This would improve the human readability of the threat model JSON and would be backward compatible.
I think it would also be easier for newcomers to the schema to understand, as the intro documentation can first present the idea of specifying a list of criteria and then present the option of using criteria-groups if required.
This would improve the human readability of the threat model JSON and would be backward compatible.
I think it would also be easier for newcomers to the schema to understand, as the intro documentation can first present the idea of specifying a list of criteria and then present the option of using criteria-groups if required.