From 4009acfaea7c37b8feb7a49613fa46bc2dc44226 Mon Sep 17 00:00:00 2001
From: Michael Nebel <michaelnebel@github.com>
Date: Mon, 8 May 2023 11:36:08 +0200
Subject: [PATCH] Java: Minor cleanup in threat model grouping.

---
 java/ql/lib/ext/threat-grouping.model.yml | 15 ++++++++++-----
 1 file changed, 10 insertions(+), 5 deletions(-)

diff --git a/java/ql/lib/ext/threat-grouping.model.yml b/java/ql/lib/ext/threat-grouping.model.yml
index 7b2d8fdb141..4f9f09fdac2 100644
--- a/java/ql/lib/ext/threat-grouping.model.yml
+++ b/java/ql/lib/ext/threat-grouping.model.yml
@@ -41,15 +41,20 @@ extensions:
       pack: codeql/java-all
       extensible: threatModelGrouping
     data:
+      # Default
+      - ["remote", "default"]
+      - ["request", "remote"]
+      - ["response", "remote"]
+
+      # Local
+      - ["database", "local"]
+
+      # Android
       - ["android-widget", "android"]
       - ["android-external-storage-dir", "android"]
       - ["contentprovider", "android"]
-      - ["request", "remote"]
-      - ["response", "remote"]
-      - ["database", "local"]
-      # - ["remote", "default"]
 
-      # Not sure if these should really go in the default threat model, but we need them for tests to pass
+      # Not sure where we should put these in the hierarchy, so they are commented out for now.
       # - ["android-external-storage-dir", "default"]
       # - ["contentprovider", "default"]
       # - ["android-widget", "default"]