Update github to use sha256 signature

go-playground / webhooks

:fishing_pole_and_fish: Webhook receiver for GitHub, Bitbucket, GitLab, Gogs

MIT License

962 stars 236 forks source link

Update github to use sha256 signature #173

Closed ammario closed 1 year ago

ammario commented 1 year ago

See https://docs.github.com/en/webhooks-and-events/webhooks/securing-your-webhooks

coveralls commented 1 year ago

Coverage: 89.741% (+0.02%) from 89.716% when pulling 61c8d3560b680ef94c98cbfcf80daabd5b4b8371 on ammario:master into 69430a8f014ebee576e196aea419391556f6036c on go-playground:master.

AdamKorcz commented 1 year ago

Would be great to see this merged.

davidhadas commented 1 year ago

@robinlieb, this PR relates to a Security Audit done to the CNCF Knative Project, Knative uses this repository as a dependency and the audit requires this to be fixed.

Can you check to see if this PR is expected to be fixed any time soon, or should Knative look for alternatives instead?

robinlieb commented 1 year ago

@davidhadas just merged this change, thanks for the reminder.

@ammario Thanks for the contribution!