Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Correct the security vulnerability language #107

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Correct the security vulnerability language #107

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@ You can specify a secret value when subscribing to receive webhook events. Keep

Don't just enter your "default password" as the secret, use some random value, unrelated text, or best of all: [a hashed value](https://emn178.github.io/online-tools/sha256.html).

> If anyone guesses your secret, they can also subscribe to your webhook events!
> If anyone learns or guesses your secret, they can send fake webhook events!

## Usage

Expand All @@ -30,4 +30,4 @@ Command | Description
`/dbg-add <org> <name> [secret] [previews]` | Subscribe the current channel to the repo webhook events. Optionally takes a secret. Optionally enable link previews.
`/dbg-remove <org> <name>` | Unsubscribe the current channel from the repo webhook events.

> Previews will not display if your repo is set to private.
> Previews will not display if your repo is set to private.