Skip to content
This repository was archived by the owner on Mar 18, 2026. It is now read-only.

v0.2.0-alpha — Providers, Connect, Security & Performance

Pre-release
Pre-release

Choose a tag to compare

View all tags
@linyiru linyiru released this 16 Mar 22:59
· 17 commits to main since this release
v0.2.0-alpha
20a8c01

hookflare v0.2.0-alpha

Provider system, one-shot connect command, security hardening, and 3x performance improvement.

Highlights

  • hookflare connect stripe --secret whsec_xxx --to https://... — one command creates source + destination + subscription
  • 5 built-in providers (Stripe, GitHub, Slack, Shopify, Vercel) with event type catalogs and verification
  • defineProvider() — community-extensible provider framework (one file, three fields)
  • 0% error rate under loadP50 303ms, DO-based rate limiting
  • SSRF protection — destination URLs validated against private IPs, localhost, non-HTTPS
  • DLQ notifications — webhook callback when deliveries permanently fail
  • Bootstrap endpoint — secure first-run setup, self-locks after use

Performance (vs v0.1.0-alpha)

Metric v0.1.0 v0.2.0 Improvement
P50 Latency 860ms 303ms 2.8x faster
Error Rate 8-20% 0% Eliminated

Security

  • Secrets masked in GET responses
  • Zod input validation on all endpoints
  • Payload size limit (256KB)
  • DO-based rate limiter (no race conditions)
  • Bootstrap auth replaces open-access mode

Install

npm i -g hookflare
# or
brew install hookedge/tap/hookflare

See CHANGELOG.md for full details.

Assets 2
Loading