Skip to content

Releases: bradshjg/flask-githubapp

Non-Breaking Changes to GitHub Secret Verification

17 Jan 23:09
Compare
Choose a tag to compare
  • GITHUBAPP_SECRET can now be set to False to skip verifying the signature of
    the webhook payload.

  • The X-Hub-Signature-256 header is now preferred for signature checking.
    Previously, X-Hub-Signature (and sha1) were used to verify the payload.