Weekly github digest (WebAppSec specs)

Issues
------
* w3c/permissions (+1/-0/💬1)
  1 issues created:
  - WebDriver BiDi: support user contexts in setPermission (by OrKoN)
    https://github.com/w3c/permissions/issues/439 

  1 issues received 1 new comments:
  - #439 WebDriver BiDi: support user contexts in setPermission (1 by OrKoN)
    https://github.com/w3c/permissions/issues/439 

* w3c/webappsec-secure-contexts (+0/-0/💬1)
  1 issues received 1 new comments:
  - #78 localhost domains and HTTP/2 and beyond (1 by TomCJones)
    https://github.com/w3c/webappsec-secure-contexts/issues/78 

* w3c/webappsec-permissions-policy (+3/-1/💬4)
  3 issues created:
  - > 07881334 2 002065 031525 054161 F-3525824 PANYA YAOWALA ( AIA ) 0107537002761 0872220535 3410200102061 *01401125350 341020009143 3410200102096 41001470 165467 T-078813339 T078813342 (by Usermsn)
    https://github.com/w3c/webappsec-permissions-policy/issues/538 
  - Send reports for Permissions Policy violations in iframe to parent frame's endpoint (by shhnjk)
    https://github.com/w3c/webappsec-permissions-policy/issues/537 
  - Permissions Policy report missing a document URL (by shhnjk)
    https://github.com/w3c/webappsec-permissions-policy/issues/536 

  2 issues received 4 new comments:
  - #537 Send reports for Permissions Policy violations in iframe to parent frame's endpoint (3 by annevk, shhnjk)
    https://github.com/w3c/webappsec-permissions-policy/issues/537 
  - #535 methiyaowala (1 by Usermsn)
    https://github.com/w3c/webappsec-permissions-policy/issues/535 

  1 issues closed:
  - > 07881334 2 002065 031525 054161 F-3525824 PANYA YAOWALA ( AIA ) 0107537002761 0872220535 3410200102061 *01401125350 341020009143 3410200102096 41001470 165467 T-078813339 T078813342 https://github.com/w3c/webappsec-permissions-policy/issues/538 

* w3c/webappsec-trusted-types (+1/-1/💬10)
  1 issues created:
  - There's a lack of test coverage over the namespace aspect of getPropertyType (by lukewarlow)
    https://github.com/w3c/trusted-types/issues/429 

  4 issues received 10 new comments:
  - #425 Improve test coverage for DOM integration in WPT (4 by koto, mbrodesser-Igalia)
    https://github.com/w3c/trusted-types/issues/425 
  - #412 Either remove `fromLiteral` from v1 of the spec or add a note to the spec that it'll be implemented later (1 by lukewarlow)
    https://github.com/w3c/trusted-types/issues/412 
  - #402 Figure out what to do with `script.setAttribute('src')` (2 by koto, lukewarlow)
    https://github.com/w3c/trusted-types/issues/402 
  - #343 Consider allowing `innerHTML = ''` (3 by annevk, lukewarlow)
    https://github.com/w3c/trusted-types/issues/343 

  1 issues closed:
  - Is the `[[ScriptURL]]` slot needed? https://github.com/w3c/trusted-types/issues/401 [proposed-removal] 



Pull requests
-------------
* w3c/webappsec-csp (+1/-0/💬1)
  1 pull requests submitted:
  - Add `[SecureContext]` tag to the interfaces (by OnkarRuikar)
    https://github.com/w3c/webappsec-csp/pull/642 

  1 pull requests received 1 new comments:
  - #642 Add `[SecureContext]` tag to the interfaces (1 by annevk)
    https://github.com/w3c/webappsec-csp/pull/642 

* w3c/permissions (+1/-0/💬1)
  1 pull requests submitted:
  - Add userContext field to WebDriver BiDi's setPermission (by OrKoN)
    https://github.com/w3c/permissions/pull/438 

  1 pull requests received 1 new comments:
  - #438 Add userContext field to WebDriver BiDi's setPermission (1 by OrKoN)
    https://github.com/w3c/permissions/pull/438 

* w3c/webappsec-trusted-types (+2/-3/💬1)
  2 pull requests submitted:
  - Add missing stringify when passing source to CSP algorithm (by lukewarlow)
    https://github.com/w3c/trusted-types/pull/428 
  - Move early abort in Get Trusted Type compliant string to step 1 (by lukewarlow)
    https://github.com/w3c/trusted-types/pull/427 

  1 pull requests received 1 new comments:
  - #405 Remove `fromLiteral` from spec. (1 by lukewarlow)
    https://github.com/w3c/trusted-types/pull/405 

  3 pull requests merged:
  - Rewrote DOM integration
    https://github.com/w3c/trusted-types/pull/418 
  - Add missing stringify when passing source to CSP algorithm
    https://github.com/w3c/trusted-types/pull/428 
  - Move early abort in Get Trusted Type compliant string to step 1
    https://github.com/w3c/trusted-types/pull/427 


Repositories tracked by this digest:
-----------------------------------
* https://github.com/w3c/webappsec
* https://github.com/w3c/webappsec-subresource-integrity
* https://github.com/w3c/webappsec-csp
* https://github.com/w3c/webappsec-mixed-content
* https://github.com/w3c/webappsec-upgrade-insecure-requests
* https://github.com/w3c/webappsec-credential-management
* https://github.com/w3c/permissions
* https://github.com/w3c/permissions-registry
* https://github.com/w3c/webappsec-referrer-policy
* https://github.com/w3c/webappsec-secure-contexts
* https://github.com/w3c/webappsec-clear-site-data
* https://github.com/w3c/webappsec-cowl
* https://github.com/w3c/webappsec-epr
* https://github.com/w3c/webappsec-suborigins
* https://github.com/w3c/webappsec-cspee
* https://github.com/w3c/webappsec-permissions-policy
* https://github.com/w3c/webappsec-fetch-metadata
* https://github.com/w3c/webappsec-trusted-types
* https://github.com/w3c/webappsec-change-password-url
* https://github.com/w3c/webappsec-post-spectre-webdev


-- 
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config

Received on Monday, 5 February 2024 17:00:32 UTC