v0.9.1 — Self-update: 403 on trigger mismatch + reliability

webhook returns 200 even when a trigger rule isn't satisfied, which would let
the app's res.ok check falsely report success if the secret drifted. Set
trigger-rule-mismatch-http-response-code: 403 so unauthorized triggers are
clearly rejected.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This commit is contained in:
2026-06-15 22:44:36 -05:00
parent 4e02339f59
commit 98cabc514d
8 changed files with 172 additions and 2 deletions

View File

@@ -4,6 +4,7 @@
"execute-command": "/appdata/updater/update.sh",
"command-working-directory": "/appdata",
"response-message": "update started",
"trigger-rule-mismatch-http-response-code": 403,
"trigger-rule": {
"match": {
"type": "value",