From 808498d1a0432c27ccc29883be7fc411a3769ead Mon Sep 17 00:00:00 2001
From: 0x524a <ritwik_jain@live.in>
Date: Tue, 2 Dec 2025 01:06:28 -0500
Subject: [PATCH] chore: update linter configuration and enhance CI workflow

- Replaced 'exportloopref' with 'copyloopvar' in .golangci.yml for improved linting accuracy.
- Updated 'goerr113' to 'err113' for consistency in linter naming.
- Added Go setup step in the GitHub Actions workflow to specify Go version 1.23.
- Enhanced the gosec report upload process and added a step to display scan results in the CI workflow.
- Improved error handling in the unmarshalBody function to provide clearer error messages.
---
 .github/workflows/security.yml | 24 +++++++++++++++++++++---
 .golangci.yml                  |  4 ++--
 server/media.go                |  4 ++--
 3 files changed, 25 insertions(+), 7 deletions(-)

diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml
index 6cfcc42..d36c048 100644
--- a/.github/workflows/security.yml
+++ b/.github/workflows/security.yml
@@ -21,16 +21,34 @@ jobs:
       - name: Checkout code
         uses: actions/checkout@v4
       
+      - name: Set up Go
+        uses: actions/setup-go@v5
+        with:
+          go-version: '1.23'
+      
       - name: Run Gosec Security Scanner
         uses: securego/gosec@master
         with:
           args: '-no-fail -fmt json -out gosec-report.json ./...'
       
-      - name: Upload SARIF file
-        uses: github/codeql-action/upload-sarif@v3
+      - name: Upload gosec report
         if: always()
+        uses: actions/upload-artifact@v4
         with:
-          sarif_file: gosec-report.json
+          name: gosec-report
+          path: gosec-report.json
+          retention-days: 30
+      
+      - name: Display gosec results
+        if: always()
+        run: |
+          if [ -f gosec-report.json ]; then
+            echo "📊 Gosec Security Scan Results:"
+            cat gosec-report.json | jq -r '.Stats // empty' || echo "No stats available"
+            echo ""
+            echo "Issues found:"
+            cat gosec-report.json | jq -r '.Issues[]? | "\(.severity | ascii_upcase): \(.rule_id) - \(.details)"' || echo "No issues found"
+          fi
 
   govulncheck:
     name: Vulnerability Check (govulncheck)
diff --git a/.golangci.yml b/.golangci.yml
index 3ca335d..ff0450d 100644
--- a/.golangci.yml
+++ b/.golangci.yml
@@ -18,7 +18,7 @@ linters:
     - unparam
     - gocritic
     - gosec
-    - exportloopref
+    - copyloopvar
     - goconst
     - gocyclo
     - dupl
@@ -34,7 +34,7 @@ linters:
     - errorlint
     - exhaustive
     - godot
-    - goerr113
+    - err113
     - mnd
     - goprintffuncname
     - nlreturn
diff --git a/server/media.go b/server/media.go
index 8c7baa0..3852816 100644
--- a/server/media.go
+++ b/server/media.go
@@ -369,14 +369,14 @@ func (s *Server) HandleGetVideoSources(body interface{}) (interface{}, error) {
 func unmarshalBody(body interface{}, target interface{}) error {
 	var bodyXML []byte
 	var err error
-	
+
 	// If body is already []byte, use it directly
 	if b, ok := body.([]byte); ok {
 		bodyXML = b
 	} else {
 		bodyXML, err = xml.Marshal(body)
 		if err != nil {
-			return err
+			return fmt.Errorf("failed to marshal XML: %w", err)
 		}
 	}
 	return xml.Unmarshal(bodyXML, target)