- From: W3C Webmaster via GitHub API <sysbot+gh@w3.org>
- Date: Mon, 26 Aug 2024 17:00:21 +0000
- To: public-webappsec@w3.org
- Message-Id: <E1sid4n-00AAzZ-1L@janus.w3.internal>
Issues
------
* w3c/webappsec (+0/-0/💬2)
1 issues received 2 new comments:
- #654 Planning TPAC. (2 by Frosne, johannhof)
https://github.com/w3c/webappsec/issues/654
* w3c/webappsec-csp (+1/-0/💬8)
1 issues created:
- Should font-src reporting kick in on font-face reference or font request? (by robinwhittleton)
https://github.com/w3c/webappsec-csp/issues/677
2 issues received 8 new comments:
- #677 Should font-src reporting kick in on font-face reference or font request? (6 by annevk, emilio, robinwhittleton)
https://github.com/w3c/webappsec-csp/issues/677
- #676 loading local stylesheets without self source (2 by gapple, nizos)
https://github.com/w3c/webappsec-csp/issues/676
* w3c/webappsec-credential-management (+2/-0/💬13)
2 issues created:
- Throw a InvalidStateError when hitting multiple in-progress credential requests? (by marcoscaceres)
https://github.com/w3c/webappsec-credential-management/issues/257
- Should mediation be nullable? (by marcoscaceres)
https://github.com/w3c/webappsec-credential-management/issues/256
3 issues received 13 new comments:
- #256 Should mediation be defaulted at all? (5 by marcoscaceres, samuelgoto)
https://github.com/w3c/webappsec-credential-management/issues/256
- #255 Consider extracting PasswordCredential and FederatedCredential to separate specs? (2 by lukewarlow, marcoscaceres)
https://github.com/w3c/webappsec-credential-management/issues/255
- #244 Disallow multiple types via navigator.credentials's methods (6 by marcoscaceres, samuelgoto)
https://github.com/w3c/webappsec-credential-management/issues/244
* w3c/webappsec-secure-contexts (+1/-1/💬0)
1 issues created:
- ****URGENT**** malicious deployment with the integration of your software needs to be noted. (by QuantumFandT)
https://github.com/w3c/webappsec-secure-contexts/issues/106
1 issues closed:
- ****URGENT**** malicious deployment with the integration of your software needs to be noted. https://github.com/w3c/webappsec-secure-contexts/issues/106
* w3c/webappsec-permissions-policy (+1/-0/💬2)
1 issues created:
- Default Powerful Feature Permission (by ecki)
https://github.com/w3c/webappsec-permissions-policy/issues/555
1 issues received 2 new comments:
- #273 Prevent programmatic focus in iframe (2 by josephrocca)
https://github.com/w3c/webappsec-permissions-policy/issues/273 [proposed feature]
* w3c/webappsec-trusted-types (+1/-0/💬2)
1 issues created:
- "Get Trusted Type compliant string" is called with "sink" instead of "'sink'" (by mbrodesser-Igalia)
https://github.com/w3c/trusted-types/issues/542 [spec]
2 issues received 2 new comments:
- #542 "Get Trusted Type compliant string" is called with "sink" instead of "'sink'" (1 by petervanderbeken)
https://github.com/w3c/trusted-types/issues/542 [spec]
- #541 "stringifying" in "Process value with a default policy" needs to be defined (1 by mbrodesser-Igalia)
https://github.com/w3c/trusted-types/issues/541 [spec]
Pull requests
-------------
* w3c/webappsec-credential-management (+1/-0/💬0)
1 pull requests submitted:
- Let specs define their own default mediation requirement (by marcoscaceres)
https://github.com/w3c/webappsec-credential-management/pull/258
* w3c/permissions (+0/-0/💬1)
1 pull requests received 1 new comments:
- #452 Editorial: Fix sentences around permission states (1 by miketaylr)
https://github.com/w3c/permissions/pull/452
* w3c/webappsec-referrer-policy (+1/-0/💬8)
1 pull requests submitted:
- Added IANA considerations section for HTTP header (by stiiin)
https://github.com/w3c/webappsec-referrer-policy/pull/171
1 pull requests received 8 new comments:
- #171 Added IANA considerations section for HTTP header (8 by annevk, domfarolino, mnot, simoneonofri, stiiin)
https://github.com/w3c/webappsec-referrer-policy/pull/171
* w3c/webappsec-permissions-policy (+0/-0/💬2)
2 pull requests received 2 new comments:
- #546 Send reports for Permissions Policy violations in iframe to parent frame's endpoint (1 by shhnjk)
https://github.com/w3c/webappsec-permissions-policy/pull/546
- #82 Update section on 'Other and related mechanisms' (1 by ecki)
https://github.com/w3c/webappsec-permissions-policy/pull/82
Repositories tracked by this digest:
-----------------------------------
* https://github.com/w3c/webappsec
* https://github.com/w3c/webappsec-subresource-integrity
* https://github.com/w3c/webappsec-csp
* https://github.com/w3c/webappsec-mixed-content
* https://github.com/w3c/webappsec-upgrade-insecure-requests
* https://github.com/w3c/webappsec-credential-management
* https://github.com/w3c/permissions
* https://github.com/w3c/permissions-registry
* https://github.com/w3c/webappsec-referrer-policy
* https://github.com/w3c/webappsec-secure-contexts
* https://github.com/w3c/webappsec-clear-site-data
* https://github.com/w3c/webappsec-cowl
* https://github.com/w3c/webappsec-epr
* https://github.com/w3c/webappsec-suborigins
* https://github.com/w3c/webappsec-cspee
* https://github.com/w3c/webappsec-permissions-policy
* https://github.com/w3c/webappsec-fetch-metadata
* https://github.com/w3c/webappsec-trusted-types
* https://github.com/w3c/webappsec-change-password-url
* https://github.com/w3c/webappsec-post-spectre-webdev
--
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Monday, 26 August 2024 17:00:22 UTC