Fwd: Weekly github digest (WebAppSec specs (testing))

Hi WebAppSec,

Here's what a weekly digest of github pointers could look like. Let me
know if I missed any repos.

--Wendy


-------- Forwarded Message --------
Subject: Weekly github digest (WebAppSec specs (testing))
Date: Mon, 04 Dec 2017 17:00:06 +0000
From: W3C Webmaster via GitHub API <sysbot+gh@w3.org>
To: wseltzer@w3.org




Issues
------
* w3c/webappsec-csp (+1/-0/💬9)
  1 issues created:
  - CSP Directives Should Be Structured (by David263)
    https://github.com/w3c/webappsec-csp/issues/274

  3 issues received 9 new comments:
  - #207 What does it mean to alias a policy from a CSP list? (6 by
mikewest, andypaicu, bzbarsky, ckerschb)
    https://github.com/w3c/webappsec-csp/issues/207
  - #225 Embedded: make clear that servers MUST respond with a CSP or
Allow-CSP-From header, <meta> CSP's are not allowed. (2 by annevk, David263)
    https://github.com/w3c/webappsec-csp/issues/225
  - #26 block-all-mixed-content for report-only (1 by David263)
    https://github.com/w3c/webappsec-csp/issues/26

* w3c/webappsec-credential-management (+1/-0/💬4)
  1 issues created:
  - "sameOriginWithAncestors is unused" ?  should s/unused/false/ ? (by
equalsJeffH)
    https://github.com/w3c/webappsec-credential-management/issues/116

  3 issues received 4 new comments:
  - #116 "sameOriginWithAncestors is unused" ?  should s/unused/false/ ?
(2 by mikewest, equalsJeffH)
    https://github.com/w3c/webappsec-credential-management/issues/116
  - #115 current build error and linking warnings (1 by equalsJeffH)
    https://github.com/w3c/webappsec-credential-management/issues/115
  - #3 CREDENTIAL: Reconsider the top-level browsing context limitation.
(1 by equalsJeffH)
    https://github.com/w3c/webappsec-credential-management/issues/3

* w3c/webappsec-cowl (+0/-1/💬1)
  1 issues received 1 new comments:
  - #79 Giving Abdul push access to repo (1 by wseltzer)
    https://github.com/w3c/webappsec-cowl/issues/79

  1 issues closed:
  - Giving Abdul push access to repo
https://github.com/w3c/webappsec-cowl/issues/79



Pull requests
-------------
* w3c/webappsec-csp (+1/-3/💬9)
  1 pull requests submitted:
  - Replaced 'alias' with 'copy' for less ambiguity (by andypaicu)
    https://github.com/w3c/webappsec-csp/pull/273

  4 pull requests received 9 new comments:
  - #273 Replaced 'alias' with 'copy' for less ambiguity (6 by mikewest,
andypaicu, bzbarsky)
    https://github.com/w3c/webappsec-csp/pull/273
  - #228 link up inline css issue (1 by mikewest)
    https://github.com/w3c/webappsec-csp/pull/228
  - #271 IDL amendments and small misc issues. (1 by andypaicu)
    https://github.com/w3c/webappsec-csp/pull/271
  - #254 Cleanup `global object` usage to make sense with `Documents` (1
by andypaicu)
    https://github.com/w3c/webappsec-csp/pull/254

  3 pull requests merged:
  - link up inline css issue
    https://github.com/w3c/webappsec-csp/pull/228
  - Replaced 'alias' with 'copy' for less ambiguity
    https://github.com/w3c/webappsec-csp/pull/273
  - Cleanup `global object` usage to make sense with `Documents`
    https://github.com/w3c/webappsec-csp/pull/254

* w3c/webappsec-credential-management (+0/-0/💬2)
  2 pull requests received 2 new comments:
  - #100 issue 92 accessing settings object: add passing global and
queue task invoke callback (1 by equalsJeffH)
    https://github.com/w3c/webappsec-credential-management/pull/100
  - #114 Remove the blanket restriction against nested usage. (1 by
equalsJeffH)
    https://github.com/w3c/webappsec-credential-management/pull/114

* w3c/permissions (+0/-0/💬1)
  1 pull requests received 1 new comments:
  - #151 Introduce "Automation" section (1 by JKereliuk)
    https://github.com/w3c/permissions/pull/151

* w3c/webappsec-clear-site-data (+0/-2/💬1)
  1 pull requests received 1 new comments:
  - #44 Added a cache performance warning. (1 by mikewest)
    https://github.com/w3c/webappsec-clear-site-data/pull/44

  2 pull requests merged:
  - Added a cache performance warning.
    https://github.com/w3c/webappsec-clear-site-data/pull/44
  - Add the wildcard pseudotype.
    https://github.com/w3c/webappsec-clear-site-data/pull/43


Repositories tracked by this digest:
-----------------------------------
* https://github.com/w3c/webappsec-subresource-integrity
* https://github.com/w3c/webappsec-csp
* https://github.com/w3c/webappsec-mixed-content
* https://github.com/w3c/webappsec-upgrade-insecure-requests
* https://github.com/w3c/webappsec-credential-management
* https://github.com/w3c/permissions
* https://github.com/w3c/webappsec-referrer-policy
* https://github.com/w3c/webappsec-secure-contexts
* https://github.com/w3c/webappsec-clear-site-data
* https://github.com/w3c/webappsec-cowl
* https://github.com/w3c/webappsec-epr

Received on Monday, 4 December 2017 18:42:13 UTC