Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-73851

support SHA256 HMAC in verifying webooks

XMLWordPrintable

    • Icon: Improvement Improvement
    • Resolution: Unresolved
    • Icon: Minor Minor
    • github-plugin
    • None

      The Github plugin currently validates received webhooks using the legacy sha-1 HMAC.

      The plugin should migrate to use the X-Hub-Signature-256 header and the SHA256 HMAC.

      See https://docs.github.com/en/webhooks/using-webhooks/validating-webhook-deliveries for details.

            lanwen Kirill Merkushev
            teilo James Nord
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated: