W3C home > Mailing lists > Public > public-webappsec@w3.org > February 2022

Weekly github digest (WebAppSec specs)

From: W3C Webmaster via GitHub API <sysbot+gh@w3.org>
Date: Mon, 28 Feb 2022 17:00:31 +0000
To: public-webappsec@w3.org
Message-Id: <E1nOjNv-0004ae-Tg@uranus.w3.org>



Issues
------
* w3c/webappsec-csp (+0/-0/💬2)
  1 issues received 2 new comments:
  - #336 Should Workers inherit CSP directives from the parent context? (2 by antosart, oliverdunk)
    https://github.com/w3c/webappsec-csp/issues/336 

* w3c/permissions (+1/-2/💬5)
  1 issues created:
  - "extra permission data" definition should be normative (by dontcallmedom)
    https://github.com/w3c/permissions/issues/369 

  3 issues received 5 new comments:
  - #366 Removal of PermissionName broke downstream standards (3 by annevk, marcoscaceres)
    https://github.com/w3c/permissions/issues/366 
  - #278 Safari returns different results for current permission state (1 by miketaylr)
    https://github.com/w3c/permissions/issues/278 
  - #116 Guidance on whether to add an API to the permissions spec (1 by marcoscaceres)
    https://github.com/w3c/permissions/issues/116 [Actionable] 

  2 issues closed:
  - Specifications should add conformance classes https://github.com/w3c/permissions/issues/283 [editorial] 
  - Handle non-fully-active documents https://github.com/w3c/permissions/issues/162 

* w3c/webappsec-clear-site-data (+0/-0/💬1)
  1 issues received 1 new comments:
  - #68 Drop cache (1 by annevk)
    https://github.com/w3c/webappsec-clear-site-data/issues/68 

* w3c/webappsec-permissions-policy (+0/-0/💬2)
  1 issues received 2 new comments:
  - #444 Permissions Policy unload (2 by annevk, fergald)
    https://github.com/w3c/webappsec-permissions-policy/issues/444 

* w3c/webappsec-trusted-types (+0/-0/💬12)
  2 issues received 12 new comments:
  - #359 Maybe enforce Trusted Types in XSL's xsl:text (2 by koto, shhnjk)
    https://github.com/w3c/webappsec-trusted-types/issues/359 
  - #357 Add SVG <use> href attribute to Trusted Types enforcement (10 by annevk, koto, masatokinugawa, mikewest, mozfreddyb)
    https://github.com/w3c/webappsec-trusted-types/issues/357 



Pull requests
-------------
* w3c/webappsec-csp (+1/-1/💬2)
  1 pull requests submitted:
  - Remove callerRealm param from EnsureCSPDoesNotBlockStringCompilation (by antosart)
    https://github.com/w3c/webappsec-csp/pull/541 

  2 pull requests received 2 new comments:
  - #541 Remove callerRealm param from EnsureCSPDoesNotBlockStringCompilation (1 by antosart)
    https://github.com/w3c/webappsec-csp/pull/541 
  - #457 Introduce 'webrtc' as a simple on/off switch (1 by annevk)
    https://github.com/w3c/webappsec-csp/pull/457 

  1 pull requests merged:
  - Do not check callerRealm for eval
    https://github.com/w3c/webappsec-csp/pull/540 

* w3c/permissions (+2/-3/💬0)
  2 pull requests submitted:
  - Editorial: add UA + spec conformance classes (by marcoscaceres)
    https://github.com/w3c/permissions/pull/368 
  - Editorial: clarify Permission Policy / Powerful Feature overlap (by marcoscaceres)
    https://github.com/w3c/permissions/pull/367 

  3 pull requests merged:
  - Editorial: clarify Permissions Policy / Powerful Feature overlap
    https://github.com/w3c/permissions/pull/367 
  - Editorial: add UA + spec conformance classes
    https://github.com/w3c/permissions/pull/368 
  - Handle non-fully-active documents
    https://github.com/w3c/permissions/pull/365 

* w3c/webappsec-change-password-url (+1/-0/💬1)
  1 pull requests submitted:
  - Update README.md (by vasilii-sv)
    https://github.com/w3c/webappsec-change-password-url/pull/38 

  1 pull requests received 1 new comments:
  - #38 Update README.md (1 by w3cbot)
    https://github.com/w3c/webappsec-change-password-url/pull/38 


Repositories tracked by this digest:
-----------------------------------
* https://github.com/w3c/webappsec
* https://github.com/w3c/webappsec-subresource-integrity
* https://github.com/w3c/webappsec-csp
* https://github.com/w3c/webappsec-mixed-content
* https://github.com/w3c/webappsec-upgrade-insecure-requests
* https://github.com/w3c/webappsec-credential-management
* https://github.com/w3c/permissions
* https://github.com/w3c/webappsec-referrer-policy
* https://github.com/w3c/webappsec-secure-contexts
* https://github.com/w3c/webappsec-clear-site-data
* https://github.com/w3c/webappsec-cowl
* https://github.com/w3c/webappsec-epr
* https://github.com/w3c/webappsec-suborigins
* https://github.com/w3c/webappsec-cspee
* https://github.com/w3c/webappsec-permissions-policy
* https://github.com/w3c/webappsec-fetch-metadata
* https://github.com/w3c/webappsec-trusted-types
* https://github.com/w3c/webappsec-change-password-url
* https://github.com/w3c/webappsec-post-spectre-webdev


-- 
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Monday, 28 February 2022 17:00:34 UTC

This archive was generated by hypermail 2.4.0 : Monday, 28 February 2022 17:00:35 UTC