From ba3591b3acab0bb8f185830f6329d201ed89c03f Mon Sep 17 00:00:00 2001
From: Maks Pikov <mixelburg@users.noreply.github.com>
Date: Tue, 21 Apr 2026 22:03:55 +0000
Subject: [PATCH] fix(webhook): return 401 when signature header is missing

---
 apps/dokploy/pages/api/deploy/github.ts | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/apps/dokploy/pages/api/deploy/github.ts b/apps/dokploy/pages/api/deploy/github.ts
index 4438366f6..57f926466 100644
--- a/apps/dokploy/pages/api/deploy/github.ts
+++ b/apps/dokploy/pages/api/deploy/github.ts
@@ -24,6 +24,11 @@ export default async function handler(
 	res: NextApiResponse,
 ) {
 	const signature = req.headers["x-hub-signature-256"];
+	if (!signature) {
+		res.status(401).json({ message: "Missing signature header" });
+		return;
+	}
+
 	const githubBody = req.body;
 
 	if (!githubBody?.installation?.id) {
@@ -50,7 +55,7 @@ export default async function handler(
 
 	const verified = await webhooks.verify(
 		JSON.stringify(githubBody),
-		signature as string,
+		signature,
 	);
 
 	if (!verified) {