github/codeql-action
1
0
Fork 0
mirror of https://github.com/github/codeql-action.git synced 2025-12-30 11:10:22 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
a4e1a019f5e24960714ff6296aee04b736cbc3cf
codeql-action/node_modules/@octokit/webhooks/dist-src/verify-and-receive.js
Angela P Wen c1745a9831 Upgrade octokit to v4.1.2
2025-02-19 11:13:12 -08:00

34 lines
848 B
JavaScript
Raw Blame History

import { verifyWithFallback } from "@octokit/webhooks-methods";
async function verifyAndReceive(state, event) {
const matchesSignature = await verifyWithFallback(
state.secret,
event.payload,
event.signature,
state.additionalSecrets
).catch(() => false);
if (!matchesSignature) {
const error = new Error(
"[@octokit/webhooks] signature does not match event payload and secret"
);
return state.eventHandler.receive(
Object.assign(error, { event, status: 400 })
);
}
let payload;
try {
payload = JSON.parse(event.payload);
} catch (error) {
error.message = "Invalid JSON";
error.status = 400;
throw new AggregateError([error], error.message);
}
return state.eventHandler.receive({
id: event.id,
name: event.name,
payload
});
}
export {
verifyAndReceive
};
Reference in New Issue View Git Blame Copy Permalink