Shared secret inside the webhook payload has been deprecated

[imolein]

Hi,

first, thanks for the plugin! While I was configuring this, I read the blogpost about the release of Gitea 1.13.0, which says the following:

The Webhook shared secret inside the webhook payload has been deprecated and will be removed in 1.14.0: https://github.com/go-gitea/gitea/issues/11755 please use the secret header that uses an hmac signature to validate the webhook payload.

I thought it is not bad to open an issue about this :)

[pampersrocker]

Thank you for the info. I guess i'll address this as well, when i have time to look at #13 as well.

[pampersrocker]

Version v1.4.0 of this plugin now verifies the hmac of the payload instead of comparing the sent secret. v1.4.0 requires buildbot >=3.0.0