Hide webhook secret token
Currently, webhook secrets are visible to any user that can edit webhooks, even they did not create the webhook. In my use case, this is a security issue: I would like to provide some service using webhooks, and enable users to register the service from my website (which then uses the
projects/:id/hooks API endpoint to register a webhook). The problem is that users can see the webhook secret by editing the webhook. So I would like the secret to be hidden for all users, or at least from all but the webhook's creator.