PR #198 merged: fix: resolve Resend webhook route-name clash breaking deploy
Urgent — unblocks staging/prod deploy
The merged #196 registered a custom /api/resend/webhook route named resend.webhook — the same name the resend-laravel package already uses for its own auto-registered route. Two routes, one name → php artisan route:cache (run on deploy) aborts → deployment fails. It only surfaced after merge because the failure is at the deploy/caching step, not in tests.
Fix — use the package's webhook handling, drop the duplicate
The package already ships a signature-verified route + typed events, so the custom layer was redundant and the source of the clash.
- Delete the custom
WebhookController, its route, and the hand-rolledWebhookSignaturecall. - Publish
config/resend.php:path = api/resend(so the package's route is the URL Resend already posts to — no Resend reconfig),webhook.secret→RESEND_WEBHOOK_SIGNING_SECRET, plus atracked_domainsetting. StoreResendEmailEventlistener (registered for the package'sEmail*events) does the domain-filter + storage we actually wanted.- Tests exercise the real package route end-to-end (403 on bad signature).
Kept: email_events table, EmailEventResource, admin aggregate page, per-user surfacing, fixtures.
Verified
php artisan route:cachenow succeeds (was the deploy-breaker)- One route:
POST api/resend/webhook→ package controller, package-verified - 8 webhook tests green
Follow-up (separate)
Add route:cache + config:cache to CI so this class of bug fails in CI, not on deploy.
Ops note
Set RESEND_WEBHOOK_SIGNING_SECRET on staging (only prod has it) for staging to verify webhooks.