Weekly github digest (WebAppSec specs)

Issues
------
* w3c/webappsec (+0/-1/💬1)
  1 issues received 1 new comments:
  - #651 Planning 2024-05-15. (1 by mikewest)
    https://github.com/w3c/webappsec/issues/651 

  1 issues closed:
  - Planning 2024-05-15. https://github.com/w3c/webappsec/issues/651 

* w3c/webappsec-csp (+0/-0/💬2)
  2 issues received 2 new comments:
  - #658 Possibility to block all javascript: URLs (1 by dveditz)
    https://github.com/w3c/webappsec-csp/issues/658 
  - #651 Upstream trusted type changes (1 by mbrodesser-Igalia)
    https://github.com/w3c/webappsec-csp/issues/651 

* w3c/permissions (+1/-0/💬0)
  1 issues created:
  - Add an optional `topLevelOrigin` argument to `permissions.setPermission` WebDriver BiDi command (by lutien)
    https://github.com/w3c/permissions/issues/450 

* w3c/webappsec-permissions-policy (+1/-0/💬10)
  1 issues created:
  - JS playgrounds leak permissions. Guidelines and examples needed (by jan-ivar)
    https://github.com/w3c/webappsec-permissions-policy/issues/547 

  1 issues received 10 new comments:
  - #547 JS playgrounds leak permissions. Guidelines and examples needed (10 by annevk, jan-ivar, rockinghelvetica)
    https://github.com/w3c/webappsec-permissions-policy/issues/547 

* w3c/webappsec-trusted-types (+1/-0/💬3)
  1 issues created:
  - Are WPTs for CSP `sandbox allow-scripts` required? (by mbrodesser-Igalia)
    https://github.com/w3c/trusted-types/issues/513 

  2 issues received 3 new comments:
  - #513 Are WPTs for CSP `sandbox allow-scripts` required? (2 by annevk, mbrodesser-Igalia)
    https://github.com/w3c/trusted-types/issues/513 
  - #510 Spec / implementation mismatch with document.write/writeln (1 by lukewarlow)
    https://github.com/w3c/trusted-types/issues/510 [spec] 



Pull requests
-------------
* w3c/webappsec-permissions-policy (+1/-0/💬1)
  1 pull requests submitted:
  - Add two "JS playground" examples. (by jan-ivar)
    https://github.com/w3c/webappsec-permissions-policy/pull/548 

  1 pull requests received 1 new comments:
  - #546 Send reports for Permissions Policy violations in iframe to parent frame's endpoint (1 by shhnjk)
    https://github.com/w3c/webappsec-permissions-policy/pull/546 

* w3c/webappsec-fetch-metadata (+0/-0/💬1)
  1 pull requests received 1 new comments:
  - #89 Define `Sec-Fetch-Frame-Ancestors`. (1 by arturjanc)
    https://github.com/w3c/webappsec-fetch-metadata/pull/89 


Repositories tracked by this digest:
-----------------------------------
* https://github.com/w3c/webappsec
* https://github.com/w3c/webappsec-subresource-integrity
* https://github.com/w3c/webappsec-csp
* https://github.com/w3c/webappsec-mixed-content
* https://github.com/w3c/webappsec-upgrade-insecure-requests
* https://github.com/w3c/webappsec-credential-management
* https://github.com/w3c/permissions
* https://github.com/w3c/permissions-registry
* https://github.com/w3c/webappsec-referrer-policy
* https://github.com/w3c/webappsec-secure-contexts
* https://github.com/w3c/webappsec-clear-site-data
* https://github.com/w3c/webappsec-cowl
* https://github.com/w3c/webappsec-epr
* https://github.com/w3c/webappsec-suborigins
* https://github.com/w3c/webappsec-cspee
* https://github.com/w3c/webappsec-permissions-policy
* https://github.com/w3c/webappsec-fetch-metadata
* https://github.com/w3c/webappsec-trusted-types
* https://github.com/w3c/webappsec-change-password-url
* https://github.com/w3c/webappsec-post-spectre-webdev


-- 
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config

Received on Monday, 13 May 2024 17:00:22 UTC