Weekly github digest (WebAppSec specs) from W3C Webmaster via GitHub API on 2026-05-11 (public-webappsec@w3.org from May 2026)

From: W3C Webmaster via GitHub API <noreply@w3.org>
Date: Mon, 11 May 2026 17:00:48 +0000
To: public-webappsec@w3.org
Message-ID: <177851884865.56457.7395801537812384529@ip-10-0-1-136.ec2.internal>

Issues
------
* w3c/webappsec-csp (+1/-1/💬8)
  1 issues created:
  - Clarification RFC 7234 caches for present nonce-sources (by codingjoe)
    https://github.com/w3c/webappsec-csp/issues/815 

  3 issues received 8 new comments:
  - #815 Clarification RFC 7234 caches for present nonce-sources (1 by codingjoe)
    https://github.com/w3c/webappsec-csp/issues/815 
  - #814 Clarify object-src behavior when plugin content has no associated URL (4 by annevk, roberto-apple)
    https://github.com/w3c/webappsec-csp/issues/814 
  - #813 "Same" in origin comparison not linked (3 by mikewest)
    https://github.com/w3c/webappsec-csp/issues/813 

  1 issues closed:
  - "Same" in origin comparison not linked https://github.com/w3c/webappsec-csp/issues/813 

* w3c/webappsec-credential-management (+2/-0/💬0)
  2 issues created:
  - Add [[implicitMediation]] internal slot to Credential (by marcoscaceres)
    https://github.com/w3c/webappsec-credential-management/issues/297 
  - Move [[origin]] internal slot for Credential into dfn list (by marcoscaceres)
    https://github.com/w3c/webappsec-credential-management/issues/295 

* w3c/webappsec-permissions-policy (+0/-0/💬1)
  1 issues received 1 new comments:
  - #581 Process for including/removing features in Features.md (1 by AlbertoFDR)
    https://github.com/w3c/webappsec-permissions-policy/issues/581 



Pull requests
-------------
* w3c/webappsec-csp (+0/-0/💬5)
  2 pull requests received 5 new comments:
  - #808 Integrate with speculation rules  (4 by annevk, hiroshige-g, tunetheweb)
    https://github.com/w3c/webappsec-csp/pull/808 
  - #803 [import-bytes] add `bytes` destination (1 by styfle)
    https://github.com/w3c/webappsec-csp/pull/803 

* w3c/webappsec-credential-management (+2/-0/💬0)
  2 pull requests submitted:
  - 298  (by marcoscaceres)
    https://github.com/w3c/webappsec-credential-management/pull/298 
  - 296  (by marcoscaceres)
    https://github.com/w3c/webappsec-credential-management/pull/296 


Repositories tracked by this digest:
-----------------------------------
* https://github.com/w3c/webappsec
* https://github.com/w3c/webappsec-subresource-integrity
* https://github.com/w3c/webappsec-csp
* https://github.com/w3c/webappsec-mixed-content
* https://github.com/w3c/webappsec-upgrade-insecure-requests
* https://github.com/w3c/webappsec-credential-management
* https://github.com/w3c/permissions
* https://github.com/w3c/permissions-registry
* https://github.com/w3c/webappsec-referrer-policy
* https://github.com/w3c/webappsec-secure-contexts
* https://github.com/w3c/webappsec-clear-site-data
* https://github.com/w3c/webappsec-cowl
* https://github.com/w3c/webappsec-epr
* https://github.com/w3c/webappsec-suborigins
* https://github.com/w3c/webappsec-cspee
* https://github.com/w3c/webappsec-permissions-policy
* https://github.com/w3c/webappsec-fetch-metadata
* https://github.com/w3c/webappsec-trusted-types
* https://github.com/w3c/webappsec-change-password-url
* https://github.com/w3c/webappsec-post-spectre-webdev


-- 
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config

Received on Monday, 11 May 2026 17:00:52 UTC