fix: upgrade mapstructure/v2 to 2.4.0 to fix CVE-2025-11065

[devin-ai-integration]

Upgrades github.com/go-viper/mapstructure/v2 from v2.3.0 to v2.4.0 to address a medium severity security vulnerability.

Security Issue

CVE-2025-11065 - Improper Output Neutralization for Logs (CWE-117)

This vulnerability was identified by a Snyk security scan. The fix is available in mapstructure v2.4.0.

Changes

• Updated go.mod to require mapstructure v2.4.0
• Updated go.sum with new checksums

Testing

• All existing tests pass
• Lint checks pass

Human Review Checklist

• Verify CVE-2025-11065 is addressed in mapstructure v2.4.0 release
• Check for any breaking changes in the mapstructure changelog
• Confirm CI passes

---

Link to Devin run: https://app.devin.ai/sessions/91abfc11413f400b83c6f12943f0915d
Requested by: @shayanshafii

[devin-ai-integration]

🤖 Devin AI Engineer

I'll be helping with this pull request! Here's what you should know:

✅ I will automatically:

• Address comments on this PR. Add '(aside)' to your comment to have me ignore it.
• Look at CI failures and help fix them

Note: I can only respond to comments from users who have write access to this repository.

⚙️ Control Options:

• Disable automatic comment and CI monitoring

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud