Sendword receives webhooks, validates payloads, and runs commands. Authentication, filtering, retries, and a dashboard — built in, not bolted on.
Authentication, validation, concurrency control, and execution history — already done.
Bearer tokens, HMAC-SHA256, or open access. Secrets reference env vars. Constant-time comparison prevents timing attacks.
JSON schema per hook. Malformed payloads are rejected before your command runs.
Filter by payload fields, restrict to time windows, enforce cooldowns, apply rate limits — all before execution.
Run commands with payload interpolation, execute managed scripts, or forward to endpoints. Per-hook timeouts and working directories.
None, linear, or exponential. Configurable per hook or globally, with max delay caps.
Mutex or queue-based execution prevents conflicts. Approval workflows gate deployments behind human review.
Mask env var values and regex patterns in output. Sensitive data never reaches the dashboard or log files.
Back up database and config to S3-compatible storage on a schedule. Restore with one command. Retention handles cleanup.
Define a hook in TOML, add rules and guards, start the server.
Name, slug, command, and auth. One TOML block.
Payload filters, cooldowns, rate limits, concurrency barriers.
Hooks are live as POST endpoints. The dashboard shows every execution.
Everything lives in sendword.toml. Export as JSON, import on another machine, version-control the whole thing.
# sendword.toml
[[hooks]]
name = "Deploy"
slug = "deploy"
[hooks.executor]
type = "shell"
command = "bash deploy.sh { branch }"
[hooks.auth]
mode = "bearer"
token = "${DEPLOY_TOKEN}"
[hooks.trigger_rules]
cooldown = "5m"
[[hooks.trigger_rules.payload_filters]]
field = "branch"
operator = "regex"
value = "^(main|release/.*)"