WebhookEngine v0.2.2

WebhookEngine v0.2.2

Maintenance patch — a full dependency refresh across NuGet, npm, Docker base images, and GitHub Actions, plus a CI fix that realigns the Bun toolchain (1.2.x → 1.3.x) and repairs the Dependabot lockfile auto-sync. No user-visible behaviour changes and no breaking API changes; the v1 route prefix and Standard Webhooks signature surface are unchanged.

Features / Fixes / Changes

Security

• Docker base image digest bumps. dotnet/aspnet (60eb031 → 1e37a82), dotnet/sdk (8a90a47 → dc8430e), and oven/bun (4de4753 → 5acc90a) refreshed to pick up the latest patched Alpine layers in the published image.

Changed

• NuGet runtime dependency refresh. Microsoft.AspNetCore.OpenApi, Microsoft.EntityFrameworkCore (+ .Relational, .Design), Microsoft.Extensions.Http, .Hosting.Abstractions, and .DependencyInjection bumped 10.0.7 → 10.0.8; Scalar.AspNetCore 2.14.11 → 2.14.14. Test-only: FluentAssertions 8.9.0 → 8.10.0, coverlet.collector 10.0.0 → 10.0.1, Microsoft.AspNetCore.Mvc.Testing / EntityFrameworkCore.InMemory 10.0.7 → 10.0.8, Testcontainers.PostgreSql 4.11.0 → 4.12.0.
• npm / frontend dependency refresh. lucide-react 1.14.0 → 1.16.0, react-router 7.15.0 → 7.15.1, vite 8.0.11 → 8.0.13, @vitejs/plugin-react 6.0.1 → 6.0.2, eslint 10.3.0 → 10.4.0, typescript-eslint 8.59.2 → 8.59.3, @types/node 25.6.2 → 25.8.0. (lucide-react, react-router, and vite ship in the dashboard bundle; the rest are dev/build tooling.)
• GitHub Actions version bumps. actions/dependency-review-action v4 → v5; actions/setup-node v5 → v6.

Fixed

• CI Bun toolchain aligned to 1.3.x and the Dependabot lockfile auto-sync repaired. ci.yml, sync-bun-lock.yml, and publish-portal.yml pinned BUN_VERSION: "1.2.x" while the committed bun.lock is in Bun 1.3 text-lockfile format, the Docker dashboard build runs oven/bun:1, and local dev runs 1.3.x. The skew failed every grouped Dependabot npm bump at tsc --noEmit under 1.2.x's transitive resolution (a duplicate vite Plugin type identity in vite.config.ts). Separately, the lockfile-sync step ran bun install --no-save, which never writes bun.lock, so the auto-sync silently no-op'd and frontend dependency PRs landed with stale lockfiles that broke bun install --frozen-lockfile. All three pins are now 1.3.x and the sync step writes the refreshed lockfile back to the PR branch.

Quick Start

docker pull voyvodka/webhook-engine:0.2.2
git clone https://github.com/voyvodka/webhook-engine.git
cd webhook-engine
docker compose -f docker/docker-compose.yml up -d

Dashboard at http://localhost:5100 — login admin@example.com / changeme (reset before exposing publicly).

Links

• Docker Hub: voyvodka/webhook-engine:0.2.2 (multi-arch: linux/amd64 + linux/arm64)
• NuGet: WebhookEngine.Sdk 0.2.2
• Docs: docs/ — API, DATABASE, ARCHITECTURE, PORTAL, GETTING-STARTED, SELF-HOSTING, RELEASE
• Landing: webhook.sametozkan.com.tr
• Full changelog: CHANGELOG.md — 0.2.2 section