Skip to content

Commit

Permalink
build: implement security verification
Browse files Browse the repository at this point in the history
  • Loading branch information
@0-vortex
0-vortex committed Feb 22, 2022
1 parent c842cfb commit a2f3285
Show file tree
Hide file tree
Showing 3 changed files with 12 additions and 11 deletions.
3 changes: 2 additions & 1 deletion npm-shrinkwrap.json
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

3 changes: 2 additions & 1 deletion package.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,8 @@
"url": "git+/~https://github.com/open-sauced/catsup.git"
},
"engines": {
"node": ">= 16"
"node": ">= 16.7.0",
"npm": ">= 8.0.0"
},
"scripts": {
"push": "npx @open-sauced/conventional-commit",
Expand Down
17 changes: 8 additions & 9 deletions src/index.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -68,16 +68,15 @@ async function handleRequest(request) {
});
}

const id = request.headers.get('x-github-delivery');
const name = request.headers.get('x-github-event');
const payload = await request.json();

try {
await app.webhooks.receive({
id,
name,
payload,
});
await app.webhooks
.verifyAndReceive({
id: request.headers.get('x-github-delivery'),
name: request.headers.get('x-github-event'),
signature: request.headers.get('x-hub-signature-256')
.replace(/sha256=/, ''),
payload: (await request.json()),
});

return new Response('{ "ok": true }', {
headers: { 'content-type': 'application/json' },
Expand Down

0 comments on commit a2f3285

Please sign in to comment.