- From: W3C Webmaster via GitHub API <sysbot+gh@w3.org>
- Date: Mon, 15 Mar 2021 17:00:25 +0000
- To: public-webappsec@w3.org
- Message-Id: <E1lLqZt-0000Ok-Ms@uranus.w3.org>
Issues
------
* w3c/webappsec-subresource-integrity (+0/-0/💬1)
1 issues received 1 new comments:
- #20 Consider integrity check violation reporting (1 by briansmith)
https://github.com/w3c/webappsec-subresource-integrity/issues/20 [feature-request]
* w3c/webappsec-csp (+3/-2/💬14)
3 issues created:
- Fix "network scheme" references. (by jyasskin)
https://github.com/w3c/webappsec-csp/issues/479
- Media queries in the `media` attribute should be subject to CSP (by arturjanc)
https://github.com/w3c/webappsec-csp/issues/476
- Should CSP apply to svg images? (by antosart)
https://github.com/w3c/webappsec-csp/issues/474
6 issues received 14 new comments:
- #479 Fix "network scheme" references. (1 by annevk)
https://github.com/w3c/webappsec-csp/issues/479
- #476 Media queries in the `media` attribute should be subject to CSP (2 by annevk, arturjanc)
https://github.com/w3c/webappsec-csp/issues/476
- #474 Should the parent CSP apply to documents created by svg images? (7 by annevk, antosart, mikewest)
https://github.com/w3c/webappsec-csp/issues/474
- #473 Non-ASCII characters in CSP policy. (2 by bakkot, dveditz)
https://github.com/w3c/webappsec-csp/issues/473
- #472 More robust handling of non-executable <script> nodes (1 by jeremyroman)
https://github.com/w3c/webappsec-csp/issues/472
- #262 Please clearly mark older versions as obsolete (1 by sideshowbarker)
https://github.com/w3c/webappsec-csp/issues/262
2 issues closed:
- Fix "network scheme" references. https://github.com/w3c/webappsec-csp/issues/479
- Use Infra for JSON https://github.com/w3c/webappsec-csp/issues/455
* w3c/webappsec-mixed-content (+0/-1/💬2)
1 issues received 2 new comments:
- #25 Move MIX2 to FPWD (2 by carlosjoan91, wseltzer)
https://github.com/w3c/webappsec-mixed-content/issues/25
1 issues closed:
- WebSocket section needs updating https://github.com/w3c/webappsec-mixed-content/issues/27
* w3c/webappsec-upgrade-insecure-requests (+0/-3/💬0)
3 issues closed:
- URL's `port` is `null` if default value. https://github.com/w3c/webappsec-upgrade-insecure-requests/issues/18
- "a priori authenticated" https://github.com/w3c/webappsec-upgrade-insecure-requests/issues/13
- Upstream WebSocket bits to Fetch https://github.com/w3c/webappsec-upgrade-insecure-requests/issues/11
* w3c/webappsec-credential-management (+0/-0/💬1)
1 issues received 1 new comments:
- #144 Username/ID hint for navigator.credentials.get() (1 by ChadKillingsworth)
https://github.com/w3c/webappsec-credential-management/issues/144
* w3c/webappsec-permissions-policy (+1/-1/💬3)
1 issues created:
- Proper delimiter clarification (by patricktokeeffe)
https://github.com/w3c/webappsec-permissions-policy/issues/418
1 issues received 3 new comments:
- #418 Proper delimiter clarification (3 by annevk, clelland, patricktokeeffe)
https://github.com/w3c/webappsec-permissions-policy/issues/418
1 issues closed:
- Proper delimiter clarification https://github.com/w3c/webappsec-permissions-policy/issues/418
* w3c/webappsec-fetch-metadata (+0/-3/💬6)
5 issues received 6 new comments:
- #59 New 'Sec-Fetch-Dest' Type - "import" (1 by annevk)
https://github.com/w3c/webappsec-fetch-metadata/issues/59
- #45 Naming for new items in `mode`. (2 by annevk, mikewest)
https://github.com/w3c/webappsec-fetch-metadata/issues/45
- #37 Handling iframing via <embed> / <object> (1 by annevk)
https://github.com/w3c/webappsec-fetch-metadata/issues/37
- #29 Update Redirect section with HTTPS->HTTP behavior (1 by annevk)
https://github.com/w3c/webappsec-fetch-metadata/issues/29
- #28 Why is `Sec-Fetch-Site` based on the full URL redirect chain? (1 by annevk)
https://github.com/w3c/webappsec-fetch-metadata/issues/28
3 issues closed:
- Naming for new items in `mode`. https://github.com/w3c/webappsec-fetch-metadata/issues/45
- New 'Sec-Fetch-Dest' Type - "import" https://github.com/w3c/webappsec-fetch-metadata/issues/59
- Fetch integration https://github.com/w3c/webappsec-fetch-metadata/issues/58
* w3c/webappsec-trusted-types (+0/-1/💬0)
1 issues closed:
- `npm spec` eats translation errors https://github.com/w3c/webappsec-trusted-types/issues/112
Pull requests
-------------
* w3c/webappsec (+2/-1/💬1)
2 pull requests submitted:
- Fix the name and URL of DAS WG (by xfq)
https://github.com/w3c/webappsec/pull/577
- Editorial fixes (by dontcallmedom)
https://github.com/w3c/webappsec/pull/576
1 pull requests received 1 new comments:
- #576 Editorial fixes (1 by samuelweiler)
https://github.com/w3c/webappsec/pull/576
1 pull requests merged:
- Editorial fixes
https://github.com/w3c/webappsec/pull/576
* w3c/webappsec-csp (+5/-7/💬1)
5 pull requests submitted:
- Editorial: Use "Previous Version: from biblio" (by sideshowbarker)
https://github.com/w3c/webappsec-csp/pull/481
- Editorial: Drop Previous Version link (by sideshowbarker)
https://github.com/w3c/webappsec-csp/pull/480
- Editorial: Update spec filename in README.md (by sideshowbarker)
https://github.com/w3c/webappsec-csp/pull/478
- CI: Enable Echidna autopublishing to TR space (by sideshowbarker)
https://github.com/w3c/webappsec-csp/pull/477
- Fix typo in img-src post-request checks (by antosart)
https://github.com/w3c/webappsec-csp/pull/475
1 pull requests received 1 new comments:
- #475 Fix typo in img-src post-request checks (1 by mikewest)
https://github.com/w3c/webappsec-csp/pull/475
7 pull requests merged:
- Meta: align with Fetch
https://github.com/w3c/webappsec-csp/pull/461
- Editorial: Use "Previous Version: from biblio"
https://github.com/w3c/webappsec-csp/pull/481
- Editorial: Drop Previous Version link
https://github.com/w3c/webappsec-csp/pull/480
- Editorial: Update spec filename in README.md
https://github.com/w3c/webappsec-csp/pull/478
- Serialize JSON by reference to Infra spec
https://github.com/w3c/webappsec-csp/pull/465
- CI: Enable Echidna autopublishing to TR space
https://github.com/w3c/webappsec-csp/pull/477
- Fix typo in img-src post-request checks
https://github.com/w3c/webappsec-csp/pull/475
* w3c/webappsec-mixed-content (+7/-8/💬10)
7 pull requests submitted:
- Remove TR reference from MIX2 (by carlosjoan91)
https://github.com/w3c/webappsec-mixed-content/pull/49
- Add note about redirections on form submissions (by carlosjoan91)
https://github.com/w3c/webappsec-mixed-content/pull/48
- Editorial: correct browsing context reference (by annevk)
https://github.com/w3c/webappsec-mixed-content/pull/47
- CI: Disable HTML validation until fixed (by sideshowbarker)
https://github.com/w3c/webappsec-mixed-content/pull/46
- Ediorial: Fix problems in Bikeshed markup (by sideshowbarker)
https://github.com/w3c/webappsec-mixed-content/pull/45
- Editorial: remove WebSocket remnants (by annevk)
https://github.com/w3c/webappsec-mixed-content/pull/44
- Editorial: several fields are now called URL (uppercase) (by annevk)
https://github.com/w3c/webappsec-mixed-content/pull/43
5 pull requests received 10 new comments:
- #49 Remove TR reference from MIX2 (4 by carlosjoan91, sideshowbarker)
https://github.com/w3c/webappsec-mixed-content/pull/49
- #48 Add note about redirections on form submissions (1 by carlosjoan91)
https://github.com/w3c/webappsec-mixed-content/pull/48
- #47 Editorial: correct browsing context reference (2 by annevk, tabatkins)
https://github.com/w3c/webappsec-mixed-content/pull/47
- #43 Editorial: several fields are now called URL (uppercase) (1 by annevk)
https://github.com/w3c/webappsec-mixed-content/pull/43
- #42 CI: Switch to using GitHub Actions (2 by annevk, sideshowbarker)
https://github.com/w3c/webappsec-mixed-content/pull/42
8 pull requests merged:
- Remove TR reference from MIX2
https://github.com/w3c/webappsec-mixed-content/pull/49
- Add note about redirections on form submissions
https://github.com/w3c/webappsec-mixed-content/pull/48
- Editorial: correct browsing context reference
https://github.com/w3c/webappsec-mixed-content/pull/47
- Ediorial: Fix problems in Bikeshed markup
https://github.com/w3c/webappsec-mixed-content/pull/45
- CI: Disable HTML validation until fixed
https://github.com/w3c/webappsec-mixed-content/pull/46
- Editorial: several fields are now called URL (uppercase)
https://github.com/w3c/webappsec-mixed-content/pull/43
- Editorial: remove WebSocket remnants
https://github.com/w3c/webappsec-mixed-content/pull/44
- CI: Switch to using GitHub Actions
https://github.com/w3c/webappsec-mixed-content/pull/42
* w3c/webappsec-upgrade-insecure-requests (+5/-5/💬1)
5 pull requests submitted:
- Editorial: Use "Previous Version: from biblio" (by sideshowbarker)
https://github.com/w3c/webappsec-upgrade-insecure-requests/pull/25
- Modernize a bit (by annevk)
https://github.com/w3c/webappsec-upgrade-insecure-requests/pull/24
- Editorial: Update the Version History link URL (by sideshowbarker)
https://github.com/w3c/webappsec-upgrade-insecure-requests/pull/23
- Reference current HTML standard, not old fork (by sideshowbarker)
https://github.com/w3c/webappsec-upgrade-insecure-requests/pull/22
- CI: Switch to using GitHub Actions (by sideshowbarker)
https://github.com/w3c/webappsec-upgrade-insecure-requests/pull/21
1 pull requests received 1 new comments:
- #24 Modernize a bit (1 by annevk)
https://github.com/w3c/webappsec-upgrade-insecure-requests/pull/24
5 pull requests merged:
- Modernize a bit
https://github.com/w3c/webappsec-upgrade-insecure-requests/pull/24
- Editorial: Use "Previous Version: from biblio"
https://github.com/w3c/webappsec-upgrade-insecure-requests/pull/25
- Editorial: Update the Version History link URL
https://github.com/w3c/webappsec-upgrade-insecure-requests/pull/23
- Reference current HTML standard, not old fork
https://github.com/w3c/webappsec-upgrade-insecure-requests/pull/22
- CI: Switch to using GitHub Actions
https://github.com/w3c/webappsec-upgrade-insecure-requests/pull/21
* w3c/webappsec-referrer-policy (+3/-1/💬1)
3 pull requests submitted:
- Editorial: Fix HTML markup conformance error (by sideshowbarker)
https://github.com/w3c/webappsec-referrer-policy/pull/151
- CI: Switch to https://github.com/w3c/spec-prod (by sideshowbarker)
https://github.com/w3c/webappsec-referrer-policy/pull/150
- Update Version History URL to "main" branch (by sideshowbarker)
https://github.com/w3c/webappsec-referrer-policy/pull/149
1 pull requests received 1 new comments:
- #150 CI: Switch to https://github.com/w3c/spec-prod (1 by sideshowbarker)
https://github.com/w3c/webappsec-referrer-policy/pull/150
1 pull requests merged:
- Update Version History URL to "main" branch
https://github.com/w3c/webappsec-referrer-policy/pull/149
* w3c/webappsec-fetch-metadata (+5/-5/💬1)
5 pull requests submitted:
- Editorial: Use "Previous Version: from biblio" (by sideshowbarker)
https://github.com/w3c/webappsec-fetch-metadata/pull/70
- Update URL of ED (by tidoust)
https://github.com/w3c/webappsec-fetch-metadata/pull/69
- Editorial: Fix Previous Version URL (by sideshowbarker)
https://github.com/w3c/webappsec-fetch-metadata/pull/68
- Editorial: Switch status to WD for Echidna (by sideshowbarker)
https://github.com/w3c/webappsec-fetch-metadata/pull/67
- CI: Enable Echidna autopublishing to TR space (by sideshowbarker)
https://github.com/w3c/webappsec-fetch-metadata/pull/66
1 pull requests received 1 new comments:
- #66 CI: Enable Echidna autopublishing to TR space (1 by sideshowbarker)
https://github.com/w3c/webappsec-fetch-metadata/pull/66
5 pull requests merged:
- Editorial: Use "Previous Version: from biblio"
https://github.com/w3c/webappsec-fetch-metadata/pull/70
- Update URL of ED
https://github.com/w3c/webappsec-fetch-metadata/pull/69
- Editorial: Fix Previous Version URL
https://github.com/w3c/webappsec-fetch-metadata/pull/68
- Editorial: Switch status to WD for Echidna
https://github.com/w3c/webappsec-fetch-metadata/pull/67
- CI: Enable Echidna autopublishing to TR space
https://github.com/w3c/webappsec-fetch-metadata/pull/66
* w3c/webappsec-trusted-types (+5/-4/💬3)
5 pull requests submitted:
- Added privacy considerations section. (by koto)
https://github.com/w3c/webappsec-trusted-types/pull/337
- Editorial: Removed bikeshed warnings & errors. (by koto)
https://github.com/w3c/webappsec-trusted-types/pull/336
- Similified use case from #158 (by koto)
https://github.com/w3c/webappsec-trusted-types/pull/335
- Fix the type of partial WindowOrWorkerGlobalScope (by foolip)
https://github.com/w3c/webappsec-trusted-types/pull/334
- Bump elliptic from 6.5.0 to 6.5.4 (by dependabot)
https://github.com/w3c/webappsec-trusted-types/pull/333
2 pull requests received 3 new comments:
- #333 Bump elliptic from 6.5.0 to 6.5.4 (2 by dependabot, koto)
https://github.com/w3c/webappsec-trusted-types/pull/333 [dependencies]
- #158 Adds use case to spec section 1.3. (1 by koto)
https://github.com/w3c/webappsec-trusted-types/pull/158
4 pull requests merged:
- Added privacy considerations section.
https://github.com/w3c/webappsec-trusted-types/pull/337
- Editorial: Removed bikeshed warnings & errors.
https://github.com/w3c/webappsec-trusted-types/pull/336
- Similified use case from #158
https://github.com/w3c/webappsec-trusted-types/pull/335
- Fix the type of partial WindowOrWorkerGlobalScope
https://github.com/w3c/webappsec-trusted-types/pull/334
Repositories tracked by this digest:
-----------------------------------
* https://github.com/w3c/webappsec
* https://github.com/w3c/webappsec-subresource-integrity
* https://github.com/w3c/webappsec-csp
* https://github.com/w3c/webappsec-mixed-content
* https://github.com/w3c/webappsec-upgrade-insecure-requests
* https://github.com/w3c/webappsec-credential-management
* https://github.com/w3c/permissions
* https://github.com/w3c/webappsec-referrer-policy
* https://github.com/w3c/webappsec-secure-contexts
* https://github.com/w3c/webappsec-clear-site-data
* https://github.com/w3c/webappsec-cowl
* https://github.com/w3c/webappsec-epr
* https://github.com/w3c/webappsec-suborigins
* https://github.com/w3c/webappsec-cspee
* https://github.com/w3c/webappsec-permissions-policy
* https://github.com/w3c/webappsec-fetch-metadata
* https://github.com/w3c/webappsec-trusted-types
* https://github.com/w3c/webappsec-change-password-url
* https://github.com/w3c/webappsec-unofficial-drafts
--
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Monday, 15 March 2021 17:00:34 UTC