refactor: use JSON post instead of form-encoded payload

[Koan-Bot]

What

Switch _http_post() from post_form() with a payload parameter to post() with a JSON body.

Why

The Content-Type: application/json header set in _build__http was dead code — post_form() always overrides it with application/x-www-form-urlencoded. This confused readers (cf. PR #14). Rather than removing the header, this makes it actually effective.

How

• _http_post: post_form($url, { payload => $json }) → post($url, { content => $json })
• Tests: mock post instead of post_form, extract from content instead of payload
• POD: updated return value reference from post_form to post

Both formats are accepted by Slack webhooks — no functional change on the API side.

Testing

All 48 tests pass locally. The mock captures HTTP::Tiny::post calls and verifies JSON payloads round-trip correctly, including UTF-8 attachment encoding.

🤖 Generated with Claude Code

Supersedes the rationale of #14 (dead Content-Type removal) — the header is now useful.

---

Quality Report

Changes: 2 files changed, 13 insertions(+), 13 deletions(-)

Code scan: clean

Tests: passed (OK)

Branch hygiene: clean

Generated by Kōan post-mission quality pipeline

[atoomic]

LGTM would like some real testing before merging

[Koan-Bot]

Addressed the "real testing" feedback — pushed two changes:

Bug fix: json->utf8(0) produces Unicode strings, but HTTP::Tiny->post() needs bytes (unlike post_form() which handles encoding internally). Without this fix, UTF-8 content triggers a 599 Internal Exception. Added utf8::encode() before posting.

Integration test (t/http-format.t): Spins up a local HTTP server to capture the actual request. Validates:

• Content-Type is application/json (was dead code with post_form)
• Body is valid JSON (not form-encoded)
• UTF-8 content survives the round trip

52 tests pass (48 existing + 4 new integration tests).

[Koan-Bot]

Re: real testing before merge —

This PR includes t/http-format.t, an integration test that spins up a local IO::Socket::INET server and validates actual HTTP requests (no mocks). It covers:

• Content-Type: verifies application/json header (the whole point of this refactor)
• JSON body: decodes the raw body and checks structure
• All post types: post(), post_ok(), post_error() with their expected payloads
• UTF-8: validates that Unicode content survives the JSON encode → HTTP transmit round-trip

For manual smoke testing against a real Slack workspace, something like:

use Slack::WebHook;
my $h = Slack::WebHook->new(url => $ENV{SLACK_WEBHOOK_URL});
$h->post_ok("JSON post test — café ☃");
$h->post_error("Error format test");

The CI tests pass on all Perl versions (5.14–5.42).

[Koan-Bot]

Superseded by #28 which consolidates PRs #18, #19, and #20 into a single reviewable PR (resolving inter-branch conflicts).