Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Move section on code injection to security considerations. #1463

Merged
merged 2 commits into from
Apr 2, 2024
Merged

Move section on code injection to security considerations. #1463

merged 2 commits into from
Apr 2, 2024

Conversation

msporny
Copy link
Member

@msporny msporny commented Mar 23, 2024
edited by pr-preview bot
Loading

This PR is an attempt to address issue #1254 by moving the "Complex Markup" section into the "Security Considerations" section and warning about code injection attacks.

Preview | Diff

@msporny msporny mentioned this pull request Mar 23, 2024
Closed
@msporny msporny added editorial Purely editorial changes to the specification. CR1 This item was processed during CR1 labels Mar 23, 2024
aphillips
aphillips approved these changes Mar 23, 2024
View reviewed changes
Copy link
Contributor

@aphillips aphillips left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This looks fine to me.

TallTed
TallTed requested changes Mar 26, 2024
View reviewed changes
index.html Outdated Show resolved Hide resolved
index.html Outdated Show resolved Hide resolved
index.html Outdated Show resolved Hide resolved
shigeya
shigeya approved these changes Mar 26, 2024
View reviewed changes
Copy link
Contributor

@shigeya shigeya left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you, @msporny and @TallTed, for the pull request and edits. It looks good to me!

longpd
longpd approved these changes Mar 27, 2024
View reviewed changes
Copy link
Contributor

@longpd longpd left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Very important caution to make. If there a way to make it even stronger I'd support that, as well.

@iherman
Copy link
Member

iherman commented Mar 27, 2024

The issue was discussed in a meeting on 2024-03-27

  • no resolutions were taken
View the transcript

3.4. Section title and contents mismatch on "Complex Language Markup" (issue vc-data-model#1254)

See github issue vc-data-model#1254.

See github pull request vc-data-model#1463.

Brent Zundel: this PR can be merged by the end of this week.

David-Chadwick
David-Chadwick approved these changes Mar 29, 2024
View reviewed changes
Copy link
Contributor

@David-Chadwick David-Chadwick left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Subject to the minor editorial changes being accepted

index.html Outdated Show resolved Hide resolved
@msporny @TallTed @David-Chadwick
Fix grammar in code injection warning.
ca5efaa 
Co-authored-by: Ted Thibodeau Jr <tthibodeau@openlinksw.com>
Co-authored-by: David Chadwick <d.w.chadwick@verifiablecredentials.info>
@msporny
Copy link
Member Author

msporny commented Apr 2, 2024

Editorial, multiple reviews, changes requested and made, no objections, merging.

@msporny msporny merged commit e26578a into main Apr 2, 2024
1 check passed
@msporny msporny deleted the msporny-complex-markup branch April 2, 2024 13:34
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@TallTed TallTed TallTed requested changes

@aphillips aphillips aphillips approved these changes

@shigeya shigeya shigeya approved these changes

@dlongley dlongley dlongley approved these changes

@longpd longpd longpd approved these changes

@iherman iherman iherman approved these changes

@David-Chadwick David-Chadwick David-Chadwick approved these changes

@decentralgabe decentralgabe decentralgabe approved these changes

@brentzundel brentzundel brentzundel approved these changes

@jandrieu jandrieu Awaiting requested review from jandrieu

@dmitrizagidulin dmitrizagidulin Awaiting requested review from dmitrizagidulin

@andresuribe87 andresuribe87 Awaiting requested review from andresuribe87

@simoneonofri simoneonofri Awaiting requested review from simoneonofri

@KDean-GS1 KDean-GS1 Awaiting requested review from KDean-GS1

@selfissued selfissued Awaiting requested review from selfissued selfissued is a code owner

Assignees
No one assigned
Labels
CR1 This item was processed during CR1 editorial Purely editorial changes to the specification.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
10 participants
@msporny @iherman @aphillips @shigeya @dlongley @longpd @TallTed @David-Chadwick @decentralgabe @brentzundel