Weekly github digest (WebAuthn)

Issues
------
* w3c/webauthn (+2/-0/💬17)
  2 issues created:
  - Code Injection vulnerability from client side (by AdityaMitra5102)
    https://github.com/w3c/webauthn/issues/1965 [type:technical] 
  - Further clarification of Unsigned Extension Outputs (by bobknowscode)
    https://github.com/w3c/webauthn/issues/1964 [type:editorial] 

  5 issues received 17 new comments:
  - #1965 Code Injection vulnerability from client side (11 by AdityaMitra5102, arianvp, emlun, serianox, ve7jtb)
    https://github.com/w3c/webauthn/issues/1965 [type:technical] 
  - #1964 Further clarification of Unsigned Extension Outputs (1 by bobknowscode)
    https://github.com/w3c/webauthn/issues/1964 [type:editorial] 
  - #1962 Should credentials requested with attestation=none include an AAGUID? (1 by irew)
    https://github.com/w3c/webauthn/issues/1962 [type:technical] [type:editorial] 
  - #1569 Prevent browsers from deleting credentials that the RP wanted to be server-side (1 by lgarron)
    https://github.com/w3c/webauthn/issues/1569 [type:technical] 
  - #1358 Could not use Webauthn  `PublicKeyCredential.create`  when the RP ID is a Host string(ip). (3 by slayercat, timcappalli)
    https://github.com/w3c/webauthn/issues/1358 [type:technical] [subtype:algorithms/WebIDL] [subtype:FeatureProposal] 



Pull requests
-------------
* w3c/webauthn (+1/-0/💬1)
  1 pull requests submitted:
  - Specify what an unknown type credential descriptor being ignored means (by amoseui)
    https://github.com/w3c/webauthn/pull/1966 

  1 pull requests received 1 new comments:
  - #1966 Specify what an unknown type credential descriptor being ignored means (1 by w3cbot)
    https://github.com/w3c/webauthn/pull/1966 


Repositories tracked by this digest:
-----------------------------------
* https://github.com/w3c/webauthn


-- 
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config

Received on Tuesday, 19 September 2023 17:00:58 UTC