Weekly github digest (WebAppSec specs) from W3C Webmaster via GitHub API on 2022-11-28 (public-webappsec@w3.org from November 2022)

From: W3C Webmaster via GitHub API <sysbot+gh@w3.org>
Date: Mon, 28 Nov 2022 17:00:36 +0000
To: public-webappsec@w3.org
Message-Id: <E1ozhUi-00CWI9-2R@uranus.w3.org>
Issues
------
* w3c/webappsec (+0/-0/💬1)
  1 issues received 1 new comments:
  - #544 CSP and HTML Modules (1 by antosart)
    https://github.com/w3c/webappsec/issues/544 

* w3c/webappsec-subresource-integrity (+0/-1/💬2)
  1 issues received 2 new comments:
  - #119 Reference the IANA registry of hash names (2 by annevk, awwright)
    https://github.com/w3c/webappsec-subresource-integrity/issues/119 

  1 issues closed:
  - Check all hashes https://github.com/w3c/webappsec-subresource-integrity/issues/118 

* w3c/webappsec-csp (+2/-1/💬6)
  2 issues created:
  - Should we replace browsing contexts with navigables? (by antosart)
    https://github.com/w3c/webappsec-csp/issues/579 
  - Directive's value is a set (by annevk)
    https://github.com/w3c/webappsec-csp/issues/577 

  3 issues received 6 new comments:
  - #579 Should we replace browsing contexts with navigables? (2 by antosart, domenic)
    https://github.com/w3c/webappsec-csp/issues/579 
  - #473 Non-ASCII characters in CSP policy. (1 by antosart)
    https://github.com/w3c/webappsec-csp/issues/473 [i18n-tracker] 
  - #434 Clarify/test which quote characters may be used (3 by annevk, antosart, evilpie)
    https://github.com/w3c/webappsec-csp/issues/434 

  1 issues closed:
  - Non-ASCII characters in CSP policy. https://github.com/w3c/webappsec-csp/issues/473 [i18n-tracker] 

* w3c/webappsec-upgrade-insecure-requests (+0/-1/💬1)
  1 issues received 1 new comments:
  - #32 Specify value of Origin header (CORS) after a scheme upgrade (1 by Rob--W)
    https://github.com/w3c/webappsec-upgrade-insecure-requests/issues/32 

  1 issues closed:
  - Specify value of Origin header (CORS) after a scheme upgrade https://github.com/w3c/webappsec-upgrade-insecure-requests/issues/32 

* w3c/webappsec-credential-management (+1/-0/💬0)
  1 issues created:
  - Pass global object to DiscoverFromExternalSource (by npm1)
    https://github.com/w3c/webappsec-credential-management/issues/210 

* w3c/permissions (+6/-0/💬13)
  6 issues created:
  - PermissionDescriptor equality is not defined (by annevk)
    https://github.com/w3c/permissions/issues/396 
  - "permission query algorithm" run on string (by annevk)
    https://github.com/w3c/permissions/issues/395 
  - "permission query algorithm" is passed a redundant argument (by annevk)
    https://github.com/w3c/permissions/issues/394 
  - Task queueing (by annevk)
    https://github.com/w3c/permissions/issues/393 
  - Align internal states with enums (by annevk)
    https://github.com/w3c/permissions/issues/392 
  - Consider removing "lifetime" (by annevk)
    https://github.com/w3c/permissions/issues/391 

  5 issues received 13 new comments:
  - #392 Align internal states with enums (2 by marcoscaceres)
    https://github.com/w3c/permissions/issues/392 
  - #391 Consider removing "lifetime" (4 by annevk, marcoscaceres)
    https://github.com/w3c/permissions/issues/391 
  - #388 Allow returning "prompt" rather than "denied" (4 by annevk, johannhof)
    https://github.com/w3c/permissions/issues/388 
  - #348 Automation: "set permission" granularity (1 by marcoscaceres)
    https://github.com/w3c/permissions/issues/348 
  - #194 Consider making `request-permission-to-use` aware of user activation (2 by marcoscaceres)
    https://github.com/w3c/permissions/issues/194 

* w3c/webappsec-referrer-policy (+0/-0/💬2)
  1 issues received 2 new comments:
  - #160 Add referrerpolicy to media elements (<audio> and <video>) (2 by annevk, chrisgraham)
    https://github.com/w3c/webappsec-referrer-policy/issues/160 

* w3c/webappsec-cspee (+0/-0/💬4)
  1 issues received 4 new comments:
  - #19 Status of CSPEE spec? Implementor interest? (4 by RuslanZavacky, annevk)
    https://github.com/w3c/webappsec-cspee/issues/19 

* w3c/webappsec-permissions-policy (+1/-0/💬0)
  1 issues created:
  - Update web-platform-tests (by annevk)
    https://github.com/w3c/webappsec-permissions-policy/issues/490 



Pull requests
-------------
* w3c/webappsec-subresource-integrity (+0/-0/💬4)
  1 pull requests received 4 new comments:
  - #110 Edit 3.3.2 Parse metadata in more detail (4 by annevk, baek9, domfarolino)
    https://github.com/w3c/webappsec-subresource-integrity/pull/110 

* w3c/webappsec-csp (+2/-0/💬3)
  2 pull requests submitted:
  - Fix references to html after navigation and session history rewrite (by antosart)
    https://github.com/w3c/webappsec-csp/pull/580 
  - Fix for each iterations referring to infra (by antosart)
    https://github.com/w3c/webappsec-csp/pull/578 

  2 pull requests received 3 new comments:
  - #580 Fix references to html after navigation and session history rewrite (1 by antosart)
    https://github.com/w3c/webappsec-csp/pull/580 
  - #578 Fix for each iterations referring to infra (2 by annevk, antosart)
    https://github.com/w3c/webappsec-csp/pull/578 

* w3c/permissions (+6/-0/💬6)
  6 pull requests submitted:
  - Add additional automation error checks (by marcoscaceres)
    https://github.com/w3c/permissions/pull/402 
  - Integrate "request permission to use" with user activation (by marcoscaceres)
    https://github.com/w3c/permissions/pull/401 
  - Editorial: define permission states consistently (by marcoscaceres)
    https://github.com/w3c/permissions/pull/400 
  - Editorial: user enum values for permission concept (by marcoscaceres)
    https://github.com/w3c/permissions/pull/399 
  - Editorial: define and improve use of permissions task source (by marcoscaceres)
    https://github.com/w3c/permissions/pull/398 
  - Remove use of realms (by marcoscaceres)
    https://github.com/w3c/permissions/pull/397 

  3 pull requests received 6 new comments:
  - #401 Integrate "request permission to use" with user activation (3 by annevk, marcoscaceres)
    https://github.com/w3c/permissions/pull/401 
  - #397 Remove use of realms (1 by marcoscaceres)
    https://github.com/w3c/permissions/pull/397 
  - #390 WIP: Define a permission store (closes #384) (2 by johannhof, marcoscaceres)
    https://github.com/w3c/permissions/pull/390 

* w3c/webappsec-referrer-policy (+0/-0/💬2)
  1 pull requests received 2 new comments:
  - #156 Omit referrers on cross-origin requests from an .onion address (2 by domfarolino, fmarier)
    https://github.com/w3c/webappsec-referrer-policy/pull/156 

* w3c/webappsec-permissions-policy (+1/-0/💬0)
  1 pull requests submitted:
  - Remove document-domain policy-controlled feature. (by otherdaniel)
    https://github.com/w3c/webappsec-permissions-policy/pull/491 


Repositories tracked by this digest:
-----------------------------------
* https://github.com/w3c/webappsec
* https://github.com/w3c/webappsec-subresource-integrity
* https://github.com/w3c/webappsec-csp
* https://github.com/w3c/webappsec-mixed-content
* https://github.com/w3c/webappsec-upgrade-insecure-requests
* https://github.com/w3c/webappsec-credential-management
* https://github.com/w3c/permissions
* https://github.com/w3c/permissions-registry
* https://github.com/w3c/webappsec-referrer-policy
* https://github.com/w3c/webappsec-secure-contexts
* https://github.com/w3c/webappsec-clear-site-data
* https://github.com/w3c/webappsec-cowl
* https://github.com/w3c/webappsec-epr
* https://github.com/w3c/webappsec-suborigins
* https://github.com/w3c/webappsec-cspee
* https://github.com/w3c/webappsec-permissions-policy
* https://github.com/w3c/webappsec-fetch-metadata
* https://github.com/w3c/webappsec-trusted-types
* https://github.com/w3c/webappsec-change-password-url
* https://github.com/w3c/webappsec-post-spectre-webdev


-- 
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Monday, 28 November 2022 17:00:38 UTC