![Deno 2.2 Improves Dependency Management and Expands Node.js Compatibility](https://cdn.sanity.io/images/cgdhsj6q/production/97774ea8c88cc8f4bed2766c31994ebc38116948-1664x1366.png?w=400&fit=max&auto=format)
Security News
Deno 2.2 Improves Dependency Management and Expands Node.js Compatibility
Deno 2.2 enhances Node.js compatibility, improves dependency management, adds OpenTelemetry support, and expands linting and task automation for developers.
github-webhook-handler
Advanced tools
GitHub allows you to register Webhooks for your repositories. Each time an event occurs on your repository, whether it be pushing code, filling issues or creating pull requests, the webhook address you register can be configured to be pinged with details.
This library is a small handler (or "middleware" if you must) for Node.js web servers that handles all the logic of receiving and verifying webhook requests from GitHub.
In Github Webhooks settings, Content type must be application/json
.
application/x-www-form-urlencoded
won't work at present.
var http = require('http')
var createHandler = require('github-webhook-handler')
var handler = createHandler({ path: '/webhook', secret: 'myhashsecret' })
http.createServer(function (req, res) {
handler(req, res, function (err) {
res.statusCode = 404
res.end('no such location')
})
}).listen(7777)
handler.on('error', function (err) {
console.error('Error:', err.message)
})
handler.on('push', function (event) {
console.log('Received a push event for %s to %s',
event.payload.repository.name,
event.payload.ref)
})
handler.on('issues', function (event) {
console.log('Received an issue event for %s action=%s: #%d %s',
event.payload.repository.name,
event.payload.action,
event.payload.issue.number,
event.payload.issue.title)
})
for multiple handlers, please see multiple-handlers-issue.
github-webhook-handler exports a single function, use this function to create a webhook handler by passing in an options object. Your options object should contain:
"path"
: the complete case sensitive path/route to match when looking at req.url
for incoming requests. Any request not matching this path will cause the callback function to the handler to be called (sometimes called the next
handler)."secret"
: this is a hash key used for creating the SHA-1 HMAC signature of the JSON blob sent by GitHub. You should register the same secret key with GitHub. Any request not delivering a X-Hub-Signature
that matches the signature generated using this key against the blob will be rejected and cause an 'error'
event (also the callback will be called with an Error
object)."events"
: an optional array of whitelisted event types (see: events.json). If defined, any incoming request whose X-Github-Event
can't be found in the whitelist will be rejected. If only a single event type is acceptable, this option can also be a string.The resulting handler function acts like a common "middleware" handler that you can insert into a processing chain. It takes request
, response
, and callback
arguments. The callback
is not called if the request is successfully handled, otherwise it is called either with an Error
or no arguments.
The handler function is also an EventEmitter
that you can register to listen to any of the GitHub event types. Note you can be specific in your GitHub configuration about which events you wish to receive, or you can send them all. Note that the "error"
event will be liberally used, even if someone tries the end-point and they can't generate a proper signature, so you should at least register a listener for it or it will throw.
See the GitHub Webhooks documentation for more details on the events you can receive.
Included in the distribution is an events.json file which maps the event names to descriptions taken from the API:
var events = require('github-webhook-handler/events')
Object.keys(events).forEach(function (event) {
console.log(event, '=', events[event])
})
Additionally, there is a special '*'
even you can listen to in order to receive everything.
github-webhook-handler is Copyright (c) 2014 Rod Vagg and licensed under the MIT License. All rights not explicitly granted in the MIT License are reserved. See the included LICENSE.md file for more details.
FAQs
Web handler / middleware for processing GitHub Webhooks
The npm package github-webhook-handler receives a total of 705 weekly downloads. As such, github-webhook-handler popularity was classified as not popular.
We found that github-webhook-handler demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Deno 2.2 enhances Node.js compatibility, improves dependency management, adds OpenTelemetry support, and expands linting and task automation for developers.
Security News
React's CRA deprecation announcement sparked community criticism over framework recommendations, leading to quick updates acknowledging build tools like Vite as valid alternatives.
Security News
Ransomware payment rates hit an all-time low in 2024 as law enforcement crackdowns, stronger defenses, and shifting policies make attacks riskier and less profitable.