chore: update linter configuration and enhance CI workflow
- Replaced 'exportloopref' with 'copyloopvar' in .golangci.yml for improved linting accuracy. - Updated 'goerr113' to 'err113' for consistency in linter naming. - Added Go setup step in the GitHub Actions workflow to specify Go version 1.23. - Enhanced the gosec report upload process and added a step to display scan results in the CI workflow. - Improved error handling in the unmarshalBody function to provide clearer error messages.
This commit is contained in:
0x524a
@@ -21,16 +21,34 @@ jobs:
|
|||||||
- name: Checkout code
|
- name: Checkout code
|
||||||
uses: actions/checkout@v4
|
uses: actions/checkout@v4
|
||||||
|
|
||||||
|
- name: Set up Go
|
||||||
|
uses: actions/setup-go@v5
|
||||||
|
with:
|
||||||
|
go-version: '1.23'
|
||||||
|
|
||||||
- name: Run Gosec Security Scanner
|
- name: Run Gosec Security Scanner
|
||||||
uses: securego/gosec@master
|
uses: securego/gosec@master
|
||||||
with:
|
with:
|
||||||
args: '-no-fail -fmt json -out gosec-report.json ./...'
|
args: '-no-fail -fmt json -out gosec-report.json ./...'
|
||||||
|
|
||||||
- name: Upload SARIF file
|
- name: Upload gosec report
|
||||||
uses: github/codeql-action/upload-sarif@v3
|
|
||||||
if: always()
|
if: always()
|
||||||
|
uses: actions/upload-artifact@v4
|
||||||
with:
|
with:
|
||||||
sarif_file: gosec-report.json
|
name: gosec-report
|
||||||
|
path: gosec-report.json
|
||||||
|
retention-days: 30
|
||||||
|
|
||||||
|
- name: Display gosec results
|
||||||
|
if: always()
|
||||||
|
run: |
|
||||||
|
if [ -f gosec-report.json ]; then
|
||||||
|
echo "📊 Gosec Security Scan Results:"
|
||||||
|
cat gosec-report.json | jq -r '.Stats // empty' || echo "No stats available"
|
||||||
|
echo ""
|
||||||
|
echo "Issues found:"
|
||||||
|
cat gosec-report.json | jq -r '.Issues[]? | "\(.severity | ascii_upcase): \(.rule_id) - \(.details)"' || echo "No issues found"
|
||||||
|
fi
|
||||||
|
|
||||||
govulncheck:
|
govulncheck:
|
||||||
name: Vulnerability Check (govulncheck)
|
name: Vulnerability Check (govulncheck)
|
||||||
|
|||||||
+2
-2
@@ -18,7 +18,7 @@ linters:
|
|||||||
- unparam
|
- unparam
|
||||||
- gocritic
|
- gocritic
|
||||||
- gosec
|
- gosec
|
||||||
- exportloopref
|
- copyloopvar
|
||||||
- goconst
|
- goconst
|
||||||
- gocyclo
|
- gocyclo
|
||||||
- dupl
|
- dupl
|
||||||
@@ -34,7 +34,7 @@ linters:
|
|||||||
- errorlint
|
- errorlint
|
||||||
- exhaustive
|
- exhaustive
|
||||||
- godot
|
- godot
|
||||||
- goerr113
|
- err113
|
||||||
- mnd
|
- mnd
|
||||||
- goprintffuncname
|
- goprintffuncname
|
||||||
- nlreturn
|
- nlreturn
|
||||||
|
|||||||
+2
-2
@@ -369,14 +369,14 @@ func (s *Server) HandleGetVideoSources(body interface{}) (interface{}, error) {
|
|||||||
func unmarshalBody(body interface{}, target interface{}) error {
|
func unmarshalBody(body interface{}, target interface{}) error {
|
||||||
var bodyXML []byte
|
var bodyXML []byte
|
||||||
var err error
|
var err error
|
||||||
|
|
||||||
// If body is already []byte, use it directly
|
// If body is already []byte, use it directly
|
||||||
if b, ok := body.([]byte); ok {
|
if b, ok := body.([]byte); ok {
|
||||||
bodyXML = b
|
bodyXML = b
|
||||||
} else {
|
} else {
|
||||||
bodyXML, err = xml.Marshal(body)
|
bodyXML, err = xml.Marshal(body)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return fmt.Errorf("failed to marshal XML: %w", err)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
return xml.Unmarshal(bodyXML, target)
|
return xml.Unmarshal(bodyXML, target)
|
||||||
|
|||||||
Reference in New Issue
Block a user