From a686e6bc879d94a7705c736cb7f8bfe68bdd25fe Mon Sep 17 00:00:00 2001
From: GeekMasher <geekmasher@gmail.com>
Date: Tue, 3 Jun 2025 16:55:07 +0100
Subject: [PATCH] feat: Add Client Response Threat Model and update JS Clients

---
 .../change-notes/2025-06-03-client-response-threatmodel.md    | 4 ++++
 .../ql/lib/semmle/javascript/frameworks/ClientRequests.qll    | 2 +-
 .../change-notes/2025-06-03-client-response-threatmodel.md    | 4 ++++
 shared/threat-models/ext/threat-model-grouping.model.yml      | 2 ++
 4 files changed, 11 insertions(+), 1 deletion(-)
 create mode 100644 javascript/ql/lib/change-notes/2025-06-03-client-response-threatmodel.md
 create mode 100644 shared/threat-models/change-notes/2025-06-03-client-response-threatmodel.md

diff --git a/javascript/ql/lib/change-notes/2025-06-03-client-response-threatmodel.md b/javascript/ql/lib/change-notes/2025-06-03-client-response-threatmodel.md
new file mode 100644
index 000000000000..fdf6687d1652
--- /dev/null
+++ b/javascript/ql/lib/change-notes/2025-06-03-client-response-threatmodel.md
@@ -0,0 +1,4 @@
+---
+category: minorAnalysis
+---
+* Added support for ClientRequest being part of the `client-response` threat model versus part of `response` threat model.
diff --git a/javascript/ql/lib/semmle/javascript/frameworks/ClientRequests.qll b/javascript/ql/lib/semmle/javascript/frameworks/ClientRequests.qll
index 673bdf2de33f..5426a054a1ab 100644
--- a/javascript/ql/lib/semmle/javascript/frameworks/ClientRequests.qll
+++ b/javascript/ql/lib/semmle/javascript/frameworks/ClientRequests.qll
@@ -947,7 +947,7 @@ module ClientRequest {
   private class ClientRequestThreatModel extends ThreatModelSource::Range {
     ClientRequestThreatModel() { this = any(ClientRequest r).getAResponseDataNode() }
 
-    override string getThreatModel() { result = "response" }
+    override string getThreatModel() { result = "client-response" }
 
     override string getSourceType() { result = "HTTP response data" }
   }
diff --git a/shared/threat-models/change-notes/2025-06-03-client-response-threatmodel.md b/shared/threat-models/change-notes/2025-06-03-client-response-threatmodel.md
new file mode 100644
index 000000000000..4a456d2cd46f
--- /dev/null
+++ b/shared/threat-models/change-notes/2025-06-03-client-response-threatmodel.md
@@ -0,0 +1,4 @@
+---
+category: minorAnalysis
+---
+* Add support for `client-response` threat model.
diff --git a/shared/threat-models/ext/threat-model-grouping.model.yml b/shared/threat-models/ext/threat-model-grouping.model.yml
index 1c8229b81f6a..755f9614e1d6 100644
--- a/shared/threat-models/ext/threat-model-grouping.model.yml
+++ b/shared/threat-models/ext/threat-model-grouping.model.yml
@@ -18,6 +18,8 @@ extensions:
       - ["stdin", "local"]
       - ["file", "local"]
       - ["windows-registry", "local"]
+      # Client-side threat models for request responses.
+      - ["client-response", "local"]
 
       # Android threat models
       - ["android-external-storage-dir", "android"]