Upgrade dependencies

.github/workflows/build-with-cfg.yml

@@ -23,7 +23,7 @@ jobs:
       - name: Set up Go
         uses: actions/setup-go@v5
         with:
-          go-version: ${{ inputs.go-version || '^1.22' }}
+          go-version: ${{ inputs.go-version || '^1.23' }}
           check-latest: true
 
       - run: |

.github/workflows/builds.yml

@@ -17,8 +17,8 @@ jobs:
       matrix:
         include:
           # test build of oldest supported go version
-          - name: go1.22
-            go-version: "~1.22"
+          - name: go1.23
+            go-version: "~1.23"
     uses: ./.github/workflows/build-with-cfg.yml
     with:
       go-version: ${{ matrix.go-version }}

.github/workflows/golangci-lint.yml

@@ -16,17 +16,17 @@ jobs:
       - name: Checkout
         uses: actions/checkout@v4
 
-      - name: Set up Go 1.22+
+      - name: Set up Go 1.23+
         uses: actions/setup-go@v5
         with:
-          go-version: "^1.22" # The Go version to download (if necessary) and use.
+          go-version: "^1.23" # The Go version to download (if necessary) and use.
           check-latest: true
           cache: false
 
       - run: go version
 
       - name: golangci-lint
-        uses: golangci/golangci-lint-action@v6
+        uses: golangci/golangci-lint-action@v8
         with:
-          version: v1.61 # switch to latest if development is unfreezed
+          version: v2.1.6 # switch to latest if development is unfreezed
           args: --timeout=5m

.github/workflows/test-with-cfg.yml

@@ -37,10 +37,10 @@ jobs:
       - name: Shallow checkout
         uses: actions/checkout@v4
 
-      - name: Set up Go 1.22+
+      - name: Set up Go 1.23+
         uses: actions/setup-go@v5
         with:
-          go-version: "^1.22"
+          go-version: "^1.23"
           check-latest: true
 
       - run: go version

.github/workflows/tests.yml

@@ -64,13 +64,13 @@ jobs:
           path: coverage
 
       - name: SonarCloud Scan
-        uses: SonarSource/sonarcloud-github-action@master
+        uses: SonarSource/sonarqube-scan-action@v5
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
           SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
 
       - name: Publish the coverage to codecov
-        uses: codecov/codecov-action@v4
+        uses: codecov/codecov-action@v5
         with:
           token: ${{ secrets.CODECOV_TOKEN }}
           directory: ./coverage/

.golangci.yml

@@ -1,34 +1,15 @@
-linters-settings:
-  exhaustive:
-    default-signifies-exhaustive: true
-  gocyclo:
-    min-complexity: 15
-  gomodguard:
-    blocked:
-      modules:
-        - github.com/pkg/errors:
-            recommendations:
-              - errors
-  gomoddirectives:
-    replace-allow-list:
-      - github.com/go-json-experiment/json
-      - golang.org/x/exp
-  govet:
-    enable:
-      - nilness
-      - shadow
-  stylecheck:
-    # STxxxx checks in https://staticcheck.io/docs/configuration/options/#checks
-    # Default: ["*"]
-    checks: ["all", "-ST1000", "-ST1003"]
-
+version: "2"
+run:
+  go: "1.23"
+# issues:
+#   fix: true
 linters:
   enable:
     - asasalint        # Check for pass []any as any in variadic func(...any)
     - asciicheck       # Simple linter to check that your code does not contain non-ASCII identifiers
     - bidichk          # Checks for dangerous unicode character sequences
     - bodyclose        # Checks whether HTTP response body is closed successfully
-    - copyloopvar      # Detects places where loop variables are copied
+    # - copyloopvar      # Detects places where loop variables are copied
     - decorder         # Check declaration order and count of types, constants, variables and functions
     - dogsled          # Checks assignments with too many blank identifiers (e.g. x, _, _, _, := f())
     - dupl             # Tool for code clone detection
@@ -38,25 +19,20 @@ linters:
     - errchkjson       # Checks types passed to the json encoding functions. Reports unsupported types and optionally reports occasions, where the check for the returned error can be omitted.
     - errname          # Checks that sentinel errors are prefixed with the `Err` and error types are suffixed with the `Error`.
     - errorlint        # errorlint is a linter for that can be used to find code that will cause problems with the error wrapping scheme introduced in Go 1.13.
+    # - exportloopref    # checks for pointers to enclosing loop variables
     - forcetypeassert  # finds forced type assertions
-    - gci              # Gci control golang package import order and make it always deterministic.
     - gocheckcompilerdirectives  # Checks that go compiler directive comments (//go:) are valid.
     - gocognit         # Computes and checks the cognitive complexity of functions
     - goconst          # Finds repeated strings that could be replaced by a constant
     - gocritic         # The most opinionated Go source code linter
     - gocyclo          # Computes and checks the cyclomatic complexity of functions
-    # - godox            # Tool for detection of FIXME, TODO and other comment keywords
     # - goerr113         # Golang linter to check the errors handling expressions
-    - gofmt            # Gofmt checks whether code was gofmt-ed. By default this tool runs with -s option to check for code simplification
-    - gofumpt          # Gofumpt checks whether code was gofumpt-ed.
     - goheader         # Checks is file header matches to pattern
-    - goimports        # Goimports does everything that gofmt does. Additionally it checks unused imports
-    - gomoddirectives  # Manage the use of 'replace', 'retract', and 'excludes' directives in go.mod.
+    # - gomoddirectives  # Manage the use of 'replace', 'retract', and 'excludes' directives in go.mod.
     - gomodguard       # Allow and block list linter for direct Go module dependencies. This is different from depguard where there are different block types for example version constraints and module recommendations.
     - goprintffuncname # Checks that printf-like functions are named with `f` at the end
     - gosec            # Inspects source code for security problems
     - gosmopolitan     # Report certain i18n/l10n anti-patterns in your Go codebase
-    - gosimple         # Linter for Go source code that specializes in simplifying a code
     - govet            # Vet examines Go source code and reports suspicious constructs, such as Printf calls whose arguments do not align with the format string
     - grouper          # An analyzer to analyze expression groups
     - importas         # Enforces consistent import aliases
@@ -81,11 +57,8 @@ linters:
     - sloglint         # Ensure consistent code style when using log/slog
     - spancheck        # Checks for mistakes with OpenTelemetry/Census spans
     - staticcheck      # Staticcheck is a go vet on steroids, applying a ton of static analysis checks
-    - stylecheck       # Stylecheck is a replacement for golint
-    - tenv             # tenv is analyzer that detects using os.Setenv instead of t.Setenv since Go1.17
     - testifylint      # Checks usage of github.com/stretchr/testify.
     - tparallel        # tparallel detects inappropriate usage of t.Parallel() method in your Go test codes
-    - typecheck        # Like the front-end of a Go compiler, parses and type-checks Go code
     - unconvert        # Remove unnecessary type conversions
     - unparam          # Reports unused function parameters
     - unused           # Checks Go code for unused constants, variables, functions and types
@@ -104,7 +77,7 @@ linters:
     - gochecknoglobals # Checks that no globals are present in Go code
     - gochecknoinits   # Checks that no init functions are present in Go code
     - godot            # Check if comments end in a period
-    - gomnd            # An analyzer to detect magic numbers.
+    - godox            # Tool for detection of FIXME, TODO and other comment keywords
     - inamedparam      # Reports interfaces with unnamed method parameters.
     - interfacebloat   # A linter that checks the number of methods inside an interface
     - ireturn          # Accept Interfaces, Return Concrete Types
@@ -125,38 +98,49 @@ linters:
     - varnamelen       # checks that the length of a variable's name matches its scope
     - wrapcheck        # Checks that errors returned from external packages are wrapped
     - wsl              # Whitespace Linter - Forces you to use empty lines!
-
-issues:
-  exclude-use-default: false
-  exclude-rules:
-    # Allow complex tests, better to be self contained
-    - path: _test\.go
-      linters:
-        - dupword
-        - forcetypeassert
-        - gocognit
-        - gocyclo        
-
-    # Allow complex main function and lower security in examples
-    - path: cmd/ocfclient/main\.go
-      linters:
-        - gocognit
-        - goconst
-        - gocyclo
-        - gosec
-        - nestif
-
-    - path: pkg/error
-      text: "package name error has same name as predeclared identifier"
-      linters:
-        - predeclared
-
-    - text: "var-naming:|exported:|package-comments:"
-      linters:
-        - revive
-
-  # Fix found issues (if it's supported by the linter).
-  # fix: true
-
-run:
-  go: "1.22"
+  settings:
+    gocyclo:
+      min-complexity: 15
+    govet:
+      enable:
+        - nilness
+        - shadow
+  exclusions:
+    generated: lax
+    presets:
+      - comments
+      - common-false-positives
+      - legacy
+      - std-error-handling
+    # Log a warning if an exclusion rule is unused.
+    # Default: false
+    warn-unused: true
+    rules:
+      - linters:
+          - dupword
+          - forcetypeassert
+          - gocognit
+          - gocyclo
+        path: _test\.go
+      - linters:
+          - gocognit
+          - goconst
+          - gocyclo
+          - gosec
+          - nestif
+        path: cmd/ocfclient/main\.go
+      - linters:
+          - predeclared
+        path: pkg/error
+        text: package name error has same name as predeclared identifier
+      - linters:
+          - revive
+        text: 'var-naming:|exported:|package-comments:'
+formatters:
+  enable:
+    - gci
+    - gofmt
+    - gofumpt
+    - goimports
+  exclusions:
+    generated: lax

README.md

@@ -16,7 +16,7 @@ The **client** enables interaction with devices in a local network:
 
 ## Requirements
 
-- Go 1.22 or higher
+- Go 1.23 or higher
 
 ## Installation OCF Client
 

bridge/device/cloud/manager.go

@@ -425,7 +425,7 @@ func (c *Manager) handleDeviceResource(r *net.Request) (*pool.Message, error) {
 }
 
 func (c *Manager) handleDiscoveryResource(r *net.Request) (*pool.Message, error) {
-	links := c.getLinks(schema.Endpoints{}, c.deviceID, getResourceTypesFilter(r.Message.Options()), resources.PublishToCloud)
+	links := c.getLinks(schema.Endpoints{}, c.deviceID, getResourceTypesFilter(r.Options()), resources.PublishToCloud)
 	links = patchDeviceLink(links)
 	links = discovery.PatchLinks(links, c.deviceID.String())
 	return resources.CreateResponseContent(r.Context(), links, codes.Content)
@@ -454,7 +454,7 @@ func (c *Manager) serveCOAP(w mux.ResponseWriter, request *mux.Message) {
 		}
 		return
 	}
-	request.Message.AddQuery("di=" + c.deviceID.String())
+	request.AddQuery("di=" + c.deviceID.String())
 	r := net.Request{
 		Message:   request.Message,
 		Endpoints: nil,

bridge/net/request_test.go

@@ -73,7 +73,7 @@ func TestURIPath(t *testing.T) {
 	reqNoPath := &net.Request{
 		Message: pool.NewMessage(context.Background()),
 	}
-	require.Equal(t, "", reqNoPath.URIPath())
+	require.Empty(t, reqNoPath.URIPath())
 }
 
 func TestInterface(t *testing.T) {
@@ -89,12 +89,12 @@ func TestInterface(t *testing.T) {
 		Message: pool.NewMessage(context.Background()),
 	}
 	reqNoInterface.AddQuery("q1=v1")
-	require.Equal(t, "", reqNoInterface.Interface())
+	require.Empty(t, reqNoInterface.Interface())
 
 	reqNoQuery := &net.Request{
 		Message: pool.NewMessage(context.Background()),
 	}
-	require.Equal(t, "", reqNoQuery.Interface())
+	require.Empty(t, reqNoQuery.Interface())
 }
 
 func TestDeviceID(t *testing.T) {

bridge/resources/device/resource.go

@@ -69,8 +69,8 @@ func (d *Resource) Get(request *net.Request) (*pool.Message, error) {
 		// SpecificationVersion:  "ocf.2.0.5",
 	}
 	if request.Interface() == interfaces.OC_IF_BASELINE {
-		deviceProperties.ResourceTypes = d.Resource.GetResourceTypes()
-		deviceProperties.Interfaces = d.Resource.ResourceInterfaces
+		deviceProperties.ResourceTypes = d.GetResourceTypes()
+		deviceProperties.Interfaces = d.ResourceInterfaces
 	}
 	properties := resources.MergeCBORStructs(additionalProperties, deviceProperties)
 	res := pool.NewMessage(request.Context())

bridge/resources/resource.go

@@ -248,7 +248,7 @@ func (r *Resource) observerHandler(req *net.Request, createSubscription bool) (*
 		r.removeSubscription(req.Conn.RemoteAddr().String())
 		return r.getHandler(req)
 	}
-	req.Message.Hijack()
+	req.Hijack()
 	sequence := atomic.NewUint32(1)
 	var cancel func()
 	var err error

bridge/service/service.go

@@ -83,7 +83,7 @@ func (c *Service) LoadDevice(di uuid.UUID) (Device, error) {
 }
 
 func (c *Service) handleDiscoverAllLinks(req *net.Request) (*pool.Message, error) {
-	if req.Message.Type() != message.Acknowledgement && req.Message.Type() != message.Reset {
+	if req.Type() != message.Acknowledgement && req.Type() != message.Reset {
 		// discovery is only allowed for CON, NON, UNSET messages
 		c.onDiscoveryDevices(req)
 	}

bridge/test/test.go

@@ -53,7 +53,7 @@ const (
 func MakeConfig(t *testing.T) service.Config {
 	var cfg service.Config
 	cfg.API.CoAP.ID = BRIDGE_SERVICE_PIID
-	cfg.API.CoAP.Config.ExternalAddresses = []string{BRIDGE_DEVICE_HOST, BRIDGE_DEVICE_HOST_IPv6}
+	cfg.API.CoAP.ExternalAddresses = []string{BRIDGE_DEVICE_HOST, BRIDGE_DEVICE_HOST_IPv6}
 	require.NoError(t, cfg.API.Validate())
 	return cfg
 }

client/observeDevices.go

@@ -76,10 +76,7 @@ func newDevicesObserver(c *Client, observerConfiguration ObserverConfig, discove
 	wg.Add(1)
 	go func() {
 		defer wg.Done()
-		for {
-			if !obs.poll(ctx) {
-				break
-			}
+		for obs.poll(ctx) {
 		}
 	}()
 	return obs

client/observeResource.go

@@ -97,14 +97,14 @@ func createDecodeFunc(message *pool.Message) decodeFunc {
 		if err != nil {
 			return err
 		}
-		switch code := message.Code(); {
-		case code == codes.Content:
+		switch code := message.Code(); code {
+		case codes.Content:
 			_, err := message.Body().Seek(0, io.SeekStart)
 			if err != nil {
 				return err
 			}
 			return codec.Decode(message, v)
-		case code == codes.Valid:
+		case codes.Valid:
 			return nil
 		}
 		return fmt.Errorf("request failed: %s", codecOcf.Dump(message))

cmd/bridge-device/Dockerfile

@@ -1,5 +1,5 @@
 # syntax=docker/dockerfile:1
-FROM golang:1.22.7-alpine AS build
+FROM golang:1.23.9-alpine AS build
 RUN apk add --no-cache build-base curl git
 WORKDIR $GOPATH/src/github.com/plgd-dev/device
 COPY go.mod go.sum ./
@@ -10,7 +10,7 @@ RUN patch -p1 < "${GOPATH}/src/github.com/plgd-dev/device/tools/docker/patches/s
 WORKDIR $GOPATH/src/github.com/plgd-dev/device
 RUN CGO_ENABLED=0 go build -o /go/bin/bridge-device ./cmd/bridge-device
 
-FROM alpine:3.20 AS security-provider
+FROM alpine:3.22 AS security-provider
 RUN apk add -U --no-cache ca-certificates \
     && addgroup -S nonroot \
     && adduser -S nonroot -G nonroot

cmd/bridge-device/main.go

@@ -177,7 +177,7 @@ func main() {
 				ResourceTypes:         []string{bridgeDevice.DeviceResourceType},
 				ID:                    id,
 				ProtocolIndependentID: piid,
-				MaxMessageSize:        cfg.Config.API.CoAP.MaxMessageSize,
+				MaxMessageSize:        cfg.API.CoAP.MaxMessageSize,
 				Cloud: device.CloudConfig{
 					Enabled: cfg.Cloud.Enabled,
 					Config: cloud.Config{