Socket
Book a DemoInstallSign in
Socket
Book a DemoInstallSign in

@backstage/plugin-events-backend-module-github

Package Overview
Dependencies
Maintainers
3
Versions
1012
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@backstage/plugin-events-backend-module-github

Source
npmnpm
Version
0.0.0-nightly-20250209023129
Version published
Maintainers
3
Created
Source

events-backend-module-github

Welcome to the events-backend-module-github backend module!

This package is a module for the events-backend backend plugin and extends the event system with an GithubEventRouter.

The event router will subscribe to the topic github and route the events to more concrete topics based on the value of the provided x-github-event metadata field.

Examples:

x-github-eventtopic
pull_requestgithub.pull_request
pushgithub.push
repositorygithub.repository

Please find all possible webhook event types at the official documentation.

Installation

# From your Backstage root directory
yarn --cwd packages/backend add @backstage/plugin-events-backend-module-github

Event Router

// packages/backend/src/index.ts
import { eventsModuleGithubEventRouter } from '@backstage/plugin-events-backend-module-github/alpha';
// ...
backend.add(eventsModuleGithubEventRouter);

Legacy Backend System

// packages/backend/src/plugins/events.ts
const eventRouter = new GithubEventRouter({ events: env.events });
await eventRouter.subscribe();

Signature Validator

// packages/backend/src/index.ts
import { eventsModuleGithubWebhook } from '@backstage/plugin-events-backend-module-github/alpha';
// ...
backend.add(eventsModuleGithubWebhook);

Legacy Backend System

Add the signature validator for the topic github:

// packages/backend/src/plugins/events.ts
+ import { createGithubSignatureValidator } from '@backstage/plugin-events-backend-module-github';
  // [...]
    const http = HttpPostIngressEventPublisher.fromConfig({
      config: env.config,
      events: env.events,
      ingresses: {
+       github: {
+         validator: createGithubSignatureValidator(env.config),
+       },
     },
     logger: env.logger,
  });

Configuration

events:
  modules:
    github:
      webhookSecret: your-secret-token

Configuration at GitHub: https://docs.github.com/en/developers/webhooks-and-events/webhooks/securing-your-webhooks

FAQs

Package last updated on 09 Feb 2025

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Crates.io Users Targeted by Phishing Emails

Security News

Crates.io Users Targeted by Phishing Emails

The Rust Security Response WG is warning of phishing emails from rustfoundation.dev targeting crates.io users.

By Sarah Gooding  -  Sep 12, 2025
Rust Support Now in Beta

Product

Rust Support Now in Beta

Socket's Rust support is moving to Beta: all users can scan Cargo projects and generate SBOMs, including Cargo.toml-only crates, with Rust-aware supply chain checks.

By Mikola Lysenko, Trevor Norris  -  Sep 11, 2025