diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index b0fe896e340654c1ad05ce48aeb56851603b8b50..882d9f8210742d0a3a4b483c74f6e8915e6b6016 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -16,7 +16,7 @@ include:
   - template: 'Workflows/Branch-Pipelines.gitlab-ci.yml'
 
 lint:
-  image: golangci/golangci-lint:v1.44.2
+  image: golangci/golangci-lint:v1.49.0
   stage: test
   tags:
     - amd64-docker
@@ -28,13 +28,26 @@ lint:
     - cd /go/src/code.vereign.com/${CI_PROJECT_PATH}
 
 unit tests:
-  image: golang:1.17.7
+  image: golang:1.19
   extends: .gotest
   stage: test
   tags:
     - amd64-docker
   before_script: []
 
+govulncheck:
+  image: golang:1.19
+  stage: test
+  tags:
+    - amd64-docker
+  before_script:
+    - ln -s /builds /go/src/code.vereign.com
+    - cd /go/src/code.vereign.com/${CI_PROJECT_PATH}
+  script:
+    - go version
+    - go install golang.org/x/vuln/cmd/govulncheck@latest
+    - govulncheck ./...
+
 amd64:
   extends: .docker-build
   stage: build
diff --git a/.golangci.yml b/.golangci.yml
index e6ba71d0fff71ba18fa18f4bd0f55fbaad679ab2..a31b66b24000f23ec82f765c828a26cf2bef07bd 100644
--- a/.golangci.yml
+++ b/.golangci.yml
@@ -12,7 +12,6 @@ linters:
   enable:
     - megacheck
     - govet
-    - deadcode
     - errcheck
     - goconst
     - gocyclo
@@ -22,10 +21,9 @@ linters:
     - ineffassign
     - nakedret
     - staticcheck
-    - structcheck
     - unconvert
-    - varcheck
     - vet
     - vetshadow
     - misspell
     - staticcheck
+    - unused
diff --git a/cmd/policy/main.go b/cmd/policy/main.go
index 9791cdc8ab5e8d1c7623b6558809777374b9c507..728a29b1b0e42d2594ed1d3938f51ff298b5ed74 100644
--- a/cmd/policy/main.go
+++ b/cmd/policy/main.go
@@ -166,11 +166,12 @@ func main() {
 
 	var handler http.Handler = mux
 	srv := &http.Server{
-		Addr:         cfg.HTTP.Host + ":" + cfg.HTTP.Port,
-		Handler:      handler,
-		IdleTimeout:  cfg.HTTP.IdleTimeout,
-		ReadTimeout:  cfg.HTTP.ReadTimeout,
-		WriteTimeout: cfg.HTTP.WriteTimeout,
+		Addr:              cfg.HTTP.Host + ":" + cfg.HTTP.Port,
+		Handler:           handler,
+		ReadHeaderTimeout: cfg.HTTP.ReadTimeout,
+		IdleTimeout:       cfg.HTTP.IdleTimeout,
+		ReadTimeout:       cfg.HTTP.ReadTimeout,
+		WriteTimeout:      cfg.HTTP.WriteTimeout,
 	}
 
 	g, ctx := errgroup.WithContext(context.Background())
@@ -236,7 +237,7 @@ func exposeMetrics(addr string, logger *zap.Logger) {
 	promMux := http.NewServeMux()
 	promMux.Handle("/metrics", promhttp.Handler())
 	logger.Info(fmt.Sprintf("exposing prometheus metrics at %s/metrics", addr))
-	if err := http.ListenAndServe(addr, promMux); err != nil {
+	if err := http.ListenAndServe(addr, promMux); err != nil { //nolint:gosec
 		logger.Error("error exposing prometheus metrics", zap.Error(err))
 	}
 }
diff --git a/deployment/ci/Dockerfile b/deployment/ci/Dockerfile
index b888a483b93a57188bbd5a9f4dd50bc9254c48e9..dd4d32080e0de8f9ca55c2d645694a4f29789263 100644
--- a/deployment/ci/Dockerfile
+++ b/deployment/ci/Dockerfile
@@ -1,4 +1,4 @@
-FROM golang:1.17.8-alpine3.15 as builder
+FROM golang:1.19-alpine3.15 as builder
 
 ENV GOPRIVATE=code.vereign.com
 
diff --git a/deployment/compose/Dockerfile b/deployment/compose/Dockerfile
index 55a8946a9751b710f68561a38f08af853dcc1f0e..ebb02b1dcc31e3bb1aee58d3919b4e586b8990c2 100644
--- a/deployment/compose/Dockerfile
+++ b/deployment/compose/Dockerfile
@@ -1,4 +1,4 @@
-FROM golang:1.17.8
+FROM golang:1.19
 
 ENV GO111MODULE=on
 ENV GOPRIVATE=code.vereign.com