Update report.json, rec-track-repos.json, hr-repos.json

Author: w3c-validate-repos-bot

report.json

@@ -76,6 +76,7 @@
       "w3c/sphinx-to-tr",
       "w3c/threat-model-decentralized-credentials",
       "w3c/threat-model-web",
+      "w3c/threat-modeling-guide",
       "w3c/w3c-china-web-forum-202306",
       "w3c/w3cdevs",
       "w3c/wai-conformance-model-test",
@@ -3561,6 +3562,7 @@
       "w3c/third-party-resources-checker",
       "w3c/threat-model-decentralized-credentials",
       "w3c/threat-model-web",
+      "w3c/threat-modeling-guide",
       "w3c/timed-text-dashboard",
       "w3c/timezone",
       "w3c/timing-entrytypes-registry",
@@ -9817,7 +9819,7 @@
       }
     ]
   },
-  "timestamp": "2025-12-06T00:28:32.153Z",
+  "timestamp": "2025-12-07T00:30:15.244Z",
   "repos": [
     {
       "id": "MDEwOlJlcG9zaXRvcnk4MTAyMTg2MA==",
@@ -13461,6 +13463,10 @@
       "isPrivate": false,
       "createdAt": "2025-12-05T23:39:34Z",
       "labels": [
+        {
+          "name": "agenda",
+          "color": "ededed"
+        },
         {
           "name": "bug",
           "color": "d73a4a"
@@ -115796,6 +115802,77 @@
         "text": "# Threat Model for the Web (TMW)\n\nA repository for the [Threat Model for the Web](https://www.w3.org/2024/11/security-ig-charter.html#TMW).\n\nFollows a curated list of resources.\n\n\n## Security and Web Platform\n- [The Browser Hacker’s Handbook](https://www.wiley.com/en-us/The+Browser+Hacker's+Handbook-p-9781118662090)\n- [Tangled Web](https://nostarch.com/tangledweb)\n\n\n## Browsers\n- [The Security Architecture of the Chromium Browser](https://seclab.stanford.edu/websec/chromium/chromium-security-architecture.pdf)\n- [Web Browser Security: Evolving Threats, Safeguards, and the Road Ahead](https://www.red-gate.com/simple-talk/featured/web-browser-security-evolving-threats-safeguards-and-the-road-ahead/)\n- [Browser Security Handbook](https://code.google.com/archive/p/browsersec/)\n- [Firefox privacy and security features](https://support.mozilla.org/en-US/kb/firefox-privacy-and-security-features)\n- [Secure Architecture](https://www.chromium.org/Home/chromium-security/guts/)\n- [Chrome Security Architecture - Process Level Snapshot](https://docs.google.com/drawings/d/1TuECFL9K7J5q5UePJLC-YH3satvb1RrjLRH-tW_VKeE/edit)\n- [Multi-Process Architecture](https://www.chromium.org/developers/design-documents/multi-process-architecture/)\n- [Sandboxing](https://chromium.googlesource.com/chromium/src/+/HEAD/docs/design/sandbox.md)\n- [How to Find Vulnerabilities in Web Browsers](https://docs.google.com/presentation/d/1rEPiqV0KBHAI0lVym283OHzYRXNCCuGudmDby1Z1qyc/edit?slide=id.g35a4ea0d9bd_0_42#slide=id.g35a4ea0d9bd_0_42)\n\n## Web APIs\n- [Permissions](https://albertofdr.github.io/web-security-class/browser/browser.permissions)\n\n\n## Extensions\n- [A Study on Malicious Browser Extensions in 2025](https://arxiv.org/abs/2503.04292)\n\n## Threat Models\n- [The Browser Threat Model](https://iang.org/ssl/browser_threat_model.html#browser)\n- [Target Privacy Threat Model](https://w3cping.github.io/privacy-threat-model/)\n- [Threat model End-To-End](https://github.com/google/end-to-end/wiki/Threat-model)\n- [Payment Handler Privacy Threat Model](https://w3c.github.io/webpayments/proposals/privacy-threat-model.html)\n- [FIDO Security Reference (includes Threat Analysis and a Diagram)](https://fidoalliance.org/specs/common-specs/fido-security-ref-v2.1-rd-20210525.html)\n\n## Threats\n - [Self-Review Questionnaire: Security and Privacy](https://www.w3.org/TR/security-privacy-questionnaire/)\n - [Mitigating Browser Fingerprinting in Web Specifications](https://www.w3.org/TR/fingerprinting-guidance/)\n - [Most Common Browser Threats in 2024: An Overview of Attack Mechanisms and Impacts](https://keepaware.com/blog/common-browser-threats-of-2024-an-overview-of-attack-mechanisms-and-impacts)\n - [Fingerprinting and Tracing Shadows: The Development and Impact of Browser Fingerprinting on Digital Privacy](https://arxiv.org/abs/2411.12045)\n - [XS-Leaks Wiki](https://xsleaks.dev)\n - [Tracking](https://albertofdr.github.io/web-security-class/advanced/web.tracking)\n"
       }
     },
+    {
+      "id": "R_kgDOQjerSA",
+      "name": "threat-modeling-guide",
+      "owner": {
+        "login": "w3c"
+      },
+      "isArchived": false,
+      "homepageUrl": null,
+      "description": null,
+      "isPrivate": false,
+      "createdAt": "2025-12-06T01:07:06Z",
+      "labels": [
+        {
+          "name": "bug",
+          "color": "d73a4a"
+        },
+        {
+          "name": "documentation",
+          "color": "0075ca"
+        },
+        {
+          "name": "duplicate",
+          "color": "cfd3d7"
+        },
+        {
+          "name": "enhancement",
+          "color": "a2eeef"
+        },
+        {
+          "name": "good first issue",
+          "color": "7057ff"
+        },
+        {
+          "name": "help wanted",
+          "color": "008672"
+        },
+        {
+          "name": "invalid",
+          "color": "e4e669"
+        },
+        {
+          "name": "question",
+          "color": "d876e3"
+        },
+        {
+          "name": "wontfix",
+          "color": "ffffff"
+        }
+      ],
+      "defaultBranch": {
+        "name": "main"
+      },
+      "environments": {
+        "nodes": []
+      },
+      "branchProtectionRules": {
+        "nodes": []
+      },
+      "w3cjson": null,
+      "prpreviewjson": null,
+      "autoPublish": null,
+      "travis": null,
+      "contributing": null,
+      "license": null,
+      "codeOfConduct": {
+        "body": "# Code of Conduct\n\nAll documentation, code and communication under this repository are covered by the [W3C Code of Conduct](https://www.w3.org/policies/code-of-conduct/).\n"
+      },
+      "readme": {
+        "text": "# threat-modeling-guide"
+      }
+    },
     {
       "id": "MDEwOlJlcG9zaXRvcnkxNjE1MDU4MDk=",
       "name": "time-series-and-spatial-data",