v0.9.1 — Self-update: 403 on trigger mismatch + reliability
webhook returns 200 even when a trigger rule isn't satisfied, which would let the app's res.ok check falsely report success if the secret drifted. Set trigger-rule-mismatch-http-response-code: 403 so unauthorized triggers are clearly rejected. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This commit is contained in:
@@ -4,6 +4,7 @@
|
||||
"execute-command": "/appdata/updater/update.sh",
|
||||
"command-working-directory": "/appdata",
|
||||
"response-message": "update started",
|
||||
"trigger-rule-mismatch-http-response-code": 403,
|
||||
"trigger-rule": {
|
||||
"match": {
|
||||
"type": "value",
|
||||
|
||||
Reference in New Issue
Block a user