
 module AssemblyPathInjectionConfig implements DataFlow::ConfigSig {
-  predicate isSource(DataFlow::Node source) { source instanceof ThreatModelFlowSource }
+  predicate isSource(DataFlow::Node source) { source instanceof ActiveThreatModelSource }

  predicate isSink(DataFlow::Node sink) {
    exists(MethodCall mc, string name, int arg |
--- a/Features/CWE-134/UncontrolledFormatString.ql
+++ b/Features/CWE-134/UncontrolledFormatString.ql
@@ -17,7 +17,7 @@ import semmle.code.csharp.frameworks.Format
 import FormatString::PathGraph

 module FormatStringConfig implements DataFlow::ConfigSig {
-  predicate isSource(DataFlow::Node source) { source instanceof ThreatModelFlowSource }
+  predicate isSource(DataFlow::Node source) { source instanceof ActiveThreatModelSource }

  predicate isSink(DataFlow::Node sink) {
    sink.asExpr() = any(FormatCall call | call.hasInsertions()).getFormatExpr()
--- a/csharp/ql/src/experimental/CWE-099/TaintedWebClientLib.qll
+++ b/csharp/ql/src/experimental/CWE-099/TaintedWebClientLib.qll
@@ -61,7 +61,7 @@ module TaintedWebClient = TaintTracking::Global<TaintedWebClientConfig>;
 deprecated class RemoteSource extends DataFlow::Node instanceof RemoteFlowSource { }

 /** A source supported by the current threat model. */
-class ThreatModelSource extends Source instanceof ThreatModelFlowSource { }
+class ThreatModelSource extends Source instanceof ActiveThreatModelSource { }

 /**
 * A path argument to a `WebClient` method call that has an address argument.
--- a/csharp/ql/src/experimental/CWE-918/RequestForgery.qll
+++ b/csharp/ql/src/experimental/CWE-918/RequestForgery.qll
@@ -60,7 +60,7 @@ module RequestForgery {
  /**
   * A dataflow source for Server Side Request Forgery(SSRF) Vulnerabilities.
   */
-  private class ThreatModelSource extends Source instanceof ThreatModelFlowSource { }
+  private class ThreatModelSource extends Source instanceof ActiveThreatModelSource { }

  /**
   * An url argument to a `HttpRequestMessage` constructor call
--- a/csharp/ql/test/library-tests/dataflow/flowsources/local/commandargs/CommandArgs.ql
+++ b/csharp/ql/test/library-tests/dataflow/flowsources/local/commandargs/CommandArgs.ql
@@ -2,5 +2,5 @@ import csharp
 import semmle.code.csharp.security.dataflow.flowsources.FlowSources

 from DataFlow::Node source
-where source instanceof ThreatModelFlowSource
+where source instanceof ActiveThreatModelSource
 select source
--- a/csharp/ql/test/library-tests/dataflow/flowsources/local/commandargs/CommandLineFlow.ql
+++ b/csharp/ql/test/library-tests/dataflow/flowsources/local/commandargs/CommandLineFlow.ql
@@ -2,7 +2,7 @@ import csharp
 import semmle.code.csharp.security.dataflow.flowsources.FlowSources

 module CommandLineFlowConfig implements DataFlow::ConfigSig {
-  predicate isSource(DataFlow::Node source) { source instanceof ThreatModelFlowSource }
+  predicate isSource(DataFlow::Node source) { source instanceof ActiveThreatModelSource }

  predicate isSink(DataFlow::Node sink) {
    exists(MethodCall mc | mc.getTarget().hasName("Sink") | sink.asExpr() = mc.getArgument(0))
--- a/csharp/ql/test/library-tests/dataflow/flowsources/local/registry/Registry.ql
+++ b/csharp/ql/test/library-tests/dataflow/flowsources/local/registry/Registry.ql
@@ -2,5 +2,5 @@ import csharp
 import semmle.code.csharp.security.dataflow.flowsources.FlowSources

 from DataFlow::Node source
-where source instanceof ThreatModelFlowSource
+where source instanceof ActiveThreatModelSource
 select source, source.(SourceNode).getThreatModel()
--- a/csharp/ql/test/library-tests/dataflow/flowsources/stored/database/dapper/DatabaseSources.ql
+++ b/csharp/ql/test/library-tests/dataflow/flowsources/stored/database/dapper/DatabaseSources.ql
@@ -4,7 +4,7 @@ import TestUtilities.InlineFlowTest
 import TaintFlowTest<DatabaseConfig>

 module DatabaseConfig implements DataFlow::ConfigSig {
-  predicate isSource(DataFlow::Node source) { source instanceof ThreatModelFlowSource }
+  predicate isSource(DataFlow::Node source) { source instanceof ActiveThreatModelSource }

  predicate isSink(DataFlow::Node sink) {
    exists(MethodCall mc | mc.getTarget().hasName("Sink") | sink.asExpr() = mc.getArgument(0))
--- a/csharp/ql/test/library-tests/dataflow/flowsources/stored/file/Files.ql
+++ b/csharp/ql/test/library-tests/dataflow/flowsources/stored/file/Files.ql
@@ -4,7 +4,7 @@ import TestUtilities.InlineFlowTest
 import TaintFlowTest<FilesConfig>

 module FilesConfig implements DataFlow::ConfigSig {
-  predicate isSource(DataFlow::Node source) { source instanceof ThreatModelFlowSource }
+  predicate isSource(DataFlow::Node source) { source instanceof ActiveThreatModelSource }

  predicate isSink(DataFlow::Node sink) {
    exists(MethodCall mc | mc.getTarget().hasName("Sink") | sink.asExpr() = mc.getArgument(0))
--- a/csharp/ql/test/library-tests/dataflow/threat-models/Test.qll
+++ b/csharp/ql/test/library-tests/dataflow/threat-models/Test.qll
@@ -4,7 +4,7 @@ private import semmle.code.csharp.dataflow.internal.ExternalFlow
 private import semmle.code.csharp.security.dataflow.flowsources.FlowSources

 private module ThreatModelConfig implements DataFlow::ConfigSig {
-  predicate isSource(DataFlow::Node source) { source instanceof ThreatModelFlowSource }
+  predicate isSource(DataFlow::Node source) { source instanceof ActiveThreatModelSource }

  predicate isSink(DataFlow::Node sink) { sinkNode(sink, _) }
 }
--- a/go/ql/lib/change-notes/2024-09-10-ActiveThreatModelSource.md
+++ b/go/ql/lib/change-notes/2024-09-10-ActiveThreatModelSource.md
@@ -0,0 +1,4 @@
+---
+category: deprecated
+---
+* The class `ThreatModelFlowSource` has been renamed to `ActiveThreatModelSource` to more clearly reflect it only contains the currently active threat model sources. `ThreatModelFlowSource` has been marked as deprecated.
--- a/go/ql/lib/semmle/go/security/CommandInjectionCustomizations.qll
+++ b/go/ql/lib/semmle/go/security/CommandInjectionCustomizations.qll
@@ -31,12 +31,12 @@ module CommandInjection {
  abstract class Sanitizer extends DataFlow::Node { }

  /**
-   * DEPRECATED: Use `ThreatModelFlowSource` or `Source` instead.
+   * DEPRECATED: Use `ActiveThreatModelSource` or `Source` instead.
   */
  deprecated class UntrustedFlowAsSource = ThreatModelFlowAsSource;

  /** A source of untrusted data, considered as a taint source for command injection. */
-  private class ThreatModelFlowAsSource extends Source instanceof ThreatModelFlowSource { }
+  private class ThreatModelFlowAsSource extends Source instanceof ActiveThreatModelSource { }

  /** A command name, considered as a taint sink for command injection. */
  class CommandNameAsSink extends Sink {
--- a/go/ql/lib/semmle/go/security/ExternalAPIs.qll
+++ b/go/ql/lib/semmle/go/security/ExternalAPIs.qll
@@ -183,24 +183,24 @@ class UnknownExternalApiDataNode extends ExternalApiDataNode {
 }

 private module UntrustedDataConfig implements DataFlow::ConfigSig {
-  predicate isSource(DataFlow::Node source) { source instanceof ThreatModelFlowSource }
+  predicate isSource(DataFlow::Node source) { source instanceof ActiveThreatModelSource }

  predicate isSink(DataFlow::Node sink) { sink instanceof ExternalApiDataNode }
 }

 /**
- * Tracks data flow from `ThreatModelFlowSource`s to `ExternalApiDataNode`s.
+ * Tracks data flow from `ActiveThreatModelSource`s to `ExternalApiDataNode`s.
 */
 module UntrustedDataToExternalApiFlow = DataFlow::Global<UntrustedDataConfig>;

 private module UntrustedDataToUnknownExternalApiConfig implements DataFlow::ConfigSig {
-  predicate isSource(DataFlow::Node source) { source instanceof ThreatModelFlowSource }
+  predicate isSource(DataFlow::Node source) { source instanceof ActiveThreatModelSource }

  predicate isSink(DataFlow::Node sink) { sink instanceof UnknownExternalApiDataNode }
 }

 /**
- * Tracks data flow from `ThreatModelFlowSource`s to `UnknownExternalApiDataNode`s.
+ * Tracks data flow from `ActiveThreatModelSource`s to `UnknownExternalApiDataNode`s.
 */
 module UntrustedDataToUnknownExternalApiFlow =
  DataFlow::Global<UntrustedDataToUnknownExternalApiConfig>;
--- a/go/ql/lib/semmle/go/security/FlowSources.qll
+++ b/go/ql/lib/semmle/go/security/FlowSources.qll
@@ -55,11 +55,18 @@ abstract class SourceNode extends DataFlow::Node {
 }

 /**
+ * DEPRECATED: Use `ActiveThreatModelSource` instead.
+ *
 * A class of data flow sources that respects the
 * current threat model configuration.
 */
-class ThreatModelFlowSource extends DataFlow::Node {
-  ThreatModelFlowSource() {
+deprecated class ThreatModelFlowSource = ActiveThreatModelSource;
+
+/**
+ * A data flow source that is enabled in the current threat model configuration.
+ */
+class ActiveThreatModelSource extends DataFlow::Node {
+  ActiveThreatModelSource() {
    exists(string kind |
      // Specific threat model.
      currentThreatModel(kind) and
--- a/go/ql/lib/semmle/go/security/LogInjectionCustomizations.qll
+++ b/go/ql/lib/semmle/go/security/LogInjectionCustomizations.qll
@@ -26,12 +26,12 @@ module LogInjection {
  abstract class Sanitizer extends DataFlow::Node { }

  /**
-   * DEPRECATED: Use `ThreatModelFlowSource` or `Source` instead.
+   * DEPRECATED: Use `ActiveThreatModelSource` or `Source` instead.
   */
  deprecated class UntrustedFlowAsSource = ThreatModelFlowAsSource;

  /** A source of untrusted data, considered as a taint source for log injection. */
-  private class ThreatModelFlowAsSource extends Source instanceof ThreatModelFlowSource { }
+  private class ThreatModelFlowAsSource extends Source instanceof ActiveThreatModelSource { }

  /** An argument to a logging mechanism. */
  class LoggerSink extends Sink {
--- a/go/ql/lib/semmle/go/security/MissingJwtSignatureCheckCustomizations.qll
+++ b/go/ql/lib/semmle/go/security/MissingJwtSignatureCheckCustomizations.qll
@@ -49,7 +49,7 @@ module MissingJwtSignatureCheck {
    }
  }

-  private class DefaultSource extends Source instanceof ThreatModelFlowSource { }
+  private class DefaultSource extends Source instanceof ActiveThreatModelSource { }

  private class DefaultSink extends Sink {
    DefaultSink() { sinkNode(this, "jwt") }
--- a/go/ql/lib/semmle/go/security/OpenUrlRedirectCustomizations.qll
+++ b/go/ql/lib/semmle/go/security/OpenUrlRedirectCustomizations.qll
@@ -43,14 +43,14 @@ module OpenUrlRedirect {
  }

  /**
-   * DEPRECATED: Use `ThreatModelFlowSource` or `Source` instead.
+   * DEPRECATED: Use `ActiveThreatModelSource` or `Source` instead.
   */
  deprecated class UntrustedFlowAsSource = ThreatModelFlowAsSource;

  /**
   * A source of third-party user input, considered as a flow source for URL redirects.
   */
-  private class ThreatModelFlowAsSource extends Source instanceof ThreatModelFlowSource {
+  private class ThreatModelFlowAsSource extends Source instanceof ActiveThreatModelSource {
    ThreatModelFlowAsSource() {
      // exclude some fields and methods of URLs that are generally not attacker-controllable for
      // open redirect exploits
--- a/go/ql/lib/semmle/go/security/ReflectedXssCustomizations.qll
+++ b/go/ql/lib/semmle/go/security/ReflectedXssCustomizations.qll
@@ -35,14 +35,14 @@ module ReflectedXss {
  }

  /**
-   * DEPRECATED: Use `ThreatModelFlowSource` or `Source` instead.
+   * DEPRECATED: Use `ActiveThreatModelSource` or `Source` instead.
   */
  deprecated class UntrustedFlowAsSource = ThreatModelFlowAsSource;

  /**
   * A third-party controllable input, considered as a flow source for reflected XSS.
   */
-  private class ThreatModelFlowAsSource extends Source instanceof ThreatModelFlowSource { }
+  private class ThreatModelFlowAsSource extends Source instanceof ActiveThreatModelSource { }

  /** An arbitrary XSS sink, considered as a flow sink for stored XSS. */
  private class AnySink extends Sink instanceof SharedXss::Sink { }
--- a/go/ql/lib/semmle/go/security/RequestForgeryCustomizations.qll
+++ b/go/ql/lib/semmle/go/security/RequestForgeryCustomizations.qll
@@ -34,14 +34,14 @@ module RequestForgery {
  abstract class SanitizerEdge extends DataFlow::Node { }

  /**
-   * DEPRECATED: Use `ThreatModelFlowSource` or `Source` instead.
+   * DEPRECATED: Use `ActiveThreatModelSource` or `Source` instead.
   */
  deprecated class UntrustedFlowAsSource = ThreatModelFlowAsSource;

  /**
   * A third-party controllable input, considered as a flow source for request forgery.
   */
-  private class ThreatModelFlowAsSource extends Source instanceof ThreatModelFlowSource { }
+  private class ThreatModelFlowAsSource extends Source instanceof ActiveThreatModelSource { }

  private class DefaultRequestForgerySink extends Sink {
    string kind;
--- a/go/ql/lib/semmle/go/security/SqlInjectionCustomizations.qll
+++ b/go/ql/lib/semmle/go/security/SqlInjectionCustomizations.qll
@@ -26,12 +26,12 @@ module SqlInjection {
  abstract class Sanitizer extends DataFlow::Node { }

  /**
-   * DEPRECATED: Use `ThreatModelFlowSource` or `Source` instead.
+   * DEPRECATED: Use `ActiveThreatModelSource` or `Source` instead.
   */
  deprecated class UntrustedFlowAsSource = ThreatModelFlowAsSource;

  /** A source of untrusted data, considered as a taint source for SQL injection. */
-  private class ThreatModelFlowAsSource extends Source instanceof ThreatModelFlowSource { }
+  private class ThreatModelFlowAsSource extends Source instanceof ActiveThreatModelSource { }

  /** An SQL string, considered as a taint sink for SQL injection. */
  class SqlQueryAsSink extends Sink instanceof SQL::QueryString { }
--- a/go/ql/lib/semmle/go/security/TaintedPathCustomizations.qll
+++ b/go/ql/lib/semmle/go/security/TaintedPathCustomizations.qll
@@ -45,12 +45,12 @@ module TaintedPath {
  }

  /**
-   * DEPRECATED: Use `ThreatModelFlowSource` or `Source` instead.
+   * DEPRECATED: Use `ActiveThreatModelSource` or `Source` instead.
   */
  deprecated class UntrustedFlowAsSource = ThreatModelFlowAsSource;

  /** A source of untrusted data, considered as a taint source for path traversal. */
-  private class ThreatModelFlowAsSource extends Source instanceof ThreatModelFlowSource { }
+  private class ThreatModelFlowAsSource extends Source instanceof ActiveThreatModelSource { }

  /** A path expression, considered as a taint sink for path traversal. */
  class PathAsSink extends Sink {
--- a/go/ql/lib/semmle/go/security/UncontrolledAllocationSizeCustomizations.qll
+++ b/go/ql/lib/semmle/go/security/UncontrolledAllocationSizeCustomizations.qll
@@ -21,7 +21,7 @@ module UncontrolledAllocationSize {
  abstract class Sanitizer extends DataFlow::Node { }

  /** A source of untrusted data, considered as a taint source for uncontrolled size allocation vulnerabilities. */
-  private class ThreatModelFlowAsSource extends Source instanceof ThreatModelFlowSource { }
+  private class ThreatModelFlowAsSource extends Source instanceof ActiveThreatModelSource { }

  /** The size argument of a memory allocation function. */
  private class AllocationSizeAsSink extends Sink instanceof AllocationSizeOverflow::AllocationSize {
--- a/go/ql/lib/semmle/go/security/XPathInjectionCustomizations.qll
+++ b/go/ql/lib/semmle/go/security/XPathInjectionCustomizations.qll
@@ -25,12 +25,12 @@ module XPathInjection {
  abstract class Sanitizer extends DataFlow::ExprNode { }

  /**
-   * DEPRECATED: Use `ThreatModelFlowSource` or `Source` instead.
+   * DEPRECATED: Use `ActiveThreatModelSource` or `Source` instead.
   */
  deprecated class UntrustedFlowAsSource = ThreatModelFlowAsSource;

  /** A source of untrusted data, used in an XPath expression. */
-  private class ThreatModelFlowAsSource extends Source instanceof ThreatModelFlowSource { }
+  private class ThreatModelFlowAsSource extends Source instanceof ActiveThreatModelSource { }

  /** An XPath expression string, considered as a taint sink for XPath injection. */
  class XPathExpressionStringAsSink extends Sink instanceof XPath::XPathExpressionString { }
--- a/go/ql/src/Security/CWE-640/EmailInjectionCustomizations.qll
+++ b/go/ql/src/Security/CWE-640/EmailInjectionCustomizations.qll
@@ -17,12 +17,12 @@ module EmailInjection {
  abstract class Sink extends DataFlow::Node { }

  /**
-   * DEPRECATED: Use `ThreatModelFlowSource` or `Source` instead.
+   * DEPRECATED: Use `ActiveThreatModelSource` or `Source` instead.
   */
  deprecated class UntrustedFlowSourceAsSource = ThreatModelFlowAsSource;

  /** A source of untrusted data, considered as a taint source for email injection. */
-  private class ThreatModelFlowAsSource extends Source instanceof ThreatModelFlowSource { }
+  private class ThreatModelFlowAsSource extends Source instanceof ActiveThreatModelSource { }

  /**
   * A data-flow node that becomes part of an email considered as a taint sink for email injection.
--- a/go/ql/src/experimental/CWE-090/LDAPInjection.qll
+++ b/go/ql/src/experimental/CWE-090/LDAPInjection.qll
@@ -98,13 +98,13 @@ private class LdapClientDNSink extends LdapSink {
 /**
 * DEPRECATED: Use `LdapInjectionFlow` instead.
 *
- * A taint-tracking configuration for reasoning about when a `ThreatModelFlowSource`
+ * A taint-tracking configuration for reasoning about when a `ActiveThreatModelSource`
 * flows into an argument or field that is vulnerable to LDAP injection.
 */
 deprecated class LdapInjectionConfiguration extends TaintTracking::Configuration {
  LdapInjectionConfiguration() { this = "Ldap injection" }

-  override predicate isSource(DataFlow::Node source) { source instanceof ThreatModelFlowSource }
+  override predicate isSource(DataFlow::Node source) { source instanceof ActiveThreatModelSource }

  override predicate isSink(DataFlow::Node sink) { sink instanceof LdapSink }

@@ -112,7 +112,7 @@ deprecated class LdapInjectionConfiguration extends TaintTracking::Configuration
 }

 private module LdapInjectionConfig implements DataFlow::ConfigSig {
-  predicate isSource(DataFlow::Node source) { source instanceof ThreatModelFlowSource }
+  predicate isSource(DataFlow::Node source) { source instanceof ActiveThreatModelSource }

  predicate isSink(DataFlow::Node sink) { sink instanceof LdapSink }

@@ -120,7 +120,7 @@ private module LdapInjectionConfig implements DataFlow::ConfigSig {
 }

 /**
- * Tracks taint flow for reasoning about when a `ThreatModelFlowSource` flows
+ * Tracks taint flow for reasoning about when a `ActiveThreatModelSource` flows
 * into an argument or field that is vulnerable to LDAP injection.
 */
 module LdapInjectionFlow = TaintTracking::Global<LdapInjectionConfig>;
--- a/go/ql/src/experimental/CWE-203/Timing.ql
+++ b/go/ql/src/experimental/CWE-203/Timing.ql
@@ -98,7 +98,7 @@ private class SensitiveStringSink extends Sink {

 module Config implements DataFlow::ConfigSig {
  predicate isSource(DataFlow::Node source) {
-    source instanceof ThreatModelFlowSource and not isBadResult(source)
+    source instanceof ActiveThreatModelSource and not isBadResult(source)
  }

  predicate isSink(DataFlow::Node sink) { sink instanceof Sink and not isBadResult(sink) }
--- a/go/ql/src/experimental/CWE-287/ImproperLdapAuthCustomizations.qll
+++ b/go/ql/src/experimental/CWE-287/ImproperLdapAuthCustomizations.qll
@@ -68,7 +68,7 @@ module ImproperLdapAuth {

  private module Config implements DataFlow::ConfigSig {
    predicate isSource(DataFlow::Node source) {
-      source instanceof ThreatModelFlowSource or source instanceof EmptyString
+      source instanceof ActiveThreatModelSource or source instanceof EmptyString
    }

    predicate isSink(DataFlow::Node sink) { sink instanceof LdapAuthSink }
--- a/go/ql/src/experimental/CWE-369/DivideByZero.ql
+++ b/go/ql/src/experimental/CWE-369/DivideByZero.ql
@@ -28,7 +28,7 @@ predicate divideByZeroSanitizerGuard(DataFlow::Node g, Expr e, boolean branch) {
 }

 module Config implements DataFlow::ConfigSig {
-  predicate isSource(DataFlow::Node source) { source instanceof ThreatModelFlowSource }
+  predicate isSource(DataFlow::Node source) { source instanceof ActiveThreatModelSource }

  predicate isAdditionalFlowStep(DataFlow::Node node1, DataFlow::Node node2) {
    exists(Function f, DataFlow::CallNode cn | cn = f.getACall() |
--- a/go/ql/src/experimental/CWE-74/DsnInjection.ql
+++ b/go/ql/src/experimental/CWE-74/DsnInjection.ql
@@ -14,7 +14,7 @@ import DsnInjectionCustomizations
 import DsnInjectionFlow::PathGraph

 /** A remote flow source taken as a source for the `DsnInjection` taint-flow configuration. */
-private class ThreatModelFlowAsSource extends Source instanceof ThreatModelFlowSource { }
+private class ThreatModelFlowAsSource extends Source instanceof ActiveThreatModelSource { }

 from DsnInjectionFlow::PathNode source, DsnInjectionFlow::PathNode sink
 where DsnInjectionFlow::flowPath(source, sink)
--- a/go/ql/src/experimental/CWE-79/HTMLTemplateEscapingPassthrough.ql
+++ b/go/ql/src/experimental/CWE-79/HTMLTemplateEscapingPassthrough.ql
@@ -36,7 +36,7 @@ class PassthroughTypeName extends string {
 }

 module UntrustedToPassthroughTypeConversionConfig implements DataFlow::ConfigSig {
-  predicate isSource(DataFlow::Node source) { source instanceof ThreatModelFlowSource }
+  predicate isSource(DataFlow::Node source) { source instanceof ActiveThreatModelSource }

  additional predicate isSinkToPassthroughType(DataFlow::TypeCastNode sink, PassthroughTypeName name) {
    exists(Type typ |
@@ -53,7 +53,7 @@ module UntrustedToPassthroughTypeConversionConfig implements DataFlow::ConfigSig
 }

 /**
- * Tracks taint flow for reasoning about when a `ThreatModelFlowSource` is
+ * Tracks taint flow for reasoning about when a `ActiveThreatModelSource` is
 * converted into a special "passthrough" type which will not be escaped by the
 * template generator; this allows the injection of arbitrary content (html,
 * css, js) into the generated output of the templates.
@@ -109,13 +109,13 @@ predicate isSinkToTemplateExec(DataFlow::Node sink, DataFlow::CallNode call) {
 }

 module FromUntrustedToTemplateExecutionCallConfig implements DataFlow::ConfigSig {
-  predicate isSource(DataFlow::Node source) { source instanceof ThreatModelFlowSource }
+  predicate isSource(DataFlow::Node source) { source instanceof ActiveThreatModelSource }

  predicate isSink(DataFlow::Node sink) { isSinkToTemplateExec(sink, _) }
 }

 /**
- * Tracks taint flow from a `ThreatModelFlowSource` into a template executor
+ * Tracks taint flow from a `ActiveThreatModelSource` into a template executor
 * call.
 */
 module FromUntrustedToTemplateExecutionCallFlow =
--- a/go/ql/src/experimental/CWE-807/SensitiveConditionBypass.qll
+++ b/go/ql/src/experimental/CWE-807/SensitiveConditionBypass.qll
@@ -52,7 +52,7 @@ deprecated class Configuration extends TaintTracking::Configuration {
  Configuration() { this = "Condtional Expression Check Bypass" }

  override predicate isSource(DataFlow::Node source) {
-    source instanceof ThreatModelFlowSource
+    source instanceof ActiveThreatModelSource
    or
    exists(DataFlow::FieldReadNode f |
      f.getField().hasQualifiedName("net/http", "Request", "Host")
@@ -71,7 +71,7 @@ deprecated class Configuration extends TaintTracking::Configuration {

 private module Config implements DataFlow::ConfigSig {
  predicate isSource(DataFlow::Node source) {
-    source instanceof ThreatModelFlowSource
+    source instanceof ActiveThreatModelSource
    or
    exists(DataFlow::FieldReadNode f |
      f.getField().hasQualifiedName("net/http", "Request", "Host")
--- a/go/ql/src/experimental/CWE-840/ConditionalBypass.ql
+++ b/go/ql/src/experimental/CWE-840/ConditionalBypass.ql
@@ -14,7 +14,7 @@ import go

 module Config implements DataFlow::ConfigSig {
  predicate isSource(DataFlow::Node source) {
-    source instanceof ThreatModelFlowSource
+    source instanceof ActiveThreatModelSource
    or
    source = any(Field f | f.hasQualifiedName("net/http", "Request", "Host")).getARead()
  }
--- a/go/ql/src/experimental/CWE-918/SSRF.qll
+++ b/go/ql/src/experimental/CWE-918/SSRF.qll
@@ -87,14 +87,14 @@ module ServerSideRequestForgery {
  abstract class SanitizerEdge extends DataFlow::Node { }

  /**
-   * DEPRECATED: Use `ThreatModelFlowSource` or `Source` instead.
+   * DEPRECATED: Use `ActiveThreatModelSource` or `Source` instead.
   */
  deprecated class UntrustedFlowAsSource = ThreatModelFlowAsSource;

  /**
   * An user controlled input, considered as a flow source for request forgery.
   */
-  private class ThreatModelFlowAsSource extends Source instanceof ThreatModelFlowSource { }
+  private class ThreatModelFlowAsSource extends Source instanceof ActiveThreatModelSource { }

  /**
   * The URL of an HTTP request, viewed as a sink for request forgery.
--- a/go/ql/src/experimental/CWE-942/CorsMisconfiguration.ql
+++ b/go/ql/src/experimental/CWE-942/CorsMisconfiguration.ql
@@ -52,7 +52,7 @@ class AllowCredentialsHeaderWrite extends Http::HeaderWrite {
 }

 module UntrustedToAllowOriginHeaderConfig implements DataFlow::ConfigSig {
-  predicate isSource(DataFlow::Node source) { source instanceof ThreatModelFlowSource }
+  predicate isSource(DataFlow::Node source) { source instanceof ActiveThreatModelSource }

  additional predicate isSinkHW(DataFlow::Node sink, AllowOriginHeaderWrite hw) {
    sink = hw.getValue()
@@ -70,7 +70,7 @@ module UntrustedToAllowOriginHeaderConfig implements DataFlow::ConfigSig {
 }

 module UntrustedToAllowOriginConfigConfig implements DataFlow::ConfigSig {
-  predicate isSource(DataFlow::Node source) { source instanceof ThreatModelFlowSource }
+  predicate isSource(DataFlow::Node source) { source instanceof ActiveThreatModelSource }

  additional predicate isSinkWrite(DataFlow::Node sink, GinCors::AllowOriginsWrite w) { sink = w }

@@ -78,13 +78,13 @@ module UntrustedToAllowOriginConfigConfig implements DataFlow::ConfigSig {
 }

 /**
- * Tracks taint flowfor reasoning about when a `ThreatModelFlowSource` flows to
+ * Tracks taint flowfor reasoning about when a `ActiveThreatModelSource` flows to
 * a `HeaderWrite` that writes an `Access-Control-Allow-Origin` header's value.
 */
 module UntrustedToAllowOriginHeaderFlow = TaintTracking::Global<UntrustedToAllowOriginHeaderConfig>;

 /**
- * Tracks taint flowfor reasoning about when a `ThreatModelFlowSource` flows to
+ * Tracks taint flowfor reasoning about when a `ActiveThreatModelSource` flows to
 * a `AllowOriginsWrite` that writes an `Access-Control-Allow-Origin` header's value.
 */
 module UntrustedToAllowOriginConfigFlow = TaintTracking::Global<UntrustedToAllowOriginConfigConfig>;
@@ -121,7 +121,7 @@ predicate allowCredentialsIsSetToTrue(DataFlow::ExprNode allowOriginHW) {

 /**
 * Holds if the provided `allowOriginHW` HeaderWrite's value is set using an
- * ThreatModelFlowSource.
+ * ActiveThreatModelSource.
 * The `message` parameter is populated with the warning message to be returned by the query.
 */
 predicate flowsFromUntrustedToAllowOrigin(DataFlow::ExprNode allowOriginHW, string message) {
@@ -169,7 +169,7 @@ class MapRead extends DataFlow::ElementReadNode {
 }

 module FromUntrustedConfig implements DataFlow::ConfigSig {
-  predicate isSource(DataFlow::Node source) { source instanceof ThreatModelFlowSource }
+  predicate isSource(DataFlow::Node source) { source instanceof ActiveThreatModelSource }

  predicate isSink(DataFlow::Node sink) { isSinkCgn(sink, _) }

@@ -208,13 +208,13 @@ module FromUntrustedConfig implements DataFlow::ConfigSig {
 }

 /**
- * Tracks taint flow for reasoning about when a `ThreatModelFlowSource` flows
+ * Tracks taint flow for reasoning about when a `ActiveThreatModelSource` flows
 * somewhere.
 */
 module FromUntrustedFlow = TaintTracking::Global<FromUntrustedConfig>;

 /**
- * Holds if the provided `allowOriginHW` is also destination of a `ThreatModelFlowSource`.
+ * Holds if the provided `allowOriginHW` is also destination of a `ActiveThreatModelSource`.
 */
 predicate flowsToGuardedByCheckOnUntrusted(DataFlow::ExprNode allowOriginHW) {
  exists(DataFlow::Node sink, ControlFlow::ConditionGuardNode cgn |
--- a/go/ql/src/experimental/frameworks/DecompressionBombs.qll
+++ b/go/ql/src/experimental/frameworks/DecompressionBombs.qll
@@ -29,7 +29,7 @@ module DecompressionBomb {
    class FlowState = DecompressionBombs::FlowState;

    predicate isSource(DataFlow::Node source, FlowState state) {
-      source instanceof ThreatModelFlowSource and
+      source instanceof ActiveThreatModelSource and
      state = ""
    }

--- a/go/ql/test/library-tests/semmle/go/dataflow/ThreatModels/Test.qll
+++ b/go/ql/test/library-tests/semmle/go/dataflow/ThreatModels/Test.qll
@@ -4,7 +4,7 @@ private import semmle.go.dataflow.ExternalFlow
 private import semmle.go.dataflow.DataFlow

 private module ThreatModelConfig implements DataFlow::ConfigSig {
-  predicate isSource(DataFlow::Node source) { source instanceof ThreatModelFlowSource }
+  predicate isSource(DataFlow::Node source) { source instanceof ActiveThreatModelSource }

  predicate isSink(DataFlow::Node sink) {
    sink = any(DataFlow::CallNode c | c.getTarget().getName() = "sink").getAnArgument()
--- a/go/ql/test/library-tests/semmle/go/dataflow/flowsources/local/environment/test.ql
+++ b/go/ql/test/library-tests/semmle/go/dataflow/flowsources/local/environment/test.ql
@@ -6,7 +6,7 @@ module SourceTest implements TestSig {
  string getARelevantTag() { result = "source" }

  predicate hasActualResult(Location location, string element, string tag, string value) {
-    exists(ThreatModelFlowSource s |
+    exists(ActiveThreatModelSource s |
      s.hasLocationInfo(location.getFile().getAbsolutePath(), location.getStartLine(),
        location.getStartColumn(), location.getEndLine(), location.getEndColumn()) and
      element = s.toString() and
--- a/go/ql/test/library-tests/semmle/go/dataflow/flowsources/local/file/test.ql
+++ b/go/ql/test/library-tests/semmle/go/dataflow/flowsources/local/file/test.ql
@@ -6,7 +6,7 @@ module SourceTest implements TestSig {
  string getARelevantTag() { result = "source" }

  predicate hasActualResult(Location location, string element, string tag, string value) {
-    exists(ThreatModelFlowSource s |
+    exists(ActiveThreatModelSource s |
      s.hasLocationInfo(location.getFile().getAbsolutePath(), location.getStartLine(),
        location.getStartColumn(), location.getEndLine(), location.getEndColumn()) and
      element = s.toString() and
--- a/java/ql/lib/change-notes/2024-09-10-ActiveThreatModelSource.md
+++ b/java/ql/lib/change-notes/2024-09-10-ActiveThreatModelSource.md
@@ -0,0 +1,4 @@
+---
+category: deprecated
+---
+* The class `ThreatModelFlowSource` has been renamed to `ActiveThreatModelSource` to more clearly reflect it only contains the currently active threat model sources. `ThreatModelFlowSource` has been marked as deprecated.
--- a/java/ql/lib/semmle/code/java/dataflow/FlowSources.qll
+++ b/java/ql/lib/semmle/code/java/dataflow/FlowSources.qll
@@ -42,11 +42,18 @@ abstract class SourceNode extends DataFlow::Node {
 }

 /**
+ * DEPRECATED: Use `ActiveThreatModelSource` instead.
+ *
 * A class of data flow sources that respects the
 * current threat model configuration.
 */
-class ThreatModelFlowSource extends DataFlow::Node {
-  ThreatModelFlowSource() {
+deprecated class ThreatModelFlowSource = ActiveThreatModelSource;
+
+/**
+ * A data flow source that is enabled in the current threat model configuration.
+ */
+class ActiveThreatModelSource extends DataFlow::Node {
+  ActiveThreatModelSource() {
    exists(string kind |
      // Specific threat model.
      currentThreatModel(kind) and
@@ -195,7 +202,7 @@ abstract class LocalUserInput extends UserInput {

 /**
 * DEPRECATED: Use the threat models feature.
- * That is, use `ThreatModelFlowSource` as the class of nodes for sources
+ * That is, use `ActiveThreatModelSource` as the class of nodes for sources
 * and set up the threat model configuration to filter source nodes.
 * Alternatively, use `getThreatModel` to filter nodes to create the
 * class of nodes you need.
@@ -266,7 +273,7 @@ private class FileInput extends LocalUserInput {

 /**
 * DEPRECATED: Use the threat models feature.
- * That is, use `ThreatModelFlowSource` as the class of nodes for sources
+ * That is, use `ActiveThreatModelSource` as the class of nodes for sources
 * and set up the threat model configuration to filter source nodes.
 * Alternatively, use `getThreatModel` to filter nodes to create the
 * class of nodes you need.
--- a/java/ql/lib/semmle/code/java/dataflow/internal/TaintTrackingUtil.qll
+++ b/java/ql/lib/semmle/code/java/dataflow/internal/TaintTrackingUtil.qll
@@ -640,7 +640,7 @@ private MethodCall callReturningSameType(Expr ref) {
 }

 private SrcRefType entrypointType() {
-  exists(ThreatModelFlowSource s, RefType t |
+  exists(ActiveThreatModelSource s, RefType t |
    s instanceof DataFlow::ExplicitParameterNode and
    t = pragma[only_bind_out](s).getType() and
    not t instanceof TypeObject and
--- a/java/ql/lib/semmle/code/java/security/AndroidIntentRedirectionQuery.qll
+++ b/java/ql/lib/semmle/code/java/security/AndroidIntentRedirectionQuery.qll
@@ -9,7 +9,7 @@ import semmle.code.java.security.AndroidIntentRedirection

 /** A taint tracking configuration for tainted Intents being used to start Android components. */
 module IntentRedirectionConfig implements DataFlow::ConfigSig {
-  predicate isSource(DataFlow::Node source) { source instanceof ThreatModelFlowSource }
+  predicate isSource(DataFlow::Node source) { source instanceof ActiveThreatModelSource }

  predicate isSink(DataFlow::Node sink) { sink instanceof IntentRedirectionSink }

@@ -38,7 +38,7 @@ private class OriginalIntentSanitizer extends IntentRedirectionSanitizer {
 * flowing directly to sinks that start Android components.
 */
 private module SameIntentBeingRelaunchedConfig implements DataFlow::ConfigSig {
-  predicate isSource(DataFlow::Node source) { source instanceof ThreatModelFlowSource }
+  predicate isSource(DataFlow::Node source) { source instanceof ActiveThreatModelSource }

  predicate isSink(DataFlow::Node sink) { sink instanceof IntentRedirectionSink }

@@ -74,7 +74,7 @@ private class IntentWithTaintedComponent extends DataFlow::Node {
 * A taint tracking configuration for tainted data flowing to an `Intent`'s component.
 */
 private module TaintedIntentComponentConfig implements DataFlow::ConfigSig {
-  predicate isSource(DataFlow::Node source) { source instanceof ThreatModelFlowSource }
+  predicate isSource(DataFlow::Node source) { source instanceof ActiveThreatModelSource }

  predicate isSink(DataFlow::Node sink) {
    any(IntentSetComponent setComponent).getSink() = sink.asExpr()
--- a/java/ql/lib/semmle/code/java/security/ArbitraryApkInstallation.qll
+++ b/java/ql/lib/semmle/code/java/security/ArbitraryApkInstallation.qll
@@ -75,7 +75,7 @@ class ExternalApkSource extends ApiSourceNode {
    sourceNode(this, "android-external-storage-dir") or
    this.asExpr().(MethodCall).getMethod() instanceof UriConstructorMethod or
    this.asExpr().(StringLiteral).getValue().matches("file://%") or
-    this instanceof ThreatModelFlowSource
+    this instanceof ActiveThreatModelSource
  }
 }

--- a/java/ql/lib/semmle/code/java/security/ArithmeticTaintedQuery.qll
+++ b/java/ql/lib/semmle/code/java/security/ArithmeticTaintedQuery.qll
@@ -6,7 +6,7 @@ private import semmle.code.java.security.ArithmeticCommon

 /** A taint-tracking configuration to reason about overflow from unvalidated input. */
 module ArithmeticOverflowConfig implements DataFlow::ConfigSig {
-  predicate isSource(DataFlow::Node source) { source instanceof ThreatModelFlowSource }
+  predicate isSource(DataFlow::Node source) { source instanceof ActiveThreatModelSource }

  predicate isSink(DataFlow::Node sink) { overflowSink(_, sink.asExpr()) }

@@ -22,7 +22,7 @@ deprecated module RemoteUserInputOverflowConfig = ArithmeticOverflowConfig;

 /** A taint-tracking configuration to reason about underflow from unvalidated input. */
 module ArithmeticUnderflowConfig implements DataFlow::ConfigSig {
-  predicate isSource(DataFlow::Node source) { source instanceof ThreatModelFlowSource }
+  predicate isSource(DataFlow::Node source) { source instanceof ActiveThreatModelSource }

  predicate isSink(DataFlow::Node sink) { underflowSink(_, sink.asExpr()) }

--- a/java/ql/lib/semmle/code/java/security/CommandLineQuery.qll
+++ b/java/ql/lib/semmle/code/java/security/CommandLineQuery.qll
@@ -49,7 +49,7 @@ private class DefaultCommandInjectionSanitizer extends CommandInjectionSanitizer
 * A taint-tracking configuration for unvalidated user input that is used to run an external process.
 */
 module InputToArgumentToExecFlowConfig implements DataFlow::ConfigSig {
-  predicate isSource(DataFlow::Node src) { src instanceof ThreatModelFlowSource }
+  predicate isSource(DataFlow::Node src) { src instanceof ActiveThreatModelSource }

  predicate isSink(DataFlow::Node sink) { sink instanceof CommandInjectionSink }

--- a/java/ql/lib/semmle/code/java/security/ConditionalBypassQuery.qll
+++ b/java/ql/lib/semmle/code/java/security/ConditionalBypassQuery.qll
@@ -40,7 +40,7 @@ private predicate endsWithStep(DataFlow::Node node1, DataFlow::Node node2) {
 * A taint tracking configuration for untrusted data flowing to sensitive conditions.
 */
 module ConditionalBypassFlowConfig implements DataFlow::ConfigSig {
-  predicate isSource(DataFlow::Node source) { source instanceof ThreatModelFlowSource }
+  predicate isSource(DataFlow::Node source) { source instanceof ActiveThreatModelSource }

  predicate isSink(DataFlow::Node sink) { conditionControlsMethod(_, sink.asExpr()) }

--- a/java/ql/lib/semmle/code/java/security/ExternalAPIs.qll
+++ b/java/ql/lib/semmle/code/java/security/ExternalAPIs.qll
@@ -93,10 +93,10 @@ class ExternalApiDataNode extends DataFlow::Node {
 }

 /**
- * Taint tracking configuration for flow from `ThreatModelFlowSource`s to `ExternalApiDataNode`s.
+ * Taint tracking configuration for flow from `ActiveThreatModelSource`s to `ExternalApiDataNode`s.
 */
 module UntrustedDataToExternalApiConfig implements DataFlow::ConfigSig {
-  predicate isSource(DataFlow::Node source) { source instanceof ThreatModelFlowSource }
+  predicate isSource(DataFlow::Node source) { source instanceof ActiveThreatModelSource }

  predicate isSink(DataFlow::Node sink) { sink instanceof ExternalApiDataNode }
 }
--- a/java/ql/lib/semmle/code/java/security/ExternallyControlledFormatStringQuery.qll
+++ b/java/ql/lib/semmle/code/java/security/ExternallyControlledFormatStringQuery.qll
@@ -16,7 +16,7 @@ private class StringFormatSink extends ApiSinkNode {
 * A taint-tracking configuration for externally controlled format string vulnerabilities.
 */
 module ExternallyControlledFormatStringConfig implements DataFlow::ConfigSig {
-  predicate isSource(DataFlow::Node source) { source instanceof ThreatModelFlowSource }
+  predicate isSource(DataFlow::Node source) { source instanceof ActiveThreatModelSource }

  predicate isSink(DataFlow::Node sink) { sink instanceof StringFormatSink }

--- a/java/ql/lib/semmle/code/java/security/FragmentInjectionQuery.qll
+++ b/java/ql/lib/semmle/code/java/security/FragmentInjectionQuery.qll
@@ -10,7 +10,7 @@ import semmle.code.java.security.FragmentInjection
 * that is used to create Android fragments dynamically.
 */
 module FragmentInjectionTaintConfig implements DataFlow::ConfigSig {
-  predicate isSource(DataFlow::Node source) { source instanceof ThreatModelFlowSource }
+  predicate isSource(DataFlow::Node source) { source instanceof ActiveThreatModelSource }

  predicate isSink(DataFlow::Node sink) { sink instanceof FragmentInjectionSink }

--- a/java/ql/lib/semmle/code/java/security/GroovyInjectionQuery.qll
+++ b/java/ql/lib/semmle/code/java/security/GroovyInjectionQuery.qll
@@ -10,7 +10,7 @@ import semmle.code.java.security.GroovyInjection
 * that is used to evaluate a Groovy expression.
 */
 module GroovyInjectionConfig implements DataFlow::ConfigSig {
-  predicate isSource(DataFlow::Node source) { source instanceof ThreatModelFlowSource }
+  predicate isSource(DataFlow::Node source) { source instanceof ActiveThreatModelSource }

  predicate isSink(DataFlow::Node sink) { sink instanceof GroovyInjectionSink }

--- a/java/ql/lib/semmle/code/java/security/ImproperValidationOfArrayConstructionQuery.qll
+++ b/java/ql/lib/semmle/code/java/security/ImproperValidationOfArrayConstructionQuery.qll
@@ -9,7 +9,7 @@ private import semmle.code.java.dataflow.FlowSources
 * user-provided size used for array construction.
 */
 module ImproperValidationOfArrayConstructionConfig implements DataFlow::ConfigSig {
-  predicate isSource(DataFlow::Node source) { source instanceof ThreatModelFlowSource }
+  predicate isSource(DataFlow::Node source) { source instanceof ActiveThreatModelSource }

  predicate isSink(DataFlow::Node sink) {
    any(CheckableArrayAccess caa).canThrowOutOfBoundsDueToEmptyArray(sink.asExpr(), _)
--- a/java/ql/lib/semmle/code/java/security/ImproperValidationOfArrayIndexQuery.qll
+++ b/java/ql/lib/semmle/code/java/security/ImproperValidationOfArrayIndexQuery.qll
@@ -9,7 +9,7 @@ private import semmle.code.java.dataflow.FlowSources
 * of user-provided array index.
 */
 module ImproperValidationOfArrayIndexConfig implements DataFlow::ConfigSig {
-  predicate isSource(DataFlow::Node source) { source instanceof ThreatModelFlowSource }
+  predicate isSource(DataFlow::Node source) { source instanceof ActiveThreatModelSource }

  predicate isSink(DataFlow::Node sink) {
    any(CheckableArrayAccess caa).canThrowOutOfBounds(sink.asExpr())
--- a/java/ql/lib/semmle/code/java/security/InsecureBeanValidationQuery.qll
+++ b/java/ql/lib/semmle/code/java/security/InsecureBeanValidationQuery.qll
@@ -46,7 +46,7 @@ class SetMessageInterpolatorCall extends MethodCall {
 * to the argument of a method that builds constraint error messages.
 */
 module BeanValidationConfig implements DataFlow::ConfigSig {
-  predicate isSource(DataFlow::Node source) { source instanceof ThreatModelFlowSource }
+  predicate isSource(DataFlow::Node source) { source instanceof ActiveThreatModelSource }

  predicate isSink(DataFlow::Node sink) { sink instanceof BeanValidationSink }

--- a/java/ql/lib/semmle/code/java/security/IntentUriPermissionManipulationQuery.qll
+++ b/java/ql/lib/semmle/code/java/security/IntentUriPermissionManipulationQuery.qll
@@ -12,7 +12,7 @@ private import IntentUriPermissionManipulation
 * A taint tracking configuration for user-provided Intents being returned to third party apps.
 */
 module IntentUriPermissionManipulationConfig implements DataFlow::ConfigSig {
-  predicate isSource(DataFlow::Node source) { source instanceof ThreatModelFlowSource }
+  predicate isSource(DataFlow::Node source) { source instanceof ActiveThreatModelSource }

  predicate isSink(DataFlow::Node sink) { sink instanceof IntentUriPermissionManipulationSink }

--- a/java/ql/lib/semmle/code/java/security/JexlInjectionQuery.qll
+++ b/java/ql/lib/semmle/code/java/security/JexlInjectionQuery.qll
@@ -44,7 +44,7 @@ private class DefaultJexlInjectionAdditionalTaintStep extends JexlInjectionAddit
 * It supports both JEXL 2 and 3.
 */
 module JexlInjectionConfig implements DataFlow::ConfigSig {
-  predicate isSource(DataFlow::Node source) { source instanceof ThreatModelFlowSource }
+  predicate isSource(DataFlow::Node source) { source instanceof ActiveThreatModelSource }

  predicate isSink(DataFlow::Node sink) { sink instanceof JexlEvaluationSink }

--- a/java/ql/lib/semmle/code/java/security/JndiInjectionQuery.qll
+++ b/java/ql/lib/semmle/code/java/security/JndiInjectionQuery.qll
@@ -11,7 +11,7 @@ private import semmle.code.java.security.Sanitizers
 * A taint-tracking configuration for unvalidated user input that is used in JNDI lookup.
 */
 module JndiInjectionFlowConfig implements DataFlow::ConfigSig {
-  predicate isSource(DataFlow::Node source) { source instanceof ThreatModelFlowSource }
+  predicate isSource(DataFlow::Node source) { source instanceof ActiveThreatModelSource }

  predicate isSink(DataFlow::Node sink) { sink instanceof JndiInjectionSink }

--- a/java/ql/lib/semmle/code/java/security/LdapInjectionQuery.qll
+++ b/java/ql/lib/semmle/code/java/security/LdapInjectionQuery.qll
@@ -8,7 +8,7 @@ import semmle.code.java.security.LdapInjection
 * A taint-tracking configuration for unvalidated user input that is used to construct LDAP queries.
 */
 module LdapInjectionFlowConfig implements DataFlow::ConfigSig {
-  predicate isSource(DataFlow::Node source) { source instanceof ThreatModelFlowSource }
+  predicate isSource(DataFlow::Node source) { source instanceof ActiveThreatModelSource }

  predicate isSink(DataFlow::Node sink) { sink instanceof LdapInjectionSink }

--- a/java/ql/lib/semmle/code/java/security/LogInjectionQuery.qll
+++ b/java/ql/lib/semmle/code/java/security/LogInjectionQuery.qll
@@ -8,7 +8,7 @@ import semmle.code.java.security.LogInjection
 * A taint-tracking configuration for tracking untrusted user input used in log entries.
 */
 module LogInjectionConfig implements DataFlow::ConfigSig {
-  predicate isSource(DataFlow::Node source) { source instanceof ThreatModelFlowSource }
+  predicate isSource(DataFlow::Node source) { source instanceof ActiveThreatModelSource }

  predicate isSink(DataFlow::Node sink) { sink instanceof LogInjectionSink }

--- a/java/ql/lib/semmle/code/java/security/MvelInjectionQuery.qll
+++ b/java/ql/lib/semmle/code/java/security/MvelInjectionQuery.qll
@@ -10,7 +10,7 @@ import semmle.code.java.security.MvelInjection
 * that is used to construct and evaluate a MVEL expression.
 */
 module MvelInjectionFlowConfig implements DataFlow::ConfigSig {
-  predicate isSource(DataFlow::Node source) { source instanceof ThreatModelFlowSource }
+  predicate isSource(DataFlow::Node source) { source instanceof ActiveThreatModelSource }

  predicate isSink(DataFlow::Node sink) { sink instanceof MvelEvaluationSink }

--- a/java/ql/lib/semmle/code/java/security/NumericCastTaintedQuery.qll
+++ b/java/ql/lib/semmle/code/java/security/NumericCastTaintedQuery.qll
@@ -85,7 +85,7 @@ private predicate smallExpr(Expr e) {
 * numeric cast.
 */
 module NumericCastFlowConfig implements DataFlow::ConfigSig {
-  predicate isSource(DataFlow::Node src) { src instanceof ThreatModelFlowSource }
+  predicate isSource(DataFlow::Node src) { src instanceof ActiveThreatModelSource }

  predicate isSink(DataFlow::Node sink) {
    sink.asExpr() = any(NumericNarrowingCastExpr cast).getExpr() and
--- a/java/ql/lib/semmle/code/java/security/OgnlInjectionQuery.qll
+++ b/java/ql/lib/semmle/code/java/security/OgnlInjectionQuery.qll
@@ -9,7 +9,7 @@ private import semmle.code.java.security.Sanitizers
 * A taint-tracking configuration for unvalidated user input that is used in OGNL EL evaluation.
 */
 module OgnlInjectionFlowConfig implements DataFlow::ConfigSig {
-  predicate isSource(DataFlow::Node source) { source instanceof ThreatModelFlowSource }
+  predicate isSource(DataFlow::Node source) { source instanceof ActiveThreatModelSource }

  predicate isSink(DataFlow::Node sink) { sink instanceof OgnlInjectionSink }

--- a/java/ql/lib/semmle/code/java/security/PartialPathTraversalQuery.qll
+++ b/java/ql/lib/semmle/code/java/security/PartialPathTraversalQuery.qll
@@ -12,7 +12,7 @@ import semmle.code.java.dataflow.FlowSources
 * and remains vulnerable to Partial Path Traversal.
 */
 module PartialPathTraversalFromRemoteConfig implements DataFlow::ConfigSig {
-  predicate isSource(DataFlow::Node node) { node instanceof ThreatModelFlowSource }
+  predicate isSource(DataFlow::Node node) { node instanceof ActiveThreatModelSource }

  predicate isSink(DataFlow::Node node) {
    any(PartialPathTraversalMethodCall ma).getQualifier() = node.asExpr()
--- a/java/ql/lib/semmle/code/java/security/RequestForgeryConfig.qll
+++ b/java/ql/lib/semmle/code/java/security/RequestForgeryConfig.qll
@@ -12,7 +12,7 @@ import semmle.code.java.security.RequestForgery
 */
 module RequestForgeryConfig implements DataFlow::ConfigSig {
  predicate isSource(DataFlow::Node source) {
-    source instanceof ThreatModelFlowSource and
+    source instanceof ActiveThreatModelSource and
    // Exclude results of remote HTTP requests: fetching something else based on that result
    // is no worse than following a redirect returned by the remote server, and typically
    // we're requesting a resource via https which we trust to only send us to safe URLs.
--- a/java/ql/lib/semmle/code/java/security/ResponseSplittingQuery.qll
+++ b/java/ql/lib/semmle/code/java/security/ResponseSplittingQuery.qll
@@ -10,7 +10,7 @@ import semmle.code.java.security.ResponseSplitting
 */
 module ResponseSplittingConfig implements DataFlow::ConfigSig {
  predicate isSource(DataFlow::Node source) {
-    source instanceof ThreatModelFlowSource and
+    source instanceof ActiveThreatModelSource and
    not source instanceof SafeHeaderSplittingSource
  }

--- a/java/ql/lib/semmle/code/java/security/SensitiveResultReceiverQuery.qll
+++ b/java/ql/lib/semmle/code/java/security/SensitiveResultReceiverQuery.qll
@@ -19,7 +19,7 @@ private class ResultReceiverSendCall extends MethodCall {
 }

 private module UntrustedResultReceiverConfig implements DataFlow::ConfigSig {
-  predicate isSource(DataFlow::Node node) { node instanceof ThreatModelFlowSource }
+  predicate isSource(DataFlow::Node node) { node instanceof ActiveThreatModelSource }

  predicate isSink(DataFlow::Node node) {
    node.asExpr() = any(ResultReceiverSendCall c).getReceiver()
--- a/java/ql/lib/semmle/code/java/security/SpelInjectionQuery.qll
+++ b/java/ql/lib/semmle/code/java/security/SpelInjectionQuery.qll
@@ -11,7 +11,7 @@ private import semmle.code.java.security.SpelInjection
 * that is used to construct and evaluate a SpEL expression.
 */
 module SpelInjectionConfig implements DataFlow::ConfigSig {
-  predicate isSource(DataFlow::Node source) { source instanceof ThreatModelFlowSource }
+  predicate isSource(DataFlow::Node source) { source instanceof ActiveThreatModelSource }

  predicate isSink(DataFlow::Node sink) { sink instanceof SpelExpressionEvaluationSink }

--- a/java/ql/lib/semmle/code/java/security/SqlInjectionQuery.qll
+++ b/java/ql/lib/semmle/code/java/security/SqlInjectionQuery.qll
@@ -15,7 +15,7 @@ import semmle.code.java.security.QueryInjection
 * A taint-tracking configuration for unvalidated user input that is used in SQL queries.
 */
 module QueryInjectionFlowConfig implements DataFlow::ConfigSig {
-  predicate isSource(DataFlow::Node src) { src instanceof ThreatModelFlowSource }
+  predicate isSource(DataFlow::Node src) { src instanceof ActiveThreatModelSource }

  predicate isSink(DataFlow::Node sink) { sink instanceof QueryInjectionSink }

--- a/java/ql/lib/semmle/code/java/security/TaintedEnvironmentVariableQuery.qll
+++ b/java/ql/lib/semmle/code/java/security/TaintedEnvironmentVariableQuery.qll
@@ -26,7 +26,7 @@ abstract class ExecTaintedEnvironmentSanitizer extends DataFlow::Node { }
 * A taint-tracking configuration that tracks flow from unvalidated data to an environment variable for a subprocess.
 */
 module ExecTaintedEnvironmentConfig implements DataFlow::ConfigSig {
-  predicate isSource(DataFlow::Node source) { source instanceof ThreatModelFlowSource }
+  predicate isSource(DataFlow::Node source) { source instanceof ActiveThreatModelSource }

  predicate isBarrier(DataFlow::Node barrier) { barrier instanceof ExecTaintedEnvironmentSanitizer }

--- a/java/ql/lib/semmle/code/java/security/TaintedPathQuery.qll
+++ b/java/ql/lib/semmle/code/java/security/TaintedPathQuery.qll
@@ -60,7 +60,7 @@ private class TaintPreservingUriCtorParam extends Parameter {
 * A taint-tracking configuration for tracking flow from remote sources to the creation of a path.
 */
 module TaintedPathConfig implements DataFlow::ConfigSig {
-  predicate isSource(DataFlow::Node source) { source instanceof ThreatModelFlowSource }
+  predicate isSource(DataFlow::Node source) { source instanceof ActiveThreatModelSource }

  predicate isSink(DataFlow::Node sink) { sink instanceof TaintedPathSink }

--- a/java/ql/lib/semmle/code/java/security/TaintedPermissionsCheckQuery.qll
+++ b/java/ql/lib/semmle/code/java/security/TaintedPermissionsCheckQuery.qll
@@ -54,7 +54,7 @@ private class WildCardPermissionConstruction extends ClassInstanceExpr, Permissi
 * A configuration for tracking flow from user input to a permissions check.
 */
 module TaintedPermissionsCheckFlowConfig implements DataFlow::ConfigSig {
-  predicate isSource(DataFlow::Node source) { source instanceof ThreatModelFlowSource }
+  predicate isSource(DataFlow::Node source) { source instanceof ActiveThreatModelSource }

  predicate isSink(DataFlow::Node sink) {
    sink.asExpr() = any(PermissionsConstruction p).getInput()
--- a/java/ql/lib/semmle/code/java/security/TemplateInjection.qll
+++ b/java/ql/lib/semmle/code/java/security/TemplateInjection.qll
@@ -83,7 +83,7 @@ abstract deprecated class TemplateInjectionSanitizerWithState extends DataFlow::
  abstract deprecated predicate hasState(DataFlow::FlowState state);
 }

-private class DefaultTemplateInjectionSource extends TemplateInjectionSource instanceof ThreatModelFlowSource
+private class DefaultTemplateInjectionSource extends TemplateInjectionSource instanceof ActiveThreatModelSource
 { }

 private class DefaultTemplateInjectionSink extends TemplateInjectionSink {
--- a/java/ql/lib/semmle/code/java/security/TrustBoundaryViolationQuery.qll
+++ b/java/ql/lib/semmle/code/java/security/TrustBoundaryViolationQuery.qll
@@ -13,7 +13,7 @@ private import semmle.code.java.security.Sanitizers
 */
 abstract class TrustBoundaryViolationSource extends DataFlow::Node { }

-private class ThreatModelSource extends TrustBoundaryViolationSource instanceof ThreatModelFlowSource
+private class ThreatModelSource extends TrustBoundaryViolationSource instanceof ActiveThreatModelSource
 { }

 /**
--- a/java/ql/lib/semmle/code/java/security/UnsafeAndroidAccessQuery.qll
+++ b/java/ql/lib/semmle/code/java/security/UnsafeAndroidAccessQuery.qll
@@ -10,7 +10,7 @@ import semmle.code.java.security.UnsafeAndroidAccess
 * A taint configuration tracking flow from untrusted inputs to a resource fetching call.
 */
 module FetchUntrustedResourceConfig implements DataFlow::ConfigSig {
-  predicate isSource(DataFlow::Node source) { source instanceof ThreatModelFlowSource }
+  predicate isSource(DataFlow::Node source) { source instanceof ActiveThreatModelSource }

  predicate isSink(DataFlow::Node sink) { sink instanceof UrlResourceSink }

--- a/java/ql/lib/semmle/code/java/security/UnsafeContentUriResolutionQuery.qll
+++ b/java/ql/lib/semmle/code/java/security/UnsafeContentUriResolutionQuery.qll
@@ -9,7 +9,7 @@ import semmle.code.java.security.UnsafeContentUriResolution
 * A taint-tracking configuration to find paths from remote sources to content URI resolutions.
 */
 module UnsafeContentResolutionConfig implements DataFlow::ConfigSig {
-  predicate isSource(DataFlow::Node src) { src instanceof ThreatModelFlowSource }
+  predicate isSource(DataFlow::Node src) { src instanceof ActiveThreatModelSource }

  predicate isSink(DataFlow::Node sink) { sink instanceof ContentUriResolutionSink }

--- a/java/ql/lib/semmle/code/java/security/UnsafeDeserializationQuery.qll
+++ b/java/ql/lib/semmle/code/java/security/UnsafeDeserializationQuery.qll
@@ -316,7 +316,7 @@ private predicate isUnsafeDeserializationTaintStep(DataFlow::Node pred, DataFlow

 /** Tracks flows from remote user input to a deserialization sink. */
 private module UnsafeDeserializationConfig implements DataFlow::ConfigSig {
-  predicate isSource(DataFlow::Node source) { source instanceof ThreatModelFlowSource }
+  predicate isSource(DataFlow::Node source) { source instanceof ActiveThreatModelSource }

  predicate isSink(DataFlow::Node sink) { sink instanceof UnsafeDeserializationSink }

@@ -418,7 +418,7 @@ private predicate isUnsafeTypeAdditionalTaintStep(DataFlow::Node fromNode, DataF
 * If this is user-controlled, arbitrary code could be executed while instantiating the user-specified type.
 */
 module UnsafeTypeConfig implements DataFlow::ConfigSig {
-  predicate isSource(DataFlow::Node src) { src instanceof ThreatModelFlowSource }
+  predicate isSource(DataFlow::Node src) { src instanceof ActiveThreatModelSource }

  predicate isSink(DataFlow::Node sink) { sink instanceof UnsafeTypeSink }

--- a/java/ql/lib/semmle/code/java/security/UrlForwardQuery.qll
+++ b/java/ql/lib/semmle/code/java/security/UrlForwardQuery.qll
@@ -178,7 +178,7 @@ private class FullyDecodesUrlBarrier extends DataFlow::Node {
 */
 module UrlForwardFlowConfig implements DataFlow::ConfigSig {
  predicate isSource(DataFlow::Node source) {
-    source instanceof ThreatModelFlowSource and
+    source instanceof ActiveThreatModelSource and
    // excluded due to FPs
    not exists(MethodCall mc, Method m |
      m instanceof HttpServletRequestGetRequestUriMethod or
--- a/java/ql/lib/semmle/code/java/security/UrlRedirectQuery.qll
+++ b/java/ql/lib/semmle/code/java/security/UrlRedirectQuery.qll
@@ -8,7 +8,7 @@ private import semmle.code.java.security.UrlRedirect
 * A taint-tracking configuration for reasoning about URL redirections.
 */
 module UrlRedirectConfig implements DataFlow::ConfigSig {
-  predicate isSource(DataFlow::Node source) { source instanceof ThreatModelFlowSource }
+  predicate isSource(DataFlow::Node source) { source instanceof ActiveThreatModelSource }

  predicate isSink(DataFlow::Node sink) { sink instanceof UrlRedirectSink }

--- a/java/ql/lib/semmle/code/java/security/XPathInjectionQuery.qll
+++ b/java/ql/lib/semmle/code/java/security/XPathInjectionQuery.qll
@@ -9,7 +9,7 @@ private import semmle.code.java.security.XPath
 * A taint-tracking configuration for reasoning about XPath injection vulnerabilities.
 */
 module XPathInjectionConfig implements DataFlow::ConfigSig {
-  predicate isSource(DataFlow::Node source) { source instanceof ThreatModelFlowSource }
+  predicate isSource(DataFlow::Node source) { source instanceof ActiveThreatModelSource }

  predicate isSink(DataFlow::Node sink) { sink instanceof XPathInjectionSink }

--- a/java/ql/lib/semmle/code/java/security/XsltInjectionQuery.qll
+++ b/java/ql/lib/semmle/code/java/security/XsltInjectionQuery.qll
@@ -11,7 +11,7 @@ private import semmle.code.java.security.Sanitizers
 * A taint-tracking configuration for unvalidated user input that is used in XSLT transformation.
 */
 module XsltInjectionFlowConfig implements DataFlow::ConfigSig {
-  predicate isSource(DataFlow::Node source) { source instanceof ThreatModelFlowSource }
+  predicate isSource(DataFlow::Node source) { source instanceof ActiveThreatModelSource }

  predicate isSink(DataFlow::Node sink) { sink instanceof XsltInjectionSink }

--- a/Show More
+++ b/Show More