- From: W3C Webmaster via GitHub API <sysbot+gh@w3.org>
- Date: Mon, 10 Jul 2023 17:00:29 +0000
- To: public-webappsec@w3.org
- Message-Id: <E1qIuFR-0065VL-0I@uranus.w3.org>
Issues
------
* w3c/webappsec (+1/-0/💬1)
1 issues created:
- Support for clearing Client Hints in Clear-Site-Data header (by arichiv)
https://github.com/w3c/webappsec/issues/628
1 issues received 1 new comments:
- #626 Planning 2023-07-19. (1 by ShivanKaul)
https://github.com/w3c/webappsec/issues/626
* w3c/webappsec-csp (+2/-0/💬7)
2 issues created:
- CSP: Embedded Enforcement Links for issue 16 and 17 are dead (by JannisBush)
https://github.com/w3c/webappsec-csp/issues/610
- Behavior of `worker-src 'strict-dynamic'` (by evilpie)
https://github.com/w3c/webappsec-csp/issues/609
3 issues received 7 new comments:
- #592 host-char mismatches with the URL Standard (2 by annevk, arichiv)
https://github.com/w3c/webappsec-csp/issues/592
- #390 Clarify behavior for cached favicon loads (1 by gxtaillon)
https://github.com/w3c/webappsec-csp/issues/390
- #8 CSP: form-action and redirects (4 by Sora2455, marek22k)
https://github.com/w3c/webappsec-csp/issues/8 [CSP]
* w3c/webappsec-credential-management (+4/-3/💬4)
4 issues created:
- Replace iff (by lukewarlow)
https://github.com/w3c/webappsec-credential-management/issues/222
- Consider removal of FederatedCredential (by lukewarlow)
https://github.com/w3c/webappsec-credential-management/issues/221
- Consider web extension API (by lukewarlow)
https://github.com/w3c/webappsec-credential-management/issues/220
- [[store]] default implementation returns undefined, but maybe it should throw (by nsatragno)
https://github.com/w3c/webappsec-credential-management/issues/218
2 issues received 4 new comments:
- #221 Consider removal of FederatedCredential (1 by nsatragno)
https://github.com/w3c/webappsec-credential-management/issues/221
- #213 Fix build (3 by lukewarlow, nsatragno, sideshowbarker)
https://github.com/w3c/webappsec-credential-management/issues/213 [editorial]
3 issues closed:
- Consider removal of FederatedCredential https://github.com/w3c/webappsec-credential-management/issues/221
- Spec is unclear on what the promise returned by store() is resolved with (Credential/undefined) https://github.com/w3c/webappsec-credential-management/issues/98
- Return type of CredentialsContainer.store is wrong https://github.com/w3c/webappsec-credential-management/issues/214
* w3c/webappsec-permissions-policy (+1/-2/💬1)
1 issues created:
- Inconsistency in text and parsing algorithm (invalid member value) (by JannisBush)
https://github.com/w3c/webappsec-permissions-policy/issues/527
1 issues received 1 new comments:
- #519 Does url match expression in origin with redirect count? takes a URL, not an origin (1 by clelland)
https://github.com/w3c/webappsec-permissions-policy/issues/519
2 issues closed:
- Does url match expression in origin with redirect count? takes a URL, not an origin https://github.com/w3c/webappsec-permissions-policy/issues/519
- "If the allowlist contains an origin representing self" is unclear https://github.com/w3c/webappsec-permissions-policy/issues/520
* w3c/webappsec-fetch-metadata (+0/-0/💬1)
1 issues received 1 new comments:
- #79 Update reference for structured headers (1 by JannisBush)
https://github.com/w3c/webappsec-fetch-metadata/issues/79
Pull requests
-------------
* w3c/webappsec-credential-management (+2/-3/💬10)
2 pull requests submitted:
- Stop using “parent browsing context”; instead use “parent navigable” (by sideshowbarker)
https://github.com/w3c/webappsec-credential-management/pull/223
- Change default store algorithm to throw (#218) (by lukewarlow)
https://github.com/w3c/webappsec-credential-management/pull/219
2 pull requests received 10 new comments:
- #223 Use “navigable”+“parent”, not “parent browsing context”; fix fetch() refs (4 by ASISBusiness, sideshowbarker, w3cbot)
https://github.com/w3c/webappsec-credential-management/pull/223
- #215 Fix return type of CredentialsContainer.store (6 by lukewarlow, npm1, nsatragno, w3cbot)
https://github.com/w3c/webappsec-credential-management/pull/215
3 pull requests merged:
- Change default store algorithm to throw (#218)
https://github.com/w3c/webappsec-credential-management/pull/219
- Fix return type of CredentialsContainer.store
https://github.com/w3c/webappsec-credential-management/pull/215
- Fix typo
https://github.com/w3c/webappsec-credential-management/pull/212
* w3c/webappsec-permissions-policy (+1/-2/💬1)
1 pull requests submitted:
- Structured Field Values for HTTP are now RFC8941 (by JannisBush)
https://github.com/w3c/webappsec-permissions-policy/pull/526
1 pull requests received 1 new comments:
- #526 Structured Field Values for HTTP are now RFC8941 (1 by w3cbot)
https://github.com/w3c/webappsec-permissions-policy/pull/526
2 pull requests merged:
- Use exported DFNs from CSP
https://github.com/w3c/webappsec-permissions-policy/pull/523
- Clarify self and src origin naming
https://github.com/w3c/webappsec-permissions-policy/pull/522
Repositories tracked by this digest:
-----------------------------------
* https://github.com/w3c/webappsec
* https://github.com/w3c/webappsec-subresource-integrity
* https://github.com/w3c/webappsec-csp
* https://github.com/w3c/webappsec-mixed-content
* https://github.com/w3c/webappsec-upgrade-insecure-requests
* https://github.com/w3c/webappsec-credential-management
* https://github.com/w3c/permissions
* https://github.com/w3c/permissions-registry
* https://github.com/w3c/webappsec-referrer-policy
* https://github.com/w3c/webappsec-secure-contexts
* https://github.com/w3c/webappsec-clear-site-data
* https://github.com/w3c/webappsec-cowl
* https://github.com/w3c/webappsec-epr
* https://github.com/w3c/webappsec-suborigins
* https://github.com/w3c/webappsec-cspee
* https://github.com/w3c/webappsec-permissions-policy
* https://github.com/w3c/webappsec-fetch-metadata
* https://github.com/w3c/webappsec-trusted-types
* https://github.com/w3c/webappsec-change-password-url
* https://github.com/w3c/webappsec-post-spectre-webdev
--
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Monday, 10 July 2023 17:00:31 UTC