Weekly github digest (WebAppSec specs) from W3C Webmaster via GitHub API on 2022-02-07 (public-webappsec@w3.org from February 2022)

From: W3C Webmaster via GitHub API <sysbot+gh@w3.org>
Date: Mon, 07 Feb 2022 17:00:38 +0000
To: public-webappsec@w3.org
Message-Id: <E1nH7NW-0006n6-9j@uranus.w3.org>
Issues
------
* w3c/webappsec-csp (+0/-1/💬1)
  1 issues received 1 new comments:
  - #537 match-source-expression appears to be missing from CSP2 and CSP3 (1 by 3lixy)
    https://github.com/w3c/webappsec-csp/issues/537 

  1 issues closed:
  - match-source-expression appears to be missing from CSP2 and CSP3 https://github.com/w3c/webappsec-csp/issues/537 

* w3c/webappsec-credential-management (+4/-0/💬2)
  4 issues created:
  - security (by szasamasa)
    https://github.com/w3c/webappsec-credential-management/issues/191 
  - normal use case is 1 person per browser per domain and hence 1 single account per browser per domain (by szasamasa)
    https://github.com/w3c/webappsec-credential-management/issues/190 
  - id field should be optional (by szasamasa)
    https://github.com/w3c/webappsec-credential-management/issues/189 
  - is it necessary?: if (credential.type == 'password') (by szasamasa)
    https://github.com/w3c/webappsec-credential-management/issues/188 

  1 issues received 2 new comments:
  - #190 normal use case is 1 person per browser per domain and hence 1 single account per browser per domain (2 by szasamasa)
    https://github.com/w3c/webappsec-credential-management/issues/190 

* w3c/permissions (+4/-0/💬3)
  4 issues created:
  - Further alignment with Permissions Policy (by marcoscaceres)
    https://github.com/w3c/permissions/issues/356 
  - Automation: "Get Permission" (by jugglinmike)
    https://github.com/w3c/permissions/issues/349 
  - Automation: "set permission" granularity (by youennf)
    https://github.com/w3c/permissions/issues/348 
  - Automation: Need two more steps to handle closed browsing context and user prompts (by Honry)
    https://github.com/w3c/permissions/issues/347 

  2 issues received 3 new comments:
  - #250 Add a fourth permission state "grantable without a prompt"? (1 by miketaylr)
    https://github.com/w3c/permissions/issues/250 
  - #191 Semantic Permission Bundles (2 by jan-ivar, tomayac)
    https://github.com/w3c/permissions/issues/191 

* w3c/webappsec-change-password-url (+0/-0/💬1)
  1 issues received 1 new comments:
  - #34 Any follow-up drafts for fully automated password change? (1 by dumblob)
    https://github.com/w3c/webappsec-change-password-url/issues/34 



Pull requests
-------------
* w3c/webappsec-csp (+0/-0/💬3)
  1 pull requests received 3 new comments:
  - #457 Introduce 'webrtc' as a simple on/off switch (3 by jan-ivar, martinthomson, zenhack)
    https://github.com/w3c/webappsec-csp/pull/457 

* w3c/permissions (+9/-6/💬8)
  9 pull requests submitted:
  - Editorial: cleanup Permissions model (by marcoscaceres)
    https://github.com/w3c/permissions/pull/355 
  - Add concept of Default Permission State (by marcoscaceres)
    https://github.com/w3c/permissions/pull/354 
  - Switch PermissionName to DOMString (by marcoscaceres)
    https://github.com/w3c/permissions/pull/353 
  - Editorial: run 'in parallel', not asynchronously (by marcoscaceres)
    https://github.com/w3c/permissions/pull/352 
  - Editorial: clean up Relationship to Permissions Policy (by marcoscaceres)
    https://github.com/w3c/permissions/pull/351 
  - Editorial: cleanup examples (by marcoscaceres)
    https://github.com/w3c/permissions/pull/350 
  - Editorial: bring back Automated Testing into spec (by marcoscaceres)
    https://github.com/w3c/permissions/pull/346 
  - Editorial: clean up abstract (by marcoscaceres)
    https://github.com/w3c/permissions/pull/345 
  - Split Pri/Sec considerations + give user control over features (by marcoscaceres)
    https://github.com/w3c/permissions/pull/344 

  6 pull requests received 8 new comments:
  - #355 Editorial: cleanup Permissions model (1 by miketaylr)
    https://github.com/w3c/permissions/pull/355 
  - #353 Switch PermissionName to DOMString (2 by marcoscaceres, miketaylr)
    https://github.com/w3c/permissions/pull/353 
  - #351 Editorial: clean up Relationship to Permissions Policy (1 by miketaylr)
    https://github.com/w3c/permissions/pull/351 
  - #345 Editorial: clean up abstract (2 by marcoscaceres, miketaylr)
    https://github.com/w3c/permissions/pull/345 
  - #344 Split Pri/Sec considerations + give user control over features (1 by marcoscaceres)
    https://github.com/w3c/permissions/pull/344 
  - #286 Rename PermissionName enum to PowerfulFeatureName (1 by marcoscaceres)
    https://github.com/w3c/permissions/pull/286 

  6 pull requests merged:
  - Editorial: cleanup Permissions model
    https://github.com/w3c/permissions/pull/355 
  - Editorial: clean up abstract
    https://github.com/w3c/permissions/pull/345 
  - Add concept of Default Permission State
    https://github.com/w3c/permissions/pull/354 
  - Editorial: run 'in parallel', not asynchronously
    https://github.com/w3c/permissions/pull/352 
  - Editorial: cleanup examples
    https://github.com/w3c/permissions/pull/350 
  - Split Pri/Sec considerations + give user control over features
    https://github.com/w3c/permissions/pull/344 

* w3c/webappsec-change-password-url (+1/-0/💬1)
  1 pull requests submitted:
  - Add 1Password (by oliverdunk)
    https://github.com/w3c/webappsec-change-password-url/pull/37 

  1 pull requests received 1 new comments:
  - #37 Add 1Password (1 by oliverdunk)
    https://github.com/w3c/webappsec-change-password-url/pull/37 


Repositories tracked by this digest:
-----------------------------------
* https://github.com/w3c/webappsec
* https://github.com/w3c/webappsec-subresource-integrity
* https://github.com/w3c/webappsec-csp
* https://github.com/w3c/webappsec-mixed-content
* https://github.com/w3c/webappsec-upgrade-insecure-requests
* https://github.com/w3c/webappsec-credential-management
* https://github.com/w3c/permissions
* https://github.com/w3c/webappsec-referrer-policy
* https://github.com/w3c/webappsec-secure-contexts
* https://github.com/w3c/webappsec-clear-site-data
* https://github.com/w3c/webappsec-cowl
* https://github.com/w3c/webappsec-epr
* https://github.com/w3c/webappsec-suborigins
* https://github.com/w3c/webappsec-cspee
* https://github.com/w3c/webappsec-permissions-policy
* https://github.com/w3c/webappsec-fetch-metadata
* https://github.com/w3c/webappsec-trusted-types
* https://github.com/w3c/webappsec-change-password-url
* https://github.com/w3c/webappsec-post-spectre-webdev


-- 
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Monday, 7 February 2022 17:00:40 UTC