v2.0.2

Improvements have been made in performance, by using a pre-built docker image hosted in the GitHub container registry. Also see the release notes for v2.0.0 for other important changes if you are upgrading from v1.

v1.1.1

Using a pre-built docker image hosted in GitHub container registry

v2.0.0

This is a major release, since some of the defaults that were previously applied have changed - the new defaults are more reasonable and secure. All v1 configurations options are still available, and the v1 tag will continue to exist in maintenance mode. To make use of the new features and defaults, use the v2 tag in your workflow config.

Two of the most important changes are:

• SSL certificates are now validated by default. For those who are not using verified SSL certs, and currently on v1 but wishes to use v2, should set verify_ssl: false (as per the README), otherwise your current workflow may fail.
• An additional log level has been added, which is something between verbose and silent. Those were the only two options available in v1 (and verbose may leak sensitive information in your logs). By default the logging in v2 will now give some basic output, and if you prefer verbose or silent instead, those options are still available.
• A unique requestID is set on each payload, which can be used to increase protection against replay attacks.

Thanks to @johannes-huther for these contributions.

v1.0.9

Bug fix: remove duplicate 'User-Agent' in header

v1.0.8

Support for sha256 header

v1.0.7

An additional configuration option, allowing curl to be run in silent mode

v1.0.5

Support an extended JSON webhook POST, which sends the complete GitHub even data, as found on GITHUB_EVENT_PATH

v1.0.4

• Support for webhook endpoints that expect urlencoded form data
• Correctly handle curl HTTP failures, by letting errors bubble up

v1.0.3

• Improved build time
• Allow unsigned SSL certificates
• Better curl usage
• Additional GitHub environment header

v1.0.2

First official Marketplace release