Weekly github digest (WebAppSec specs)

Issues
------
* w3c/webappsec (+0/-0/💬2)
  1 issues received 2 new comments:
  - #449 [SRI] Support signatures/asymm key  (2 by lrvick, devd)
    https://github.com/w3c/webappsec/issues/449 [SRI] 

* w3c/webappsec-csp (+1/-3/💬8)
  1 issues created:
  - Should Workers inherit CSP directives from the parent context? (by bakulf)
    https://github.com/w3c/webappsec-csp/issues/336 

  2 issues received 8 new comments:
  - #336 Should Workers inherit CSP directives from the parent context? (7 by annevk, mikewest, bakulf, wanderview)
    https://github.com/w3c/webappsec-csp/issues/336 
  - #7 CSP: connect-src 'self' and websockets (1 by emilfihlman)
    https://github.com/w3c/webappsec-csp/issues/7 [CSP] 

  3 issues closed:
  - Add [Exposed] to all interfaces https://github.com/w3c/webappsec-csp/issues/237 
  - Documents are not global objects https://github.com/w3c/webappsec-csp/issues/208 
  - script-src chapter should mention worker-src https://github.com/w3c/webappsec-csp/issues/234 

* w3c/webappsec-mixed-content (+0/-0/💬1)
  1 issues received 1 new comments:
  - #15 Move "Mixed Content" to PR. (1 by mikewest)
    https://github.com/w3c/webappsec-mixed-content/issues/15 



Pull requests
-------------
* w3c/webappsec-csp (+3/-4/💬4)
  3 pull requests submitted:
  - Added [Exposed] to the SecurityPolicyViolationEvent interface (by andypaicu)
    https://github.com/w3c/webappsec-csp/pull/338 
  - Using the correct directive name when reproting violations (by andypaicu)
    https://github.com/w3c/webappsec-csp/pull/337 
  - Specified worker-src in script-src description (by andypaicu)
    https://github.com/w3c/webappsec-csp/pull/335 

  3 pull requests received 4 new comments:
  - #334 Remove the ISSUE that states that CSP lists are missing from workers (2 by annevk, andypaicu)
    https://github.com/w3c/webappsec-csp/pull/334 
  - #329 Various bikeshed warnings and errors (1 by andypaicu)
    https://github.com/w3c/webappsec-csp/pull/329 
  - #335 Specified worker-src in script-src description (1 by andypaicu)
    https://github.com/w3c/webappsec-csp/pull/335 

  4 pull requests merged:
  - Added [Exposed] to the SecurityPolicyViolationEvent interface
    https://github.com/w3c/webappsec-csp/pull/338 
  - Various bikeshed warnings and errors
    https://github.com/w3c/webappsec-csp/pull/329 
  - Cleanup of global object/document usage
    https://github.com/w3c/webappsec-csp/pull/333 
  - Specified worker-src in script-src description
    https://github.com/w3c/webappsec-csp/pull/335 


Repositories tracked by this digest:
-----------------------------------
* https://github.com/w3c/webappsec
* https://github.com/w3c/webappsec-subresource-integrity
* https://github.com/w3c/webappsec-csp
* https://github.com/w3c/webappsec-mixed-content
* https://github.com/w3c/webappsec-upgrade-insecure-requests
* https://github.com/w3c/webappsec-credential-management
* https://github.com/w3c/permissions
* https://github.com/w3c/webappsec-referrer-policy
* https://github.com/w3c/webappsec-secure-contexts
* https://github.com/w3c/webappsec-clear-site-data
* https://github.com/w3c/webappsec-cowl
* https://github.com/w3c/webappsec-epr
* https://github.com/w3c/webappsec-suborigins

Received on Monday, 24 September 2018 17:00:14 UTC