From d45f733be8477e13538260f32e6b896a865f7cdb Mon Sep 17 00:00:00 2001 From: Phillip Johnsen Date: Sun, 10 Apr 2016 23:20:36 +0200 Subject: [PATCH] Log when we've got requests with invalid secrets --- lib/github-events.js | 1 + 1 file changed, 1 insertion(+) diff --git a/lib/github-events.js b/lib/github-events.js index 80e61f55..c30ddbea 100644 --- a/lib/github-events.js +++ b/lib/github-events.js @@ -19,6 +19,7 @@ module.exports = (app) => { const signature = req.headers['x-hub-signature'] if (!signature || signature !== sign(secret, req.raw)) { res.writeHead(401, 'Invalid Signature') + console.error('! event@%s: %s - invalid signature, returning 401', source, data.action) return res.end() }