chore: fix eslint errors introduced in phase 4 backend
This commit is contained in:
@@ -17,7 +17,7 @@ export const verifyGithubSignature = async (
|
||||
rawBody: string,
|
||||
signatureHeader: string | null,
|
||||
): Promise<boolean> => {
|
||||
if (!signatureHeader || !signatureHeader.startsWith('sha256=')) return false;
|
||||
if (!signatureHeader?.startsWith('sha256=')) return false;
|
||||
// Web Crypto's importKey throws on a zero-length HMAC key; guard so the
|
||||
// verifier never throws on attacker-controlled input (returns false instead).
|
||||
if (!secret) return false;
|
||||
|
||||
Reference in New Issue
Block a user