Weekly github digest (WebAppSec specs) from W3C Webmaster via GitHub API on 2021-04-26 (public-webappsec@w3.org from April 2021)

From: W3C Webmaster via GitHub API <sysbot+gh@w3.org>
Date: Mon, 26 Apr 2021 17:00:31 +0000
To: public-webappsec@w3.org
Message-Id: <E1lb4b1-0007Jx-Am@uranus.w3.org>
Issues
------
* w3c/webappsec-csp (+2/-0/💬2)
  2 issues created:
  - Should navigational checks apply to javascript: navigations? (by antosart)
    https://github.com/w3c/webappsec-csp/issues/491 
  - Mention deprecation of plugin-types in CSP3? (by Elchi3)
    https://github.com/w3c/webappsec-csp/issues/490 

  2 issues received 2 new comments:
  - #491 Should navigational checks apply to javascript: navigations? (1 by antosart)
    https://github.com/w3c/webappsec-csp/issues/491 
  - #490 Mention deprecation of plugin-types in CSP3? (1 by annevk)
    https://github.com/w3c/webappsec-csp/issues/490 

* w3c/permissions (+5/-1/💬6)
  5 issues created:
  - Add "payment" permission (by marcoscaceres)
    https://github.com/w3c/permissions/issues/239 
  - PermissionStatus should have a `name` (by marcoscaceres)
    https://github.com/w3c/permissions/issues/237 
  - Add "web-share" to PermissionName? (by saschanaz)
    https://github.com/w3c/permissions/issues/236 
  - Should we SecureContext the API (by marcoscaceres)
    https://github.com/w3c/permissions/issues/235 
  - previousResult not really stored anywhere (by marcoscaceres)
    https://github.com/w3c/permissions/issues/234 

  3 issues received 6 new comments:
  - #235 Should we SecureContext the API (3 by clelland, jyasskin, marcoscaceres)
    https://github.com/w3c/permissions/issues/235 
  - #234 previousResult not really stored anywhere (2 by jyasskin, marcoscaceres)
    https://github.com/w3c/permissions/issues/234 
  - #230 The "prompt" permission state maps poorly across browsers (1 by marcoscaceres)
    https://github.com/w3c/permissions/issues/230 

  1 issues closed:
  - Should we SecureContext the API https://github.com/w3c/permissions/issues/235 

* w3c/webappsec-secure-contexts (+1/-1/💬0)
  1 issues created:
  - baa35ca351d0 (by VChernomYA)
    https://github.com/w3c/webappsec-secure-contexts/issues/88 

  1 issues closed:
  - baa35ca351d0 https://github.com/w3c/webappsec-secure-contexts/issues/88 

* w3c/webappsec-permissions-policy (+1/-1/💬10)
  1 issues created:
  - Fix typo in permissions policy explainer (by endormi)
    https://github.com/w3c/webappsec-permissions-policy/issues/422 

  1 issues received 10 new comments:
  - #401 Permissions Policy JS API (10 by annevk, clelland, craigfrancis)
    https://github.com/w3c/webappsec-permissions-policy/issues/401 

  1 issues closed:
  - Fix typo in permissions policy explainer https://github.com/w3c/webappsec-permissions-policy/issues/422 

* w3c/webappsec-trusted-types (+0/-0/💬4)
  2 issues received 4 new comments:
  - #295 Access the source/file that is using the 'default' policy (2 by Siegrift, koto)
    https://github.com/w3c/webappsec-trusted-types/issues/295 
  - #47 Put safeguards around attribute nodes (2 by bathos, koto)
    https://github.com/w3c/webappsec-trusted-types/issues/47 [security] [spec] 



Pull requests
-------------
* w3c/webappsec (+1/-0/💬8)
  1 pull requests submitted:
  - Widen scope of Permission API (by marcoscaceres)
    https://github.com/w3c/webappsec/pull/579 

  3 pull requests received 8 new comments:
  - #579 Widen scope of Permission API (5 by VChernomYA, clelland, marcoscaceres, mikewest)
    https://github.com/w3c/webappsec/pull/579 
  - #559 Make redirect for SRI spec include fragment ID (1 by VChernomYA)
    https://github.com/w3c/webappsec/pull/559 
  - #509 Improving preventDefault implementation (2 by VChernomYA)
    https://github.com/w3c/webappsec/pull/509 

* w3c/webappsec-credential-management (+0/-0/💬1)
  1 pull requests received 1 new comments:
  - #155 Add "conditional mediation" (1 by equalsJeffH)
    https://github.com/w3c/webappsec-credential-management/pull/155 [CREDENTIAL] [enhancement] 

* w3c/permissions (+1/-1/💬4)
  1 pull requests submitted:
  - Editorial: cleanup (by marcoscaceres)
    https://github.com/w3c/permissions/pull/238 

  3 pull requests received 4 new comments:
  - #225 Use media device permission revocation algorithm. (1 by marcoscaceres)
    https://github.com/w3c/permissions/pull/225 
  - #222 Remove clipboard-read (1 by marcoscaceres)
    https://github.com/w3c/permissions/pull/222 
  - #200 Add Gamepad permission (2 by marcoscaceres)
    https://github.com/w3c/permissions/pull/200 

  1 pull requests merged:
  - Remove clipboard-read from PermissionName
    https://github.com/w3c/permissions/pull/228 

* w3c/webappsec-secure-contexts (+1/-1/💬5)
  1 pull requests submitted:
  - Fix typo "it’s creator" (by fred-wang)
    https://github.com/w3c/webappsec-secure-contexts/pull/87 

  1 pull requests received 5 new comments:
  - #87 Fix typo "it’s creator" (5 by annevk, fred-wang, w3cbot)
    https://github.com/w3c/webappsec-secure-contexts/pull/87 

  1 pull requests merged:
  - Fix typo "it’s creator"
    https://github.com/w3c/webappsec-secure-contexts/pull/87 

* w3c/webappsec-permissions-policy (+1/-1/💬2)
  1 pull requests submitted:
  - Correct text in permissions policy explainer (example 1) (by endormi)
    https://github.com/w3c/webappsec-permissions-policy/pull/421 

  1 pull requests received 2 new comments:
  - #421 Correct text in permissions policy explainer (example 1) (2 by marcoscaceres, w3cbot)
    https://github.com/w3c/webappsec-permissions-policy/pull/421 

  1 pull requests merged:
  - Correct text in permissions policy explainer (example 1)
    https://github.com/w3c/webappsec-permissions-policy/pull/421 


Repositories tracked by this digest:
-----------------------------------
* https://github.com/w3c/webappsec
* https://github.com/w3c/webappsec-subresource-integrity
* https://github.com/w3c/webappsec-csp
* https://github.com/w3c/webappsec-mixed-content
* https://github.com/w3c/webappsec-upgrade-insecure-requests
* https://github.com/w3c/webappsec-credential-management
* https://github.com/w3c/permissions
* https://github.com/w3c/webappsec-referrer-policy
* https://github.com/w3c/webappsec-secure-contexts
* https://github.com/w3c/webappsec-clear-site-data
* https://github.com/w3c/webappsec-cowl
* https://github.com/w3c/webappsec-epr
* https://github.com/w3c/webappsec-suborigins
* https://github.com/w3c/webappsec-cspee
* https://github.com/w3c/webappsec-permissions-policy
* https://github.com/w3c/webappsec-fetch-metadata
* https://github.com/w3c/webappsec-trusted-types
* https://github.com/w3c/webappsec-change-password-url
* https://github.com/w3c/webappsec-post-spectre-webdev


-- 
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Monday, 26 April 2021 17:00:34 UTC