Skip to content

fix: enable Addie meeting scheduling with Zoom webhook support #769

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
bokelley merged 2 commits into from
Jan 14, 2026
Merged

fix: enable Addie meeting scheduling with Zoom webhook support #769

bokelley merged 2 commits into from
Jan 14, 2026

Conversation

@bokelley
Copy link
Contributor

@bokelley bokelley commented Jan 14, 2026

Summary

  • Enable Addie meeting scheduling with working group auto-detection from Slack channels
  • Add Zoom webhook endpoint for URL validation and recording notifications
  • Add security hardening for Zoom webhooks (timestamp validation, input sanitization)

Changes

  • Zoom webhook endpoint: Handle endpoint URL validation, recording.completed, and meeting lifecycle events
  • Working group auto-detection: Automatically detect working group context from Slack channel
  • Security fixes: Timestamp replay attack prevention, meetingUuid input validation

Test plan

  • Local server starts and UI pages load correctly
  • Deploy and validate Zoom webhook endpoint URL
  • Test meeting scheduling through Addie in a committee channel
  • Verify recording.completed webhook triggers transcript processing

🤖 Generated with Claude Code

@bokelley @claude
fix: add timestamp validation and input sanitization to Zoom webhook
7e8535b 
- Validate webhook timestamp is within 5 minutes to prevent replay attacks
- Add type and length validation for meetingUuid before processing

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
@bokelley bokelley force-pushed the bokelley/addie-meetings-fix branch from 179c939 to 7e8535b Compare January 14, 2026 20:15
@bokelley @claude
chore: add empty changeset for security fix
cf525d0 
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
@bokelley bokelley merged commit 1a23cb8 into main Jan 14, 2026
6 checks passed
bokelley added a commit that referenced this pull request Jan 16, 2026
@bokelley @claude
fix: enable Addie meeting scheduling with Zoom webhook support (#769)
ec7c84d 
* fix: add timestamp validation and input sanitization to Zoom webhook

- Validate webhook timestamp is within 5 minutes to prevent replay attacks
- Add type and length validation for meetingUuid before processing

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

* chore: add empty changeset for security fix

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

---------

Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
bokelley added a commit that referenced this pull request Jan 20, 2026
@bokelley @claude
fix: enable Addie meeting scheduling with Zoom webhook support (#769)
1da4194 
* fix: add timestamp validation and input sanitization to Zoom webhook

- Validate webhook timestamp is within 5 minutes to prevent replay attacks
- Add type and length validation for meetingUuid before processing

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

* chore: add empty changeset for security fix

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

---------

Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@bokelley