W3C home > Mailing lists > Public > public-webappsec@w3.org > May 2021

Weekly github digest (WebAppSec specs)

From: W3C Webmaster via GitHub API <sysbot+gh@w3.org>
Date: Mon, 10 May 2021 17:00:30 +0000
To: public-webappsec@w3.org
Message-Id: <E1lg9Gg-00053A-Ix@uranus.w3.org>



Issues
------
* w3c/webappsec (+0/-0/💬3)
  2 issues received 3 new comments:
  - #580 Concerns with moving to living standard model (1 by wseltzer)
    https://github.com/w3c/webappsec/issues/580 
  - #578 Web Applications should not have internet access by default (2 by abflow, samuelweiler)
    https://github.com/w3c/webappsec/issues/578 

* w3c/webappsec-csp (+0/-0/💬1)
  1 issues received 1 new comments:
  - #492 Using csp attribute to prevent all networking out of the srcdoc iframe (1 by dveditz)
    https://github.com/w3c/webappsec-csp/issues/492 

* w3c/webappsec-secure-contexts (+0/-0/💬1)
  1 issues received 1 new comments:
  - #81 about:blank" or "about:srcdoc" with query string or fragment should be potentially trustworthy (1 by annevk)
    https://github.com/w3c/webappsec-secure-contexts/issues/81 



Pull requests
-------------
* w3c/webappsec (+2/-3/💬1)
  2 pull requests submitted:
  - Remove .travis.yml file (by sideshowbarker)
    https://github.com/w3c/webappsec/pull/582 
  - allow going to rec; require 2x intent to implement (by samuelweiler)
    https://github.com/w3c/webappsec/pull/581 

  1 pull requests received 1 new comments:
  - #579 Widen scope of Permission API (1 by samuelweiler)
    https://github.com/w3c/webappsec/pull/579 

  3 pull requests merged:
  - Remove .travis.yml file
    https://github.com/w3c/webappsec/pull/582 
  - Make redirect for SRI spec include fragment ID
    https://github.com/w3c/webappsec/pull/559 
  - Widen scope of Permission API
    https://github.com/w3c/webappsec/pull/579 

* w3c/webappsec-csp (+2/-2/💬3)
  2 pull requests submitted:
  - Use request's policy container for checks (by antosart)
    https://github.com/w3c/webappsec-csp/pull/494 
  - Remove response check (by antosart)
    https://github.com/w3c/webappsec-csp/pull/493 

  3 pull requests received 3 new comments:
  - #494 Use request's policy container for checks (1 by antosart)
    https://github.com/w3c/webappsec-csp/pull/494 
  - #493 Remove response check (1 by antosart)
    https://github.com/w3c/webappsec-csp/pull/493 
  - #482 Adapt to the policy container (1 by antosart)
    https://github.com/w3c/webappsec-csp/pull/482 

  2 pull requests merged:
  - Remove response check
    https://github.com/w3c/webappsec-csp/pull/493 
  - Adapt to the policy container
    https://github.com/w3c/webappsec-csp/pull/482 

* w3c/webappsec-referrer-policy (+0/-1/💬0)
  1 pull requests merged:
  - Editorial: Fix HTML markup conformance error
    https://github.com/w3c/webappsec-referrer-policy/pull/151 

* w3c/webappsec-permissions-policy (+1/-0/💬0)
  1 pull requests submitted:
  - Add window-placement to features.md (by quisquous)
    https://github.com/w3c/webappsec-permissions-policy/pull/424 

* w3c/webappsec-trusted-types (+1/-0/💬0)
  1 pull requests submitted:
  - Bump hosted-git-info from 2.7.1 to 2.8.9 (by dependabot)
    https://github.com/w3c/webappsec-trusted-types/pull/339 


Repositories tracked by this digest:
-----------------------------------
* https://github.com/w3c/webappsec
* https://github.com/w3c/webappsec-subresource-integrity
* https://github.com/w3c/webappsec-csp
* https://github.com/w3c/webappsec-mixed-content
* https://github.com/w3c/webappsec-upgrade-insecure-requests
* https://github.com/w3c/webappsec-credential-management
* https://github.com/w3c/permissions
* https://github.com/w3c/webappsec-referrer-policy
* https://github.com/w3c/webappsec-secure-contexts
* https://github.com/w3c/webappsec-clear-site-data
* https://github.com/w3c/webappsec-cowl
* https://github.com/w3c/webappsec-epr
* https://github.com/w3c/webappsec-suborigins
* https://github.com/w3c/webappsec-cspee
* https://github.com/w3c/webappsec-permissions-policy
* https://github.com/w3c/webappsec-fetch-metadata
* https://github.com/w3c/webappsec-trusted-types
* https://github.com/w3c/webappsec-change-password-url
* https://github.com/w3c/webappsec-post-spectre-webdev


-- 
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Monday, 10 May 2021 17:00:32 UTC

This archive was generated by hypermail 2.4.0 : Monday, 10 May 2021 17:00:33 UTC