From ca6ad5567f8cf5681ab1525182d126ab6ec2ba85 Mon Sep 17 00:00:00 2001
From: Andrey Helldar <helldar@dragon-code.pro>
Date: Sat, 4 Oct 2025 23:36:17 +0300
Subject: [PATCH] Restrict signature and hashed validation to production
 environment

---
 app/Http/Middleware/GitHubMiddleware.php | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

diff --git a/app/Http/Middleware/GitHubMiddleware.php b/app/Http/Middleware/GitHubMiddleware.php
index a21ae57..d4a8c11 100644
--- a/app/Http/Middleware/GitHubMiddleware.php
+++ b/app/Http/Middleware/GitHubMiddleware.php
@@ -19,8 +19,10 @@ class GitHubMiddleware
 
     public function handle(Request $request, Closure $next)
     {
-        $this->throw(fn () => $this->signature($request));
-        $this->throw(fn () => $this->hashed($request));
+        if ($this->isProduction()) {
+            $this->throw(fn () => $this->signature($request));
+            $this->throw(fn () => $this->hashed($request));
+        }
 
         if ($this->hasCreatedHook($request)) {
             $this->connect($request);
@@ -76,4 +78,9 @@ protected function connect(Request $request): void
 
         ConnectRepositoryJob::dispatch($organization, $repository);
     }
+
+    protected function isProduction(): bool
+    {
+        return app()->isProduction();
+    }
 }