Weekly github digest (WebAppSec specs) from W3C Webmaster via GitHub API on 2022-10-31 (public-webappsec@w3.org from October 2022)

From: W3C Webmaster via GitHub API <sysbot+gh@w3.org>
Date: Mon, 31 Oct 2022 17:00:38 +0000
To: public-webappsec@w3.org
Message-Id: <E1opY9O-00ENvt-0H@uranus.w3.org>
Issues
------
* w3c/webappsec-csp (+3/-0/💬8)
  3 issues created:
  - `'report-hash'`: Adding hashes of blocked content to violation reports  (by arturjanc)
    https://github.com/w3c/webappsec-csp/issues/575 
  - Enable CSP3 `'unsafe-hashes'` for script `src` attributes (by arturjanc)
    https://github.com/w3c/webappsec-csp/issues/574 
  - CSS and JSON module scripts (by annevk)
    https://github.com/w3c/webappsec-csp/issues/573 

  2 issues received 8 new comments:
  - #575 `'report-hash'`: Adding hashes of blocked content to violation reports  (5 by arturjanc, letitz, mikewest)
    https://github.com/w3c/webappsec-csp/issues/575 
  - #574 Enable CSP3 `'unsafe-hashes'` for script `src` attributes (3 by arturjanc, letitz, mikewest)
    https://github.com/w3c/webappsec-csp/issues/574 

* w3c/permissions (+1/-0/💬4)
  1 issues created:
  - Allow returning "prompt" rather than "denied" (by annevk)
    https://github.com/w3c/permissions/issues/388 

  2 issues received 4 new comments:
  - #388 Allow returning "prompt" rather than "denied" (1 by marcoscaceres)
    https://github.com/w3c/permissions/issues/388 
  - #387 Potentially revisit oneRealm (3 by johannhof, marcoscaceres, miketaylr)
    https://github.com/w3c/permissions/issues/387 

* w3c/permissions-registry (+1/-0/💬0)
  1 issues created:
  - What to do with experimental features? (by miketaylr)
    https://github.com/w3c/permissions-registry/issues/18 

* w3c/webappsec-clear-site-data (+0/-0/💬3)
  1 issues received 3 new comments:
  - #68 Drop cache (3 by cdumez, miketaylr, o-t-w)
    https://github.com/w3c/webappsec-clear-site-data/issues/68 

* w3c/webappsec-cspee (+0/-0/💬1)
  1 issues received 1 new comments:
  - #26 Buggy behavior with multiple nested frames (1 by qabandi)
    https://github.com/w3c/webappsec-cspee/issues/26 



Pull requests
-------------
* w3c/permissions-registry (+0/-1/💬2)
  1 pull requests received 2 new comments:
  - #16 Add "accelerometer" to registry (2 by marcoscaceres, miketaylr)
    https://github.com/w3c/permissions-registry/pull/16 

  1 pull requests merged:
  - Add "accelerometer" to registry
    https://github.com/w3c/permissions-registry/pull/16 

* w3c/webappsec-trusted-types (+1/-0/💬0)
  1 pull requests submitted:
  - Add detail about fromLiteral to explainer. (by otherdaniel)
    https://github.com/w3c/trusted-types/pull/377 


Repositories tracked by this digest:
-----------------------------------
* https://github.com/w3c/webappsec
* https://github.com/w3c/webappsec-subresource-integrity
* https://github.com/w3c/webappsec-csp
* https://github.com/w3c/webappsec-mixed-content
* https://github.com/w3c/webappsec-upgrade-insecure-requests
* https://github.com/w3c/webappsec-credential-management
* https://github.com/w3c/permissions
* https://github.com/w3c/permissions-registry
* https://github.com/w3c/webappsec-referrer-policy
* https://github.com/w3c/webappsec-secure-contexts
* https://github.com/w3c/webappsec-clear-site-data
* https://github.com/w3c/webappsec-cowl
* https://github.com/w3c/webappsec-epr
* https://github.com/w3c/webappsec-suborigins
* https://github.com/w3c/webappsec-cspee
* https://github.com/w3c/webappsec-permissions-policy
* https://github.com/w3c/webappsec-fetch-metadata
* https://github.com/w3c/webappsec-trusted-types
* https://github.com/w3c/webappsec-change-password-url
* https://github.com/w3c/webappsec-post-spectre-webdev


-- 
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Monday, 31 October 2022 17:00:40 UTC