Outworx HooksOutworx Hooks
GitHub integration

GitHub Webhook Monitoring that catches broken automations.

Every push, pull_request, and issues event tracked, with HMAC verification and dedup-by-delivery-id built in. Wrap your handler once — get a real-time dashboard, alerts, and replay protection.

Start Free — No Card RequiredRead the docs

Why monitor GitHub webhooks specifically?

GitHub will retry a failed delivery, but if your app or bot drops events your automations silently break — CI doesn't trigger, deploys don't fire, PR checks go stale. The Recent Deliveries tab in GitHub only shows the last batch; this gives you the full history with latency, signature validity, and per-event-type failure rates.

HMAC verification

Built-in HMAC-SHA256 against x-hub-signature-256. Invalid requests get 401 before your handler runs.

Idempotency

Dedupe on x-github-delivery. The same delivery never runs your handler twice.

Per-event metrics

Latency and success rate broken down by event type — push vs pull_request vs check_run.

Real-time alerts

Slack, Discord, or email the moment a workflow event starts failing.

60-second install

Wrap your existing GitHub webhook handler. The SDK verifies thex-hub-signature-256header, handles dedup via x-github-delivery, and ships telemetry to your dashboard.

Next.js (App Router)

app/api/webhooks/github/route.ts
// app/api/webhooks/github/route.ts
import { init } from '@outworx/hooks';
import { withWebhookMonitoring } from '@outworx/hooks/nextjs';

init({ apiKey: process.env.OUTWORX_HOOKS_API_KEY! });

export const POST = withWebhookMonitoring(
  {
    provider: 'github',
    signatureSecret: process.env.GITHUB_WEBHOOK_SECRET!,
    // GitHub's per-delivery UUID — perfect for deduping retries.
    idempotencyKey: (_req, _body, headers) => headers['x-github-delivery'],
  },
  async (req) => {
    const body = await req.json();
    // Signature verified, duplicates filtered — handle the event.
    return Response.json({ received: true });
  }
);

Express

server.ts
import express from 'express';
import { init } from '@outworx/hooks';
import { withWebhookMonitoring } from '@outworx/hooks/express';

init({ apiKey: process.env.OUTWORX_HOOKS_API_KEY });

const app = express();

// Stash raw body so signature verification works.
app.use(express.json({
  verify: (req, _res, buf) => {
    (req as any).rawBody = buf.toString('utf8');
  },
}));

app.post(
  '/webhooks/github',
  withWebhookMonitoring({
    provider: 'github',
    signatureSecret: process.env.GITHUB_WEBHOOK_SECRET!,
    idempotencyKey: (_req, _body, headers) => headers['x-github-delivery'],
  }),
  (req, res) => res.json({ received: true })
);

Fastify, FastAPI, Flask, and Django adapters available — see the full SDK reference.

v1.5 · silent drops

Catch handlers that returned 200 but never actually processed a GitHub event. Add requireProcessingMark and call track.processed() in your handler. Guide →

v1.5 · signature diagnostics

When X-Hub-Signature-256 verification fails, the dashboard shows the specific reason (malformed header, wrong secret, body re-serialized) and suggests the fix.

Stop debugging deliveries blind.

Free forever for 1,000 events/month. No credit card. Install in 60 seconds.

Start Free