-
GITHUBAPP_SECRETcan now be set toFalseto skip verifying the signature of
the webhook payload. -
The
X-Hub-Signature-256header is now preferred for signature checking.
Previously,X-Hub-Signature(andsha1) were used to verify the payload.
GITHUBAPP_SECRET can now be set to False to skip verifying the signature of
the webhook payload.
The X-Hub-Signature-256 header is now preferred for signature checking.
Previously, X-Hub-Signature (and sha1) were used to verify the payload.