Webhooks.fyi

This page summarizes the projects mentioned and recommended in the original post on news.ycombinator.com

SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com
featured
  1. hookdeck-cli

    Alternative to ngrok for localhost asynchronous web development (e.g. webhooks). No account required.

    This is a fantastic resource! Thank you to the folks at ngrok for putting this together! As this site makes clear: webhooks are harder than they appear. Even just consuming webhooks it's easy to get bogged down dealing with issues around rate limits or recovering from bugs that cause missed events! Missed events being particularly painful with platforms that don't offer replay / retry.

    Disclaimer: I work at https://hookdeck.com/ & I shamelessly plug our tool for giving you an awesome developer experience working with webhooks and helping deal with some of the concerns brought up on webhooks.fyi.

    And if you are interested in webhooks at large a couple more resources worth checking out is the awesome-webhooks[1] list and the r/webhooks[2] subreddit (I just got ownership of the sub and started dusting it off this week after being neglected for the past few years! Please, come join!)

    [1] https://github.com/realadeel/awesome-webhooks

    [2] https://www.reddit.com/r/webhooks/

  2. SaaSHub

    SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives

    SaaSHub logo
  3. webhooks.fyi

    webhooks.fyi site

    Hello all! I'm one of the creators of webhooks.fyi over at ngrok.

    Happy to answer any questions!

    First, yes it's ridiculously hard to build webhooks correctly. There are so many shortcuts that feel "okay" and you don't really think about until you realize that it didn't quite work as you had planned and now you have a gap. We're hoping the site can help people move more of that thinking earlier and make better decisions.

    Second, we're missing a bunch of webhooks! While we looked at 100+ in our own research, we only had time to add ~50 to this initial pass. If you'd like to add your favorites, pull requests welcome: https://github.com/ngrok/webhooks.fyi

  4. svix-webhooks

    The enterprise-ready webhooks service 🦀

    Amen. FWIW, we are open source, and we publish libraries that let anyone sign and verify webhooks, hoping to save people the work and have a unified standard.

    Libs: https://github.com/svix/svix-webhooks

    Docs: https://docs.svix.com/receiving/verifying-payloads/how-manua...

    The docs mention `Svix-Signature`, but we (and the libs) also support `Webhooks-Signature` which are useful for the generic standard.

    The fact that we don't have REST for webhooks is both silly and annoying. Especially since (as you can see on the list in the original post) many companies who implement webhooks end up doing it poorly.

  5. webhook-sentry

    Egress proxy for webhooks

    >Domains that resolve to private IPs: attacker could set up foo.com which resolves to a private IP

    There's a clever extension to this attack; a naive way to mitigate it is to do a DNS resolution first to verify it's not a private IP and then do the actual request. An attacker can simply return a public IP on the first DNS resolution (with a 0 TTY) and then return a private IP on the second. This is called a "TOCTOU" (time-of-check time-of-use) vulnerability. I've written about this and other security best practices on my blog here - https://www.ameyalokare.com/technology/webhooks/2021/05/03/s...

    I've also built an egress proxy that prevents such attacks here - https://github.com/juggernaut/webhook-sentry

    Same caveat applies, use at your own risk :-)

  6. awesome-webhooks

    A curated list about real-time webhooks.

    This is a fantastic resource! Thank you to the folks at ngrok for putting this together! As this site makes clear: webhooks are harder than they appear. Even just consuming webhooks it's easy to get bogged down dealing with issues around rate limits or recovering from bugs that cause missed events! Missed events being particularly painful with platforms that don't offer replay / retry.

    Disclaimer: I work at https://hookdeck.com/ & I shamelessly plug our tool for giving you an awesome developer experience working with webhooks and helping deal with some of the concerns brought up on webhooks.fyi.

    And if you are interested in webhooks at large a couple more resources worth checking out is the awesome-webhooks[1] list and the r/webhooks[2] subreddit (I just got ownership of the sub and started dusting it off this week after being neglected for the past few years! Please, come join!)

    [1] https://github.com/realadeel/awesome-webhooks

    [2] https://www.reddit.com/r/webhooks/

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts

  • What are Webhooks and why should developers use them?

    1 project | dev.to | 21 Jul 2024
  • Webhook Failure Scenarios

    1 project | news.ycombinator.com | 15 Sep 2023
  • Show HN: Nohooks – Webhooks on Platforms Without Webhooks

    5 projects | news.ycombinator.com | 28 Jun 2023
  • Sveltekit real-time reactivity with webhooks?

    1 project | /r/sveltejs | 5 May 2023
  • Webhooks.fyi - a site about webhook best practices

    1 project | /r/programming | 5 Apr 2023

Did you know that Go is
the 4th most popular programming language
based on number of references?