09a0f00456
Make the github webhook secret required for the webhook processor to avoid security issues
...
I already use this, but it occurred to me that without hooksecret, that somebody could craft a fake event with a "changelog" and a `$payload['pull_request']['base']['repo']['url']` set to a script they controlled, and use that to extract the private key.
2016-05-26 04:44:07 -07:00
49e78d7d04
Fixes the changelog processor not escaping usernames. ( #17486 )
2016-05-11 17:54:21 -05:00
766db108e4
Update github_webhook_processor.php
2016-03-28 13:08:21 -07:00
e3eac6f3d5
Makes changelog generator send changelog to target branch
...
For some reason I was sure this was included in $payload['pull_request']['base']['repo']['url'], but i was wrong.
2016-03-28 12:53:26 -07:00
c9e2860777
Fixes github webhook not working on apache
2016-01-19 10:47:41 -08:00
9b8abaee4e
Adds pr announcer/changelog generator github webhook script to tools folder.
2016-01-03 11:08:30 -08:00
Kyle Spier-Swenson