Commit graph

5 commits

Author SHA1 Message Date
Antoine Martin 7e3c8b8f28 lohr: validate webhook signature
Previously lohr was unusable in a production setting, anyone could forge
a malicious webhook and either:

- mirror a private repo of yours to another remote they own
- wipe a repo of yours by forcing mirroring from an empty mirror

This is no longer the case!
2021-03-30 11:33:42 +02:00
Antoine Martin 7134b7700f lohr: v0.2.1 2021-03-30 01:12:50 +02:00
Antoine Martin 0ddcd24f33 lohr: v0.2.0 2021-03-30 01:04:15 +02:00
Bruno BELANYI 295a28bab4 lohr: add default and additional remotes
Co-authored-by: Antoine Martin <antoine@alarsyo.net>
2021-03-29 20:52:04 +02:00
Antoine Martin b37891af49 setup basic app 2021-03-29 02:01:53 +02:00