zeroclaw

harald/zeroclaw

Fork 0

Commit graph

Author	SHA1	Message	Date
Argenis	5cc02c5813	fix: add WhatsApp webhook signature verification (X-Hub-Signature-256) Closes #51 - Add HMAC-SHA256 signature verification for WhatsApp webhooks - Prevents message spoofing attacks (CWE-345) - Add whatsapp_app_secret config field with ZEROCLAW_WHATSAPP_APP_SECRET env override - Add 13 comprehensive unit tests Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-02-15 06:17:24 -05:00
argenis de la rosa	9c10338c7c	feat: add Docker publish workflow for GHCR - Add .github/workflows/docker.yml for automated Docker builds - Publishes to ghcr.io/theonlyhennygod/zeroclaw - Builds on push to main and tags (v*) - Multi-platform support (linux/amd64, linux/arm64) - Update docker-compose.yml to use GHCR image Part of #45	2026-02-14 17:34:22 -05:00

Author

SHA1

Message

Date

Argenis

5cc02c5813

fix: add WhatsApp webhook signature verification (X-Hub-Signature-256)

Closes #51

- Add HMAC-SHA256 signature verification for WhatsApp webhooks
- Prevents message spoofing attacks (CWE-345)
- Add whatsapp_app_secret config field with ZEROCLAW_WHATSAPP_APP_SECRET env override
- Add 13 comprehensive unit tests

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

2026-02-15 06:17:24 -05:00

argenis de la rosa

9c10338c7c

feat: add Docker publish workflow for GHCR

- Add .github/workflows/docker.yml for automated Docker builds
- Publishes to ghcr.io/theonlyhennygod/zeroclaw
- Builds on push to main and tags (v*)
- Multi-platform support (linux/amd64, linux/arm64)
- Update docker-compose.yml to use GHCR image

Part of #45

2026-02-14 17:34:22 -05:00

2 commits