harald/zeroclaw
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 3
231 commits 1 branch 0 tags 7.8 MiB
Commit graph

6 commits

Author SHA1 Message Date
Will Sarg
82ffb36f90
chore(ci): document and harden workflow pipeline (#241) 
* docs(ci): add CI workflow map and cross-links

* chore(ci): harden workflow determinism and safety

* chore(ci): address workflow review feedback

* style(ci): normalize workflow and ci-map formatting
 2026-02-15 20:42:47 -05:00
Will Sarg
8eb57836d8
chore: update Docker and release workflows for improved efficiency and security (#239) 2026-02-15 19:43:46 -05:00
Will Sarg
b367d41b63
fix(ci): speed up main Docker builds by using amd64 except tags (#237) 2026-02-15 18:44:53 -05:00
Will Sarg
28ec4ae826
fix(ci): reduce Docker Actions cost without weakening PR gates (#232) 
* fix(docker): update workflow to improve Docker image build and push process, add timeout

* fix(licenses): allow Apache-2.0 WITH LLVM-exception
 2026-02-15 18:15:38 -05:00
Argenis
5cc02c5813
fix: add WhatsApp webhook signature verification (X-Hub-Signature-256) 
Closes #51

- Add HMAC-SHA256 signature verification for WhatsApp webhooks
- Prevents message spoofing attacks (CWE-345)
- Add whatsapp_app_secret config field with ZEROCLAW_WHATSAPP_APP_SECRET env override
- Add 13 comprehensive unit tests

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-15 06:17:24 -05:00
argenis de la rosa
9c10338c7c feat: add Docker publish workflow for GHCR 
- Add .github/workflows/docker.yml for automated Docker builds
- Publishes to ghcr.io/theonlyhennygod/zeroclaw
- Builds on push to main and tags (v*)
- Multi-platform support (linux/amd64, linux/arm64)
- Update docker-compose.yml to use GHCR image

Part of #45
 2026-02-14 17:34:22 -05:00