Verify X-Hub-Signature of incoming github connections
Opened this issue · 0 comments
zfeinberg-urbn commented
Gitkins should verify the authenticity of incoming payloads from github. Github provides a HMAC hexdigest (sha1) signature in order to do this.
API information is located at https://developer.github.com/webhooks/securing/