ExpediaGroup · danadajian · Nov 3, 2025 · Nov 3, 2025 · Nov 3, 2025 · Nov 3, 2025
diff --git a/.prettierignore b/.prettierignore
@@ -1,2 +1,3 @@
 build/
 node_modules/
+USAGE.md
diff --git a/.terraform-version b/.terraform-version
@@ -1 +1 @@
-1.13.3
+1.13.4
diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
@@ -20,7 +20,7 @@ where "my-new-feature" describes what you're working on.
 
 ### 3. Add tests for any bug fixes or new functionality
 
-All functions must be tested with a unit test. Please follow the existing convention of one exported function per file with a corresponding file to test it. Run tests using `yarn test`, or using the [Jest CLI](https://jestjs.io/docs/cli).
+All functions must be tested with a unit test. Please follow the existing convention of one exported function per file with a corresponding file to test it. Run tests using `bun test`.
 
 There is also an integration test present in the [test workflow](./.github/workflows/test.yaml), which will actually run this Github Action using the code from this repository. This allows you to test your change to the Github Action right within the pull request you make.
 

diff --git a/USAGE.md b/USAGE.md
@@ -3,7 +3,7 @@
 
 | Name | Version |
 |------|---------|
-| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | 1.13.3 |
+| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | 1.13.4 |
 
 ## Providers
 

diff --git a/bun.lock b/bun.lock
@@ -0,0 +1,124 @@
+{
+  "lockfileVersion": 1,
+  "workspaces": {
+    "": {
+      "name": "github-webhook-proxy",
+      "dependencies": {
+        "axios": "1.13.1",
+        "lodash.mapkeys": "4.6.0",
+        "micromatch": "4.0.8",
+        "zod": "4.1.12",
+      },
+      "devDependencies": {
+        "@octokit/webhooks": "14.1.3",
+        "@types/aws-lambda": "8.10.157",
+        "@types/bun": "1.3.1",
+        "@types/lodash.mapkeys": "4.6.9",
+        "@types/micromatch": "4.0.10",
+        "prettier": "3.6.2",
+        "typescript": "5.9.3",
+      },
+    },
+  },
+  "packages": {
+    "@octokit/openapi-types": ["@octokit/openapi-types@27.0.0", "", {}, "sha512-whrdktVs1h6gtR+09+QsNk2+FO+49j6ga1c55YZudfEG+oKJVvJLQi3zkOm5JjiUXAagWK2tI2kTGKJ2Ys7MGA=="],
+
+    "@octokit/openapi-webhooks-types": ["@octokit/openapi-webhooks-types@12.0.3", "", {}, "sha512-90MF5LVHjBedwoHyJsgmaFhEN1uzXyBDRLEBe7jlTYx/fEhPAk3P3DAJsfZwC54m8hAIryosJOL+UuZHB3K3yA=="],
+
+    "@octokit/request-error": ["@octokit/request-error@7.0.2", "", { "dependencies": { "@octokit/types": "^16.0.0" } }, "sha512-U8piOROoQQUyExw5c6dTkU3GKxts5/ERRThIauNL7yaRoeXW0q/5bgHWT7JfWBw1UyrbK8ERId2wVkcB32n0uQ=="],
+
+    "@octokit/types": ["@octokit/types@16.0.0", "", { "dependencies": { "@octokit/openapi-types": "^27.0.0" } }, "sha512-sKq+9r1Mm4efXW1FCk7hFSeJo4QKreL/tTbR0rz/qx/r1Oa2VV83LTA/H/MuCOX7uCIJmQVRKBcbmWoySjAnSg=="],
+
+    "@octokit/webhooks": ["@octokit/webhooks@14.1.3", "", { "dependencies": { "@octokit/openapi-webhooks-types": "12.0.3", "@octokit/request-error": "^7.0.0", "@octokit/webhooks-methods": "^6.0.0" } }, "sha512-gcK4FNaROM9NjA0mvyfXl0KPusk7a1BeA8ITlYEZVQCXF5gcETTd4yhAU0Kjzd8mXwYHppzJBWgdBVpIR9wUcQ=="],
+
+    "@octokit/webhooks-methods": ["@octokit/webhooks-methods@6.0.0", "", {}, "sha512-MFlzzoDJVw/GcbfzVC1RLR36QqkTLUf79vLVO3D+xn7r0QgxnFoLZgtrzxiQErAjFUOdH6fas2KeQJ1yr/qaXQ=="],
+
+    "@types/aws-lambda": ["@types/aws-lambda@8.10.157", "", {}, "sha512-ofjcRCO1N7tMZDSO11u5bFHPDfUFD3Q9YK9g4S4w8UDKuG3CNlw2lNK1sd3Itdo7JORygZmG4h9ZykS8dlXvMA=="],
+
+    "@types/braces": ["@types/braces@3.0.5", "", {}, "sha512-SQFof9H+LXeWNz8wDe7oN5zu7ket0qwMu5vZubW4GCJ8Kkeh6nBWUz87+KTz/G3Kqsrp0j/W253XJb3KMEeg3w=="],
+
+    "@types/bun": ["@types/bun@1.3.1", "", { "dependencies": { "bun-types": "1.3.1" } }, "sha512-4jNMk2/K9YJtfqwoAa28c8wK+T7nvJFOjxI4h/7sORWcypRNxBpr+TPNaCfVWq70tLCJsqoFwcf0oI0JU/fvMQ=="],
+
+    "@types/lodash": ["@types/lodash@4.17.20", "", {}, "sha512-H3MHACvFUEiujabxhaI/ImO6gUrd8oOurg7LQtS7mbwIXA/cUqWrvBsaeJ23aZEPk1TAYkurjfMbSELfoCXlGA=="],
+
+    "@types/lodash.mapkeys": ["@types/lodash.mapkeys@4.6.9", "", { "dependencies": { "@types/lodash": "*" } }, "sha512-6/ERBCabeDI656LsV+oopLjdnJ/x1PCAE6kkkssH8e4i0K7Pw307noxHCbUc6cAVfTo9vx0Z+k3QZwy1IrUZcA=="],
+
+    "@types/micromatch": ["@types/micromatch@4.0.10", "", { "dependencies": { "@types/braces": "*" } }, "sha512-5jOhFDElqr4DKTrTEbnW8DZ4Hz5LRUEmyrGpCMrD/NphYv3nUnaF08xmSLx1rGGnyEs/kFnhiw6dCgcDqMr5PQ=="],
+
+    "@types/node": ["@types/node@24.10.0", "", { "dependencies": { "undici-types": "~7.16.0" } }, "sha512-qzQZRBqkFsYyaSWXuEHc2WR9c0a0CXwiE5FWUvn7ZM+vdy1uZLfCunD38UzhuB7YN/J11ndbDBcTmOdxJo9Q7A=="],
+
+    "@types/react": ["@types/react@19.2.2", "", { "dependencies": { "csstype": "^3.0.2" } }, "sha512-6mDvHUFSjyT2B2yeNx2nUgMxh9LtOWvkhIU3uePn2I2oyNymUAX1NIsdgviM4CH+JSrp2D2hsMvJOkxY+0wNRA=="],
+
+    "asynckit": ["asynckit@0.4.0", "", {}, "sha512-Oei9OH4tRh0YqU3GxhX79dM/mwVgvbZJaSNaRk+bshkj0S5cfHcgYakreBjrHwatXKbz+IoIdYLxrKim2MjW0Q=="],
+
+    "axios": ["axios@1.13.1", "", { "dependencies": { "follow-redirects": "^1.15.6", "form-data": "^4.0.4", "proxy-from-env": "^1.1.0" } }, "sha512-hU4EGxxt+j7TQijx1oYdAjw4xuIp1wRQSsbMFwSthCWeBQur1eF+qJ5iQ5sN3Tw8YRzQNKb8jszgBdMDVqwJcw=="],
+
+    "braces": ["braces@3.0.3", "", { "dependencies": { "fill-range": "^7.1.1" } }, "sha512-yQbXgO/OSZVD2IsiLlro+7Hf6Q18EJrKSEsdoMzKePKXct3gvD8oLcOQdIzGupr5Fj+EDe8gO/lxc1BzfMpxvA=="],
+
+    "bun-types": ["bun-types@1.3.1", "", { "dependencies": { "@types/node": "*" }, "peerDependencies": { "@types/react": "^19" } }, "sha512-NMrcy7smratanWJ2mMXdpatalovtxVggkj11bScuWuiOoXTiKIu2eVS1/7qbyI/4yHedtsn175n4Sm4JcdHLXw=="],
+
+    "call-bind-apply-helpers": ["call-bind-apply-helpers@1.0.2", "", { "dependencies": { "es-errors": "^1.3.0", "function-bind": "^1.1.2" } }, "sha512-Sp1ablJ0ivDkSzjcaJdxEunN5/XvksFJ2sMBFfq6x0ryhQV/2b/KwFe21cMpmHtPOSij8K99/wSfoEuTObmuMQ=="],
+
+    "combined-stream": ["combined-stream@1.0.8", "", { "dependencies": { "delayed-stream": "~1.0.0" } }, "sha512-FQN4MRfuJeHf7cBbBMJFXhKSDq+2kAArBlmRBvcvFE5BB1HZKXtSFASDhdlz9zOYwxh8lDdnvmMOe/+5cdoEdg=="],
+
+    "csstype": ["csstype@3.1.3", "", {}, "sha512-M1uQkMl8rQK/szD0LNhtqxIPLpimGm8sOBwU7lLnCpSbTyY3yeU1Vc7l4KT5zT4s/yOxHH5O7tIuuLOCnLADRw=="],
+
+    "delayed-stream": ["delayed-stream@1.0.0", "", {}, "sha512-ZySD7Nf91aLB0RxL4KGrKHBXl7Eds1DAmEdcoVawXnLD7SDhpNgtuII2aAkg7a7QS41jxPSZ17p4VdGnMHk3MQ=="],
+
+    "dunder-proto": ["dunder-proto@1.0.1", "", { "dependencies": { "call-bind-apply-helpers": "^1.0.1", "es-errors": "^1.3.0", "gopd": "^1.2.0" } }, "sha512-KIN/nDJBQRcXw0MLVhZE9iQHmG68qAVIBg9CqmUYjmQIhgij9U5MFvrqkUL5FbtyyzZuOeOt0zdeRe4UY7ct+A=="],
+
+    "es-define-property": ["es-define-property@1.0.1", "", {}, "sha512-e3nRfgfUZ4rNGL232gUgX06QNyyez04KdjFrF+LTRoOXmrOgFKDg4BCdsjW8EnT69eqdYGmRpJwiPVYNrCaW3g=="],
+
+    "es-errors": ["es-errors@1.3.0", "", {}, "sha512-Zf5H2Kxt2xjTvbJvP2ZWLEICxA6j+hAmMzIlypy4xcBg1vKVnx89Wy0GbS+kf5cwCVFFzdCFh2XSCFNULS6csw=="],
+
+    "es-object-atoms": ["es-object-atoms@1.1.1", "", { "dependencies": { "es-errors": "^1.3.0" } }, "sha512-FGgH2h8zKNim9ljj7dankFPcICIK9Cp5bm+c2gQSYePhpaG5+esrLODihIorn+Pe6FGJzWhXQotPv73jTaldXA=="],
+
+    "es-set-tostringtag": ["es-set-tostringtag@2.1.0", "", { "dependencies": { "es-errors": "^1.3.0", "get-intrinsic": "^1.2.6", "has-tostringtag": "^1.0.2", "hasown": "^2.0.2" } }, "sha512-j6vWzfrGVfyXxge+O0x5sh6cvxAog0a/4Rdd2K36zCMV5eJ+/+tOAngRO8cODMNWbVRdVlmGZQL2YS3yR8bIUA=="],
+
+    "fill-range": ["fill-range@7.1.1", "", { "dependencies": { "to-regex-range": "^5.0.1" } }, "sha512-YsGpe3WHLK8ZYi4tWDg2Jy3ebRz2rXowDxnld4bkQB00cc/1Zw9AWnC0i9ztDJitivtQvaI9KaLyKrc+hBW0yg=="],
+
+    "follow-redirects": ["follow-redirects@1.15.11", "", {}, "sha512-deG2P0JfjrTxl50XGCDyfI97ZGVCxIpfKYmfyrQ54n5FO/0gfIES8C/Psl6kWVDolizcaaxZJnTS0QSMxvnsBQ=="],
+
+    "form-data": ["form-data@4.0.4", "", { "dependencies": { "asynckit": "^0.4.0", "combined-stream": "^1.0.8", "es-set-tostringtag": "^2.1.0", "hasown": "^2.0.2", "mime-types": "^2.1.12" } }, "sha512-KrGhL9Q4zjj0kiUt5OO4Mr/A/jlI2jDYs5eHBpYHPcBEVSiipAvn2Ko2HnPe20rmcuuvMHNdZFp+4IlGTMF0Ow=="],
+
+    "function-bind": ["function-bind@1.1.2", "", {}, "sha512-7XHNxH7qX9xG5mIwxkhumTox/MIRNcOgDrxWsMt2pAr23WHp6MrRlN7FBSFpCpr+oVO0F744iUgR82nJMfG2SA=="],
+
+    "get-intrinsic": ["get-intrinsic@1.3.0", "", { "dependencies": { "call-bind-apply-helpers": "^1.0.2", "es-define-property": "^1.0.1", "es-errors": "^1.3.0", "es-object-atoms": "^1.1.1", "function-bind": "^1.1.2", "get-proto": "^1.0.1", "gopd": "^1.2.0", "has-symbols": "^1.1.0", "hasown": "^2.0.2", "math-intrinsics": "^1.1.0" } }, "sha512-9fSjSaos/fRIVIp+xSJlE6lfwhES7LNtKaCBIamHsjr2na1BiABJPo0mOjjz8GJDURarmCPGqaiVg5mfjb98CQ=="],
+
+    "get-proto": ["get-proto@1.0.1", "", { "dependencies": { "dunder-proto": "^1.0.1", "es-object-atoms": "^1.0.0" } }, "sha512-sTSfBjoXBp89JvIKIefqw7U2CCebsc74kiY6awiGogKtoSGbgjYE/G/+l9sF3MWFPNc9IcoOC4ODfKHfxFmp0g=="],
+
+    "gopd": ["gopd@1.2.0", "", {}, "sha512-ZUKRh6/kUFoAiTAtTYPZJ3hw9wNxx+BIBOijnlG9PnrJsCcSjs1wyyD6vJpaYtgnzDrKYRSqf3OO6Rfa93xsRg=="],
+
+    "has-symbols": ["has-symbols@1.1.0", "", {}, "sha512-1cDNdwJ2Jaohmb3sg4OmKaMBwuC48sYni5HUw2DvsC8LjGTLK9h+eb1X6RyuOHe4hT0ULCW68iomhjUoKUqlPQ=="],
+
+    "has-tostringtag": ["has-tostringtag@1.0.2", "", { "dependencies": { "has-symbols": "^1.0.3" } }, "sha512-NqADB8VjPFLM2V0VvHUewwwsw0ZWBaIdgo+ieHtK3hasLz4qeCRjYcqfB6AQrBggRKppKF8L52/VqdVsO47Dlw=="],
+
+    "hasown": ["hasown@2.0.2", "", { "dependencies": { "function-bind": "^1.1.2" } }, "sha512-0hJU9SCPvmMzIBdZFqNPXWa6dqh7WdH0cII9y+CyS8rG3nL48Bclra9HmKhVVUHyPWNH5Y7xDwAB7bfgSjkUMQ=="],
+
+    "is-number": ["is-number@7.0.0", "", {}, "sha512-41Cifkg6e8TylSpdtTpeLVMqvSBEVzTttHvERD741+pnZ8ANv0004MRL43QKPDlK9cGvNp6NZWZUBlbGXYxxng=="],
+
+    "lodash.mapkeys": ["lodash.mapkeys@4.6.0", "", {}, "sha512-0Al+hxpYvONWtg+ZqHpa/GaVzxuN3V7Xeo2p+bY06EaK/n+Y9R7nBePPN2o1LxmL0TWQSwP8LYZ008/hc9JzhA=="],
+
+    "math-intrinsics": ["math-intrinsics@1.1.0", "", {}, "sha512-/IXtbwEk5HTPyEwyKX6hGkYXxM9nbj64B+ilVJnC/R6B0pH5G4V3b0pVbL7DBj4tkhBAppbQUlf6F6Xl9LHu1g=="],
+
+    "micromatch": ["micromatch@4.0.8", "", { "dependencies": { "braces": "^3.0.3", "picomatch": "^2.3.1" } }, "sha512-PXwfBhYu0hBCPw8Dn0E+WDYb7af3dSLVWKi3HGv84IdF4TyFoC0ysxFd0Goxw7nSv4T/PzEJQxsYsEiFCKo2BA=="],
+
+    "mime-db": ["mime-db@1.52.0", "", {}, "sha512-sPU4uV7dYlvtWJxwwxHD0PuihVNiE7TyAbQ5SWxDCB9mUYvOgroQOwYQQOKPJ8CIbE+1ETVlOoK1UC2nU3gYvg=="],
+
+    "mime-types": ["mime-types@2.1.35", "", { "dependencies": { "mime-db": "1.52.0" } }, "sha512-ZDY+bPm5zTTF+YpCrAU9nK0UgICYPT0QtT1NZWFv4s++TNkcgVaT0g6+4R2uI4MjQjzysHB1zxuWL50hzaeXiw=="],
+
+    "picomatch": ["picomatch@2.3.1", "", {}, "sha512-JU3teHTNjmE2VCGFzuY8EXzCDVwEqB2a8fsIvwaStHhAWJEeVd1o1QD80CU6+ZdEXXSLbSsuLwJjkCBWqRQUVA=="],
+
+    "prettier": ["prettier@3.6.2", "", { "bin": { "prettier": "bin/prettier.cjs" } }, "sha512-I7AIg5boAr5R0FFtJ6rCfD+LFsWHp81dolrFD8S79U9tb8Az2nGrJncnMSnys+bpQJfRUzqs9hnA81OAA3hCuQ=="],
+
+    "proxy-from-env": ["proxy-from-env@1.1.0", "", {}, "sha512-D+zkORCbA9f1tdWRK0RaCR3GPv50cMxcrz4X8k5LTSUD1Dkw47mKJEZQNunItRTkWwgtaUSo1RVFRIG9ZXiFYg=="],
+
+    "to-regex-range": ["to-regex-range@5.0.1", "", { "dependencies": { "is-number": "^7.0.0" } }, "sha512-65P7iz6X5yEr1cwcgvQxbbIw7Uk3gOy5dIdtZ4rDveLqhrdJP+Li/Hx6tyK0NEb+2GCyneCMJiGqrADCSNk8sQ=="],
+
+    "typescript": ["typescript@5.9.3", "", { "bin": { "tsc": "bin/tsc", "tsserver": "bin/tsserver" } }, "sha512-jl1vZzPDinLr9eUt3J/t7V6FgNEw9QjvBPdysz9KfQDD41fQrC2Y4vKQdiaUpFT4bXlb1RHhLpp8wtm6M5TgSw=="],
+
+    "undici-types": ["undici-types@7.16.0", "", {}, "sha512-Zz+aZWSj8LE6zoxD+xrjh4VfkIG8Ya6LvYkZqtUQGJPZjYl53ypCaUwWqo7eI0x66KBGeRo+mlBEkMSeSZ38Nw=="],
+
+    "zod": ["zod@4.1.12", "", {}, "sha512-JInaHOamG8pt5+Ey8kGmdcAcg3OL9reK8ltczgHTAwNhMys/6ThXHityHxVV2p3fkw/c+MAvBHFVYHFZDmjMCQ=="],
+  }
+}
diff --git a/bun.lockb b/bun.lockb
diff --git a/lambda/proxy.test.ts b/lambda/proxy.test.ts
@@ -12,20 +12,19 @@ limitations under the License.
 */
 
 import { handler } from "./proxy";
-import axios, { AxiosRequestHeaders, AxiosResponse } from "axios";
+import type { AxiosRequestHeaders, AxiosResponse } from "axios";
 import { readFileSync } from "fs";
 import { Agent } from "https";
-import { readFileFromLayer } from "./file-readers";
 import { APIGatewayProxyWithLambdaAuthorizerEvent } from "aws-lambda";
 import { VALID_PING_EVENT } from "../fixtures/valid-ping-payload";
 import { VALID_PUSH_PAYLOAD } from "../fixtures/valid-push-payload";
 import { VALID_PUSH_PAYLOAD_USER_REPO } from "../fixtures/valid-push-payload-user-repo";
+import { afterEach, beforeEach, describe, expect, it, mock } from "bun:test";
+
 const urlencodedPayload = readFileSync(
   "fixtures/invalid-payload-urlencoded.txt",
 ).toString();
 
-jest.mock("axios");
-jest.mock("./file-readers");
 const axiosResponse: AxiosResponse = {
   status: 200,
   data: {
@@ -39,7 +38,26 @@ const axiosResponse: AxiosResponse = {
     headers: {} as AxiosRequestHeaders,
   },
 };
-(axios.post as jest.Mock).mockResolvedValue(axiosResponse);
+const axiosPostMock = mock(() => axiosResponse);
+mock.module("axios", () => ({
+  default: {
+    post: axiosPostMock,
+  },
+}));
+
+const fileMap: Record<string, string> = {
+  "allowed-destination-hosts.json": JSON.stringify([
+    "approved.host",
+    "another.approved.host",
+    "a.wildcard.*.host",
+  ]),
+};
+const readFileFromLayerMock = mock((fileName: string) => fileMap[fileName]);
+mock.module("./file-readers", () => ({
+  readFileFromLayer: readFileFromLayerMock,
+  getPublicCerts: mock(),
+}));
+
 const expectedResponseObject = {
   statusCode: 200,
   body: '{"some":"data"}',
@@ -66,23 +84,17 @@ const baseEvent: APIGatewayProxyWithLambdaAuthorizerEvent<any> = {
   requestContext: {} as any,
   resource: "",
 };
-const fileMap: Record<string, string> = {
-  "allowed-destination-hosts.json": JSON.stringify([
-    "approved.host",
-    "another.approved.host",
-    "a.wildcard.*.host",
-  ]),
-};
-(readFileFromLayer as jest.Mock).mockImplementation(
-  (fileName: string) => fileMap[fileName],
-);
 
 describe("proxy", () => {
   beforeEach(() => {
     process.env.ENTERPRISE_SLUG = "some_enterprise";
     process.env.ENTERPRISE_MANAGED_USER_SUFFIX = "";
   });
 
+  afterEach(() => {
+    mock.clearAllMocks();
+  });
+
   it("should reject a request with an invalid urlencoded payload", async () => {
     const event: APIGatewayProxyWithLambdaAuthorizerEvent<any> = {
       ...baseEvent,
@@ -94,7 +106,7 @@ describe("proxy", () => {
     };
     const result = await handler(event);
     expect(result).toEqual({ statusCode: 403, body: "Access denied" });
-    expect(axios.post).not.toHaveBeenCalled();
+    expect(axiosPostMock).not.toHaveBeenCalled();
   });
 
   it("should reject a request with an endpointId which is not an encoded URL", async () => {
@@ -106,7 +118,7 @@ describe("proxy", () => {
     };
     const result = await handler(event);
     expect(result).toEqual({ statusCode: 403, body: "Access denied" });
-    expect(axios.post).not.toHaveBeenCalled();
+    expect(axiosPostMock).not.toHaveBeenCalled();
   });
 
   it("should allow a request from a managed user suffix when supplied", async () => {
@@ -122,7 +134,7 @@ describe("proxy", () => {
     };
     const result = await handler(event);
     expect(result).toEqual(expectedResponseObject);
-    expect(axios.post).toHaveBeenCalled();
+    expect(axiosPostMock).toHaveBeenCalled();
   });
 
   it("should forward a request when header is Content-Type", async () => {
@@ -142,7 +154,7 @@ describe("proxy", () => {
     };
     const result = await handler(event);
     expect(result).toEqual(expectedResponseObject);
-    expect(axios.post).toHaveBeenCalled();
+    expect(axiosPostMock).toHaveBeenCalled();
   });
 
   it("should not forward a request that does not come from an enterprise or managed user suffix", async () => {
@@ -161,7 +173,7 @@ describe("proxy", () => {
     };
     const result = await handler(event);
     expect(result).toEqual({ statusCode: 403, body: "Access denied" });
-    expect(axios.post).not.toHaveBeenCalled();
+    expect(axiosPostMock).not.toHaveBeenCalled();
   });
 
   it("should not forward a request that does not have an approved host", async () => {
@@ -175,7 +187,7 @@ describe("proxy", () => {
     };
     const result = await handler(event);
     expect(result).toEqual({ statusCode: 403, body: "Access denied" });
-    expect(axios.post).not.toHaveBeenCalled();
+    expect(axiosPostMock).not.toHaveBeenCalled();
   });
 
   it("should forward a request that has an approved host which matches a wildcard", async () => {
@@ -201,7 +213,7 @@ describe("proxy", () => {
       },
     };
     const result = await handler(event);
-    expect(axios.post).toHaveBeenCalledWith(
+    expect(axiosPostMock).toHaveBeenCalledWith(
       destinationUrl,
       stringifiedPayload,
       {
@@ -220,7 +232,7 @@ describe("proxy", () => {
       "ca.pem": "some ca",
       "cert.pem": "some cert",
     };
-    (readFileFromLayer as jest.Mock).mockImplementation(
+    readFileFromLayerMock.mockImplementation(
       (fileName: string) => newFileMap[fileName],
     );
     const destinationUrl = "https://approved.host/github-webhook/";
@@ -232,7 +244,7 @@ describe("proxy", () => {
       },
     };
     const result = await handler(event);
-    expect(axios.post).toHaveBeenCalledWith(
+    expect(axiosPostMock).toHaveBeenCalledWith(
       destinationUrl,
       stringifiedPayload,
       {
@@ -253,7 +265,7 @@ describe("proxy", () => {
     };
     const result = await handler(event);
     expect(result).toEqual({ statusCode: 404, body: "Not found" });
-    expect(axios.post).not.toHaveBeenCalled();
+    expect(axiosPostMock).not.toHaveBeenCalled();
   });
 
   it("should forward a ping event from a managed user suffix when supplied", async () => {
@@ -269,7 +281,7 @@ describe("proxy", () => {
     };
     const result = await handler(event);
     expect(result).toEqual(expectedResponseObject);
-    expect(axios.post).toHaveBeenCalled();
+    expect(axiosPostMock).toHaveBeenCalled();
   });
 
   it("should return error response from axios", async () => {
@@ -286,9 +298,7 @@ describe("proxy", () => {
         headers: {} as AxiosRequestHeaders,
       },
     };
-    (axios.post as jest.Mock).mockRejectedValue({
-      response: axiosErrorResponse,
-    });
+    axiosPostMock.mockImplementationOnce(() => axiosErrorResponse);
 
     process.env.ENTERPRISE_MANAGED_USER_SUFFIX = "suffix";
     const destinationUrl = "https://approved.host/github-webhook/";
@@ -306,6 +316,6 @@ describe("proxy", () => {
       body: '{"some":"error"}',
       headers: { response: "headers" },
     });
-    expect(axios.post).toHaveBeenCalled();
+    expect(axiosPostMock).toHaveBeenCalled();
   });
 });
diff --git a/lambda/proxy.ts b/lambda/proxy.ts
@@ -17,7 +17,6 @@ import { requestPayloadIsValid } from "./request-payload-is-valid";
 import { destinationHostIsAllowed } from "./destination-host-is-allowed";
 import { getHttpsAgent } from "./get-https-agent";
 import { parseRequestBody } from "./parse-request-body";
-import { EnterpriseProxyEvent } from "./types";
 import { urlIsValid } from "./url-is-valid";
 import { axiosErrorSchema } from "./schema";