chore: replace interface with any

2026-05-01 20:53:05 -04:00 · 2026-04-22 14:00:21 +02:00
parent 8f26149743
commit 288e67cc39
138 changed files with 933 additions and 934 deletions
--- a/opencloud/pkg/backup/backup.go
+++ b/opencloud/pkg/backup/backup.go
@@ -75,7 +75,7 @@ func CheckProviderConsistency(storagepath string, lbs ListBlobstore, fail bool)
 }

 // GatherData gathers and evaluates data produced by the DataProvider
-func (c *Consistency) GatherData(events <-chan interface{}) {
+func (c *Consistency) GatherData(events <-chan any) {
 	for ev := range events {
 		switch d := ev.(type) {
 		case NodeData:
--- a/opencloud/pkg/backup/backup_test.go
+++ b/opencloud/pkg/backup/backup_test.go
@@ -10,12 +10,12 @@ import (
 func TestGatherData(t *testing.T) {
 	testcases := []struct {
 		Name     string
-		Events   []interface{}
+		Events   []any
 		Expected *backup.Consistency
 	}{
 		{
 			Name: "no symlinks - no blobs",
-			Events: []interface{}{
+			Events: []any{
 				nodeData("nodepath", "blobpath", true),
 			},
 			Expected: consistency(func(c *backup.Consistency) {
@@ -25,7 +25,7 @@ func TestGatherData(t *testing.T) {
 		},
 		{
 			Name: "symlink not required - no blobs",
-			Events: []interface{}{
+			Events: []any{
 				nodeData("nodepath", "blobpath", false),
 			},
 			Expected: consistency(func(c *backup.Consistency) {
@@ -34,7 +34,7 @@ func TestGatherData(t *testing.T) {
 		},
 		{
 			Name: "no inconsistencies",
-			Events: []interface{}{
+			Events: []any{
 				nodeData("nodepath", "blobpath", true),
 				linkData("linkpath", "nodepath"),
 				blobData("blobpath"),
@@ -44,7 +44,7 @@ func TestGatherData(t *testing.T) {
 		},
 		{
 			Name: "orphaned blob",
-			Events: []interface{}{
+			Events: []any{
 				nodeData("nodepath", "blobpath", true),
 				linkData("linkpath", "nodepath"),
 				blobData("blobpath"),
@@ -56,7 +56,7 @@ func TestGatherData(t *testing.T) {
 		},
 		{
 			Name: "missing node",
-			Events: []interface{}{
+			Events: []any{
 				linkData("linkpath", "nodepath"),
 				blobData("blobpath"),
 			},
@@ -67,7 +67,7 @@ func TestGatherData(t *testing.T) {
 		},
 		{
 			Name: "corrupt metadata",
-			Events: []interface{}{
+			Events: []any{
 				nodeData("nodepath", "blobpath", true, backup.InconsistencyMetadataMissing),
 				linkData("linkpath", "nodepath"),
 				blobData("blobpath"),
@@ -78,7 +78,7 @@ func TestGatherData(t *testing.T) {
 		},
 		{
 			Name: "corrupt metadata, no blob",
-			Events: []interface{}{
+			Events: []any{
 				nodeData("nodepath", "blobpath", true, backup.InconsistencyMetadataMissing),
 				linkData("linkpath", "nodepath"),
 			},
@@ -90,7 +90,7 @@ func TestGatherData(t *testing.T) {
 	}

 	for _, tc := range testcases {
-		events := make(chan interface{})
+		events := make(chan any)

 		go func() {
 			for _, ev := range tc.Events {
--- a/opencloud/pkg/backup/provider.go
+++ b/opencloud/pkg/backup/provider.go
@@ -21,7 +21,7 @@ type ListBlobstore interface {

 // DataProvider provides data for the consistency check
 type DataProvider struct {
-	Events chan interface{}
+	Events chan any

 	fsys      fs.FS
 	discpath  string
@@ -51,7 +51,7 @@ type BlobData struct {
 // NewProvider creates a new DataProvider object
 func NewProvider(fsys fs.FS, discpath string, lbs ListBlobstore) *DataProvider {
 	return &DataProvider{
-		Events: make(chan interface{}),
+		Events: make(chan any),

 		fsys:      fsys,
 		discpath:  discpath,
--- a/opencloud/pkg/command/shares.go
+++ b/opencloud/pkg/command/shares.go
@@ -90,7 +90,7 @@ func cleanup(_ *cobra.Command, cfg *config.Config) error {
 	if !ok {
 		return configlog.ReturnError(errors.New("Unknown share manager type '" + driver + "'"))
 	}
-	mgr, err := f(rcfg[driver].(map[string]interface{}))
+	mgr, err := f(rcfg[driver].(map[string]any))
 	if err != nil {
 		return configlog.ReturnError(err)
 	}
@@ -126,13 +126,13 @@ func cleanup(_ *cobra.Command, cfg *config.Config) error {
 	return nil
 }

-func revaShareConfig(cfg *sharing.Config) map[string]interface{} {
-	return map[string]interface{}{
-		"json": map[string]interface{}{
+func revaShareConfig(cfg *sharing.Config) map[string]any {
+	return map[string]any{
+		"json": map[string]any{
 			"file":         cfg.UserSharingDrivers.JSON.File,
 			"gateway_addr": cfg.Reva.Address,
 		},
-		"sql": map[string]interface{}{ // cernbox sql
+		"sql": map[string]any{ // cernbox sql
 			"db_username":                   cfg.UserSharingDrivers.SQL.DBUsername,
 			"db_password":                   cfg.UserSharingDrivers.SQL.DBPassword,
 			"db_host":                       cfg.UserSharingDrivers.SQL.DBHost,
@@ -142,7 +142,7 @@ func revaShareConfig(cfg *sharing.Config) map[string]interface{} {
 			"enable_expired_shares_cleanup": cfg.UserSharingDrivers.SQL.EnableExpiredSharesCleanup,
 			"janitor_run_interval":          cfg.UserSharingDrivers.SQL.JanitorRunInterval,
 		},
-		"owncloudsql": map[string]interface{}{
+		"owncloudsql": map[string]any{
 			"gateway_addr":     cfg.Reva.Address,
 			"storage_mount_id": cfg.UserSharingDrivers.OwnCloudSQL.UserStorageMountID,
 			"db_username":      cfg.UserSharingDrivers.OwnCloudSQL.DBUsername,
@@ -151,14 +151,14 @@ func revaShareConfig(cfg *sharing.Config) map[string]interface{} {
 			"db_port":          cfg.UserSharingDrivers.OwnCloudSQL.DBPort,
 			"db_name":          cfg.UserSharingDrivers.OwnCloudSQL.DBName,
 		},
-		"cs3": map[string]interface{}{
+		"cs3": map[string]any{
 			"gateway_addr":        cfg.UserSharingDrivers.CS3.ProviderAddr,
 			"provider_addr":       cfg.UserSharingDrivers.CS3.ProviderAddr,
 			"service_user_id":     cfg.UserSharingDrivers.CS3.SystemUserID,
 			"service_user_idp":    cfg.UserSharingDrivers.CS3.SystemUserIDP,
 			"machine_auth_apikey": cfg.UserSharingDrivers.CS3.SystemUserAPIKey,
 		},
-		"jsoncs3": map[string]interface{}{
+		"jsoncs3": map[string]any{
 			"gateway_addr":        cfg.Reva.Address,
 			"provider_addr":       cfg.UserSharingDrivers.JSONCS3.ProviderAddr,
 			"service_user_id":     cfg.UserSharingDrivers.JSONCS3.SystemUserID,
--- a/pkg/ast/ast.go
+++ b/pkg/ast/ast.go
@@ -91,7 +91,7 @@ func NodeKey(n Node) string {
 }

 // NodeValue tries to return the node key
-func NodeValue(n Node) interface{} {
+func NodeValue(n Node) any {
 	switch node := n.(type) {
 	case *StringNode:
 		return node.Value
--- a/pkg/ast/test/test.go
+++ b/pkg/ast/test/test.go
@@ -9,7 +9,7 @@ import (

 // DiffAst returns a human-readable report of the differences between two values
 // by default it ignores every ast node Base field.
-func DiffAst(x, y interface{}, opts ...cmp.Option) string {
+func DiffAst(x, y any, opts ...cmp.Option) string {
 	return cmp.Diff(
 		x,
 		y,
--- a/pkg/config/envdecode/envdecode.go
+++ b/pkg/config/envdecode/envdecode.go
@@ -58,7 +58,7 @@ type Decoder interface {
 // time.ParseDuration() function and *url.URL is supported via the
 // url.Parse() function. Slices are supported for all above mentioned
 // primitive types. Semicolon is used as delimiter in environment variables.
-func Decode(target interface{}) error {
+func Decode(target any) error {
 	nFields, err := decode(target, false)
 	if err != nil {
 		return err
@@ -75,7 +75,7 @@ func Decode(target interface{}) error {

 // StrictDecode is similar to Decode except all fields will have an implicit
 // ",strict" on all fields.
-func StrictDecode(target interface{}) error {
+func StrictDecode(target any) error {
 	nFields, err := decode(target, true)
 	if err != nil {
 		return err
@@ -90,7 +90,7 @@ func StrictDecode(target interface{}) error {
 	return nil
 }

-func decode(target interface{}, strict bool) (int, error) {
+func decode(target any, strict bool) (int, error) {
 	s := reflect.ValueOf(target)
 	if s.Kind() != reflect.Ptr || s.IsNil() {
 		return 0, ErrInvalidTarget
@@ -296,7 +296,7 @@ func decodePrimitiveType(f *reflect.Value, env string) error {

 // MustDecode calls Decode and terminates the process if any errors
 // are encountered.
-func MustDecode(target interface{}) {
+func MustDecode(target any) {
 	if err := Decode(target); err != nil {
 		FailureFunc(err)
 	}
@@ -304,7 +304,7 @@ func MustDecode(target interface{}) {

 // MustStrictDecode calls StrictDecode and terminates the process if any errors
 // are encountered.
-func MustStrictDecode(target interface{}) {
+func MustStrictDecode(target any) {
 	if err := StrictDecode(target); err != nil {
 		FailureFunc(err)
 	}
@@ -335,7 +335,7 @@ func (c ConfigInfoSlice) Swap(i, j int) {
 }

 // Returns a list of final configuration metadata sorted by envvar name
-func Export(target interface{}) ([]*ConfigInfo, error) {
+func Export(target any) ([]*ConfigInfo, error) {
 	s := reflect.ValueOf(target)
 	if s.Kind() != reflect.Ptr || s.IsNil() {
 		return nil, ErrInvalidTarget
--- a/pkg/config/envdecode/envdecode_test.go
+++ b/pkg/config/envdecode/envdecode_test.go
@@ -552,7 +552,7 @@ type testConfigStrict struct {

 func TestInvalidStrict(t *testing.T) {
 	cases := []struct {
-		decoder             func(interface{}) error
+		decoder             func(any) error
 		rootValue           string
 		nestedValue         string
 		rootValueImplicit   string
--- a/pkg/config/helpers.go
+++ b/pkg/config/helpers.go
@@ -19,13 +19,13 @@ var (
 )

 // BindSourcesToStructs assigns any config value from a config file / env variable to struct `dst`.
-func BindSourcesToStructs(service string, dst interface{}) error {
+func BindSourcesToStructs(service string, dst any) error {
 	fileSystem := os.DirFS("/")
 	filePath := strings.TrimLeft(path.Join(defaults.BaseConfigPath(), service+".yaml"), "/")
 	return bindSourcesToStructs(fileSystem, filePath, service, dst)
 }

-func bindSourcesToStructs(fileSystem fs.FS, filePath, service string, dst interface{}) error {
+func bindSourcesToStructs(fileSystem fs.FS, filePath, service string, dst any) error {
 	cnf := gofig.NewWithOptions(service)
 	cnf.WithOptions(func(options *gofig.Options) {
 		options.ParseEnv = true
--- a/pkg/crypto/gencert.go
+++ b/pkg/crypto/gencert.go
@@ -63,7 +63,7 @@ func GenTempCertForAddr(addr string) (tls.Certificate, error) {
 }

 // persistCertificate generates a certificate using pk as private key and proceeds to store it into a file named certName.
-func persistCertificate(certName string, l log.Logger, pk interface{}) error {
+func persistCertificate(certName string, l log.Logger, pk any) error {
 	if err := ensureExistsDir(certName); err != nil {
 		return fmt.Errorf("creating certificate destination: %s", certName)
 	}
@@ -93,7 +93,7 @@ func persistCertificate(certName string, l log.Logger, pk interface{}) error {
 }

 // genCert generates a self signed certificate using a random rsa key.
-func generateCertificate(pk interface{}) ([]byte, error) {
+func generateCertificate(pk any) ([]byte, error) {
 	for _, h := range defaultHosts {
 		if ip := net.ParseIP(h); ip != nil {
 			acmeTemplate.IPAddresses = append(acmeTemplate.IPAddresses, ip)
@@ -106,7 +106,7 @@ func generateCertificate(pk interface{}) ([]byte, error) {
 }

 // persistKey persists the private key used to generate the certificate at the configured location.
-func persistKey(destination string, l log.Logger, pk interface{}) error {
+func persistKey(destination string, l log.Logger, pk any) error {
 	if err := ensureExistsDir(destination); err != nil {
 		return fmt.Errorf("creating key destination: %s", destination)
 	}
@@ -129,7 +129,7 @@ func persistKey(destination string, l log.Logger, pk interface{}) error {
 	return nil
 }

-func publicKey(pk interface{}) interface{} {
+func publicKey(pk any) any {
 	switch k := pk.(type) {
 	case *rsa.PrivateKey:
 		return &k.PublicKey
@@ -140,7 +140,7 @@ func publicKey(pk interface{}) interface{} {
 	}
 }

-func pemBlockForKey(pk interface{}, l log.Logger) *pem.Block {
+func pemBlockForKey(pk any, l log.Logger) *pem.Block {
 	switch k := pk.(type) {
 	case *rsa.PrivateKey:
 		return &pem.Block{Type: "RSA PRIVATE KEY", Bytes: x509.MarshalPKCS1PrivateKey(k)}
--- a/pkg/crypto/gencert_test.go
+++ b/pkg/crypto/gencert_test.go
@@ -58,7 +58,7 @@ func TestPersistKey(t *testing.T) {

 	type args struct {
 		keyName string
-		pk      interface{}
+		pk      any
 	}
 	tests := []struct {
 		name string
@@ -104,7 +104,7 @@ func TestPersistCertificate(t *testing.T) {

 	type args struct {
 		certName string
-		pk       interface{}
+		pk       any
 	}
 	tests := []struct {
 		name    string
--- a/pkg/kql/cast.go
+++ b/pkg/kql/cast.go
@@ -9,7 +9,7 @@ import (
 	"github.com/opencloud-eu/opencloud/services/search/pkg/query"
 )

-func toNode[T ast.Node](in interface{}) (T, error) {
+func toNode[T ast.Node](in any) (T, error) {
 	var t T
 	out, ok := in.(T)
 	if !ok {
@@ -19,7 +19,7 @@ func toNode[T ast.Node](in interface{}) (T, error) {
 	return out, nil
 }

-func toNodes[T ast.Node](in interface{}) ([]T, error) {
+func toNodes[T ast.Node](in any) ([]T, error) {
 	switch v := in.(type) {
 	case T:
 		return []T{v}, nil
@@ -27,7 +27,7 @@ func toNodes[T ast.Node](in interface{}) ([]T, error) {
 		return v, nil
 	case []*ast.OperatorNode, []*ast.DateTimeNode:
 		return toNodes[T](v)
-	case []interface{}:
+	case []any:
 		var nodes []T
 		for _, el := range v {
 			node, err := toNodes[T](el)
@@ -46,11 +46,11 @@ func toNodes[T ast.Node](in interface{}) ([]T, error) {
 	}
 }

-func toString(in interface{}) (string, error) {
+func toString(in any) (string, error) {
 	switch v := in.(type) {
 	case []byte:
 		return string(v), nil
-	case []interface{}:
+	case []any:
 		var str string

 		for i := range v {
@@ -70,7 +70,7 @@ func toString(in interface{}) (string, error) {
 	}
 }

-func toTime(in interface{}) (time.Time, error) {
+func toTime(in any) (time.Time, error) {
 	ts, err := toString(in)
 	if err != nil {
 		return time.Time{}, err
@@ -79,7 +79,7 @@ func toTime(in interface{}) (time.Time, error) {
 	return now.Parse(ts)
 }

-func toTimeRange(in interface{}) (*time.Time, *time.Time, error) {
+func toTimeRange(in any) (*time.Time, *time.Time, error) {
 	var from, to time.Time

 	value, err := toString(in)
--- a/pkg/kql/factory.go
+++ b/pkg/kql/factory.go
@@ -27,7 +27,7 @@ func base(text []byte, pos position) (*ast.Base, error) {
 	}, nil
 }

-func buildAST(n interface{}, text []byte, pos position) (*ast.Ast, error) {
+func buildAST(n any, text []byte, pos position) (*ast.Ast, error) {
 	b, err := base(text, pos)
 	if err != nil {
 		return nil, err
@@ -50,7 +50,7 @@ func buildAST(n interface{}, text []byte, pos position) (*ast.Ast, error) {
 	return a, nil
 }

-func buildStringNode(k, v interface{}, text []byte, pos position) (*ast.StringNode, error) {
+func buildStringNode(k, v any, text []byte, pos position) (*ast.StringNode, error) {
 	b, err := base(text, pos)
 	if err != nil {
 		return nil, err
@@ -73,7 +73,7 @@ func buildStringNode(k, v interface{}, text []byte, pos position) (*ast.StringNo
 	}, nil
 }

-func buildDateTimeNode(k, o, v interface{}, text []byte, pos position) (*ast.DateTimeNode, error) {
+func buildDateTimeNode(k, o, v any, text []byte, pos position) (*ast.DateTimeNode, error) {
 	b, err := base(text, pos)
 	if err != nil {
 		return nil, err
@@ -101,7 +101,7 @@ func buildDateTimeNode(k, o, v interface{}, text []byte, pos position) (*ast.Dat
 		Value:    value,
 	}, nil
 }
-func buildNaturalLanguageDateTimeNodes(k, v interface{}, text []byte, pos position) ([]ast.Node, error) {
+func buildNaturalLanguageDateTimeNodes(k, v any, text []byte, pos position) ([]ast.Node, error) {
 	b, err := base(text, pos)
 	if err != nil {
 		return nil, err
@@ -135,7 +135,7 @@ func buildNaturalLanguageDateTimeNodes(k, v interface{}, text []byte, pos positi

 }

-func buildBooleanNode(k, v interface{}, text []byte, pos position) (*ast.BooleanNode, error) {
+func buildBooleanNode(k, v any, text []byte, pos position) (*ast.BooleanNode, error) {
 	b, err := base(text, pos)
 	if err != nil {
 		return nil, err
@@ -182,7 +182,7 @@ func buildOperatorNode(text []byte, pos position) (*ast.OperatorNode, error) {
 	}, nil
 }

-func buildGroupNode(k, n interface{}, text []byte, pos position) (*ast.GroupNode, error) {
+func buildGroupNode(k, n any, text []byte, pos position) (*ast.GroupNode, error) {
 	b, err := base(text, pos)
 	if err != nil {
 		return nil, err
--- a/pkg/l10n/l10n_test.go
+++ b/pkg/l10n/l10n_test.go
@@ -389,8 +389,8 @@ func TestTranslateStruct(t *testing.T) {
 	}
 }

-func mock() func(string, ...interface{}) string {
-	return func(s string, i ...interface{}) string {
+func mock() func(string, ...any) string {
+	return func(s string, i ...any) string {
 		switch s {
 		case "description":
 			return "new Description"
--- a/pkg/log/log.go
+++ b/pkg/log/log.go
@@ -37,7 +37,7 @@ func setMicroLogger() {
 	}
 	logger.DefaultLogger = mzlog.NewLogger(
 		logger.WithLevel(logger.Level(lev)),
-		logger.WithFields(map[string]interface{}{
+		logger.WithFields(map[string]any{
 			"system": "go-micro",
 		}),
 	)
--- a/pkg/log/logrus_wrapper.go
+++ b/pkg/log/logrus_wrapper.go
@@ -53,8 +53,8 @@ func (h *LogrusWrapper) Fire(entry *logrus.Entry) error {
 }

 // Convert logrus fields to zerolog
-func zeroLogFields(fields logrus.Fields) map[string]interface{} {
-	fm := make(map[string]interface{})
+func zeroLogFields(fields logrus.Fields) map[string]any {
+	fm := make(map[string]any)
 	for k, v := range fields {
 		fm[k] = v
 	}
--- a/pkg/middleware/account.go
+++ b/pkg/middleware/account.go
@@ -33,7 +33,7 @@ const RoleIDs string = "Role-Ids"
 // and write it to the context. If there is no x-access-token the middleware is omitted.
 func ExtractAccountUUID(opts ...account.Option) func(http.Handler) http.Handler {
 	opt := newAccountOptions(opts...)
-	tokenManager, err := jwt.New(map[string]interface{}{
+	tokenManager, err := jwt.New(map[string]any{
 		"secret":  opt.JWTSecret,
 		"expires": int64(24 * 60 * 60),
 	})
--- a/pkg/middleware/oidc.go
+++ b/pkg/middleware/oidc.go
@@ -82,7 +82,7 @@ func OidcAuth(opts ...Option) func(http.Handler) http.Handler {
 					w.WriteHeader(http.StatusUnauthorized)
 					return
 				}
-				claims := map[string]interface{}{}
+				claims := map[string]any{}
 				err = userInfo.Claims(&claims)
 				if err != nil {
 					break
--- a/pkg/oidc/claims.go
+++ b/pkg/oidc/claims.go
@@ -33,14 +33,14 @@ func SplitWithEscaping(s string, separator string, escapeString string) []string
 }

 // WalkSegments uses the given array of segments to walk the claims and return whatever interface was found
-func WalkSegments(segments []string, claims map[string]interface{}) (interface{}, error) {
+func WalkSegments(segments []string, claims map[string]any) (any, error) {
 	i := 0
 	for ; i < len(segments)-1; i++ {
 		switch castedClaims := claims[segments[i]].(type) {
-		case map[string]interface{}:
+		case map[string]any:
 			claims = castedClaims
-		case map[interface{}]interface{}:
-			claims = make(map[string]interface{}, len(castedClaims))
+		case map[any]any:
+			claims = make(map[string]any, len(castedClaims))
 			for k, v := range castedClaims {
 				if s, ok := k.(string); ok {
 					claims[s] = v
@@ -56,7 +56,7 @@ func WalkSegments(segments []string, claims map[string]interface{}) (interface{}
 }

 // ReadStringClaim returns the string obtained by following the . seperated path in the claims
-func ReadStringClaim(path string, claims map[string]interface{}) (string, error) {
+func ReadStringClaim(path string, claims map[string]any) (string, error) {
 	// check the simple case first
 	value, _ := claims[path].(string)
 	if value != "" {
--- a/pkg/oidc/claims_test.go
+++ b/pkg/oidc/claims_test.go
@@ -87,9 +87,9 @@ type walkSegmentsTest struct {
 	segments []string

 	// seperator to use
-	claims map[string]interface{}
+	claims map[string]any

-	expected interface{}
+	expected any

 	wantErr bool
 }
@@ -109,7 +109,7 @@ func (wst walkSegmentsTest) run(t *testing.T) {

 func TestWalkSegments(t *testing.T) {
 	byt := []byte(`{"first":{"second":{"third":["value1","value2"]},"foo":"bar"},"fizz":"buzz"}`)
-	var dat map[string]interface{}
+	var dat map[string]any
 	if err := json.Unmarshal(byt, &dat); err != nil {
 		t.Errorf("%v", err)
 	}
@@ -118,7 +118,7 @@ func TestWalkSegments(t *testing.T) {
 		{
 			name:     "one segment, single value",
 			segments: []string{"first"},
-			claims: map[string]interface{}{
+			claims: map[string]any{
 				"first": "value",
 			},
 			expected: "value",
@@ -127,7 +127,7 @@ func TestWalkSegments(t *testing.T) {
 		{
 			name:     "one segment, array value",
 			segments: []string{"first"},
-			claims: map[string]interface{}{
+			claims: map[string]any{
 				"first": []string{"value1", "value2"},
 			},
 			expected: []string{"value1", "value2"},
@@ -136,8 +136,8 @@ func TestWalkSegments(t *testing.T) {
 		{
 			name:     "two segments, single value",
 			segments: []string{"first", "second"},
-			claims: map[string]interface{}{
-				"first": map[string]interface{}{
+			claims: map[string]any{
+				"first": map[string]any{
 					"second": "value",
 				},
 			},
@@ -147,8 +147,8 @@ func TestWalkSegments(t *testing.T) {
 		{
 			name:     "two segments, array value",
 			segments: []string{"first", "second"},
-			claims: map[string]interface{}{
-				"first": map[string]interface{}{
+			claims: map[string]any{
+				"first": map[string]any{
 					"second": []string{"value1", "value2"},
 				},
 			},
@@ -159,15 +159,15 @@ func TestWalkSegments(t *testing.T) {
 			name:     "three segments, array value from json",
 			segments: []string{"first", "second", "third"},
 			claims:   dat,
-			expected: []interface{}{"value1", "value2"},
+			expected: []any{"value1", "value2"},
 			wantErr:  false,
 		},
 		{
 			name:     "three segments, array value with interface key",
 			segments: []string{"first", "second", "third"},
-			claims: map[string]interface{}{
-				"first": map[interface{}]interface{}{
-					"second": map[interface{}]interface{}{
+			claims: map[string]any{
+				"first": map[any]any{
+					"second": map[any]any{
 						"third": []string{"value1", "value2"},
 					},
 				},
--- a/pkg/oidc/client.go
+++ b/pkg/oidc/client.go
@@ -205,7 +205,7 @@ type userInfoRaw struct {
 }

 // Claims unmarshals the raw JSON object claims into the provided object.
-func (u *UserInfo) Claims(v interface{}) error {
+func (u *UserInfo) Claims(v any) error {
 	if u.claims == nil {
 		return errors.New("oidc: claims not set")
 	}
@@ -359,7 +359,7 @@ func (c *oidcClient) VerifyLogoutToken(ctx context.Context, rawToken string) (*L
 	return &claims, nil
 }

-func unmarshalResp(r *http.Response, body []byte, v interface{}) error {
+func unmarshalResp(r *http.Response, body []byte, v any) error {
 	err := json.Unmarshal(body, &v)
 	if err == nil {
 		return nil
--- a/pkg/oidc/client_test.go
+++ b/pkg/oidc/client_test.go
@@ -12,7 +12,7 @@ import (
 )

 type signingKey struct {
-	priv interface{}
+	priv any
 	jwks *keyfunc.JWKS
 }

@@ -27,7 +27,7 @@ func TestLogoutVerify(t *testing.T) {
 				"iat": 1471566154,
 				"jti": "bWJq",
 				"sid": "08a5019c-17e1-4977-8f42-65a12843ea02",
-				"events": map[string]interface{}{
+				"events": map[string]any{
 					"http://schemas.openid.net/event/backchannel-logout": struct{}{},
 				},
 			}),
@@ -39,7 +39,7 @@ func TestLogoutVerify(t *testing.T) {
 			logoutToken: jwt.NewWithClaims(jwt.SigningMethodRS256, jwt.MapClaims{
 				"iss": "https://foo1",
 				"sub": "248289761001",
-				"events": map[string]interface{}{
+				"events": map[string]any{
 					"http://schemas.openid.net/event/backchannel-logout": struct{}{},
 				},
 			}),
@@ -55,7 +55,7 @@ func TestLogoutVerify(t *testing.T) {
 				"iat": 1471566154,
 				"jti": "bWJq",
 				"sid": "08a5019c-17e1-4977-8f42-65a12843ea02",
-				"events": map[string]interface{}{
+				"events": map[string]any{
 					"http://schemas.openid.net/event/backchannel-logout": struct{}{},
 				},
 			}),
@@ -70,7 +70,7 @@ func TestLogoutVerify(t *testing.T) {
 				"aud": "s6BhdRkqt3",
 				"iat": 1471566154,
 				"jti": "bWJq",
-				"events": map[string]interface{}{
+				"events": map[string]any{
 					"http://schemas.openid.net/event/backchannel-logout": struct{}{},
 				},
 			}),
@@ -87,7 +87,7 @@ func TestLogoutVerify(t *testing.T) {
 				"jti":   "bWJq",
 				"sid":   "08a5019c-17e1-4977-8f42-65a12843ea02",
 				"nonce": "123",
-				"events": map[string]interface{}{
+				"events": map[string]any{
 					"http://schemas.openid.net/event/backchannel-logout": struct{}{},
 				},
 			}),
@@ -103,7 +103,7 @@ func TestLogoutVerify(t *testing.T) {
 				"iat": 1471566154,
 				"jti": "bWJq",
 				"sid": "08a5019c-17e1-4977-8f42-65a12843ea02",
-				"events": map[string]interface{}{
+				"events": map[string]any{
 					"http://blah.blah.blash/event/backchannel-logout": struct{}{},
 				},
 			}),
--- a/pkg/oidc/context.go
+++ b/pkg/oidc/context.go
@@ -9,13 +9,13 @@ type contextKey struct{}
 type newSessionFlagKey struct{}

 // NewContext makes a new context that contains the OpenID connect claims in a map.
-func NewContext(parent context.Context, c map[string]interface{}) context.Context {
+func NewContext(parent context.Context, c map[string]any) context.Context {
 	return context.WithValue(parent, contextKey{}, c)
 }

 // FromContext returns the claims map stored in a context, or nil if there isn't one.
-func FromContext(ctx context.Context) map[string]interface{} {
-	s, _ := ctx.Value(contextKey{}).(map[string]interface{})
+func FromContext(ctx context.Context) map[string]any {
+	s, _ := ctx.Value(contextKey{}).(map[string]any)
 	return s
 }

--- a/pkg/service/grpc/handler/ratelimiter/ratelimiter.go
+++ b/pkg/service/grpc/handler/ratelimiter/ratelimiter.go
@@ -21,7 +21,7 @@ func NewHandlerWrapper(limit int) server.HandlerWrapper {
 	}

 	return func(h server.HandlerFunc) server.HandlerFunc {
-		return func(ctx context.Context, req server.Request, rsp interface{}) error {
+		return func(ctx context.Context, req server.Request, rsp any) error {
 			select {
 			case <-ctx.Done():
 				return ctx.Err()
--- a/pkg/service/grpc/service.go
+++ b/pkg/service/grpc/service.go
@@ -99,7 +99,7 @@ func NewServiceWithClient(client client.Client, opts ...Option) (Service, error)
 // micro-plugin's opentracing wrapper: `opentracing.NewHandlerWrapper()`
 func LogHandler(l *log.Logger) func(fn server.HandlerFunc) server.HandlerFunc {
 	return func(fn server.HandlerFunc) server.HandlerFunc {
-		return func(ctx context.Context, req server.Request, rsp interface{}) error {
+		return func(ctx context.Context, req server.Request, rsp any) error {
 			now := time.Now()
 			spanContext := trace.SpanContextFromContext(ctx)
 			defer func() {
--- a/pkg/shared/reva.go
+++ b/pkg/shared/reva.go
@@ -22,8 +22,8 @@ func (r *Reva) GetRevaOptions() []pool.Option {
 	return opts
 }

-func (r *Reva) GetGRPCClientConfig() map[string]interface{} {
-	return map[string]interface{}{
+func (r *Reva) GetGRPCClientConfig() map[string]any {
+	return map[string]any{
 		"tls_mode":   r.TLS.Mode,
 		"tls_cacert": r.TLS.CACert,
 	}
--- a/pkg/shared/shared_types.go
+++ b/pkg/shared/shared_types.go
@@ -6,8 +6,8 @@ import "time"
 // is to unpack environment variables into a Go value. We do so with reflection, and this data structure is just a step
 // in between.
 type EnvBinding struct {
-	EnvVars     []string    // name of the environment var.
-	Destination interface{} // pointer to the original config value to modify.
+	EnvVars     []string // name of the environment var.
+	Destination any      // pointer to the original config value to modify.
 }

 // Log defines the available logging configuration.
--- a/pkg/sync/cache.go
+++ b/pkg/sync/cache.go
@@ -17,7 +17,7 @@ type Cache struct {

 // CacheEntry represents an entry on the cache. You can type assert on V.
 type CacheEntry struct {
-	V          interface{}
+	V          any
 	expiration time.Time
 }

@@ -25,7 +25,7 @@ type CacheEntry struct {
 func NewCache(capacity int) Cache {
 	return Cache{
 		capacity: uint64(capacity),
-		pool: sync.Pool{New: func() interface{} {
+		pool: sync.Pool{New: func() any {
 			return new(CacheEntry)
 		}},
 	}
@@ -45,7 +45,7 @@ func (c *Cache) Load(key string) *CacheEntry {
 }

 // Store adds an entry for given key and value
-func (c *Cache) Store(key string, val interface{}, expiration time.Time) {
+func (c *Cache) Store(key string, val any, expiration time.Time) {
 	if c.length > c.capacity {
 		c.evict()
 	}
@@ -79,7 +79,7 @@ func (c *Cache) Delete(key string) bool {

 // evict frees memory from the cache by removing entries that exceeded the cache TTL.
 func (c *Cache) evict() {
-	c.entries.Range(func(key, mapEntry interface{}) bool {
+	c.entries.Range(func(key, mapEntry any) bool {
 		entry := mapEntry.(*CacheEntry)
 		if c.expired(entry) {
 			c.Delete(key.(string))
--- a/pkg/sync/mutex.go
+++ b/pkg/sync/mutex.go
@@ -13,7 +13,7 @@ type NamedRWMutex struct {

 // NewNamedRWMutex returns a new instance of NamedRWMutex.
 func NewNamedRWMutex() NamedRWMutex {
-	return NamedRWMutex{pool: sync.Pool{New: func() interface{} {
+	return NamedRWMutex{pool: sync.Pool{New: func() any {
 		return new(sync.RWMutex)
 	}}}
 }
--- a/services/activitylog/pkg/server/http/server.go
+++ b/services/activitylog/pkg/server/http/server.go
@@ -19,7 +19,7 @@ import (
 )

 // Service is the service interface
-type Service interface{}
+type Service any

 // Server initializes the http service and server.
 func Server(opts ...Option) (http.Service, error) {
--- a/services/activitylog/pkg/service/http.go
+++ b/services/activitylog/pkg/service/http.go
@@ -18,12 +18,12 @@ import (
 	"github.com/opencloud-eu/reva/v2/pkg/utils"
 	"google.golang.org/grpc/metadata"

+	libregraph "github.com/opencloud-eu/libre-graph-api-go"
 	"github.com/opencloud-eu/opencloud/pkg/ast"
 	"github.com/opencloud-eu/opencloud/pkg/kql"
 	"github.com/opencloud-eu/opencloud/pkg/l10n"
 	ehmsg "github.com/opencloud-eu/opencloud/protogen/gen/opencloud/messages/eventhistory/v0"
 	ehsvc "github.com/opencloud-eu/opencloud/protogen/gen/opencloud/services/eventhistory/v0"
-	libregraph "github.com/opencloud-eu/libre-graph-api-go"
 )

 var (
@@ -121,7 +121,7 @@ func (s *ActivitylogService) HandleGetItemActivities(w http.ResponseWriter, r *h
 		var (
 			message string
 			ts      time.Time
-			vars    map[string]interface{}
+			vars    map[string]any
 		)

 		loc := l10n.MustGetUserLocale(r.Context(), activeUser.GetId().GetOpaqueId(), r.Header.Get(l10n.HeaderAcceptLanguage), s.valService)
@@ -252,7 +252,7 @@ func (s *ActivitylogService) HandleGetItemActivities(w http.ResponseWriter, r *h
 	w.WriteHeader(http.StatusOK)
 }

-func (s *ActivitylogService) unwrapEvent(e *ehmsg.Event) interface{} {
+func (s *ActivitylogService) unwrapEvent(e *ehmsg.Event) any {
 	etype, ok := s.registeredEvents[e.GetType()]
 	if !ok {
 		s.log.Error().Str("eventid", e.GetId()).Str("eventtype", e.GetType()).Msg("event not registered")
--- a/services/activitylog/pkg/service/migrations.go
+++ b/services/activitylog/pkg/service/migrations.go
@@ -54,9 +54,9 @@ func (a *ActivitylogService) migrateToV1(_ context.Context, kv nats.KeyValue) er

 	// keyValueEnvelope is the data structure used by the go micro plugin which was used previously.
 	type keyValueEnvelope struct {
-		Key      string                 `json:"key"`
-		Data     []byte                 `json:"data"`
-		Metadata map[string]interface{} `json:"metadata"`
+		Key      string         `json:"key"`
+		Data     []byte         `json:"data"`
+		Metadata map[string]any `json:"metadata"`
 	}

 	for key := range keyChan {
--- a/services/activitylog/pkg/service/response.go
+++ b/services/activitylog/pkg/service/response.go
@@ -69,11 +69,11 @@ type Sharee struct {
 }

 // ActivityOption allows setting variables for an activity
-type ActivityOption func(context.Context, gateway.GatewayAPIClient, map[string]interface{}) error
+type ActivityOption func(context.Context, gateway.GatewayAPIClient, map[string]any) error

 // WithResource sets the resource variable for an activity
 func WithResource(ref *provider.Reference, addSpace bool, explicitResourceName string) ActivityOption {
-	return func(ctx context.Context, gwc gateway.GatewayAPIClient, vars map[string]interface{}) error {
+	return func(ctx context.Context, gwc gateway.GatewayAPIClient, vars map[string]any) error {
 		info, err := utils.GetResource(ctx, ref, gwc)
 		if err != nil {
 			if explicitResourceName == "" {
@@ -119,7 +119,7 @@ func WithResource(ref *provider.Reference, addSpace bool, explicitResourceName s

 // WithOldResource sets the oldResource variable for an activity
 func WithOldResource(ref *provider.Reference) ActivityOption {
-	return func(_ context.Context, _ gateway.GatewayAPIClient, vars map[string]interface{}) error {
+	return func(_ context.Context, _ gateway.GatewayAPIClient, vars map[string]any) error {
 		name := filepath.Base(ref.GetPath())
 		vars["oldResource"] = Resource{
 			Name: name,
@@ -130,7 +130,7 @@ func WithOldResource(ref *provider.Reference) ActivityOption {

 // WithTrashedResource sets the resource variable if the resource is trashed
 func WithTrashedResource(ref *provider.Reference, rid *provider.ResourceId) ActivityOption {
-	return func(ctx context.Context, gwc gateway.GatewayAPIClient, vars map[string]interface{}) error {
+	return func(ctx context.Context, gwc gateway.GatewayAPIClient, vars map[string]any) error {
 		vars["resource"] = Resource{
 			Name: filepath.Base(ref.GetPath()),
 		}
@@ -174,7 +174,7 @@ func WithTrashedResource(ref *provider.Reference, rid *provider.ResourceId) Acti

 // WithUser sets the user variable for an Activity
 func WithUser(uid *user.UserId, u *user.User, impersonator *user.User) ActivityOption {
-	return func(ctx context.Context, gwc gateway.GatewayAPIClient, vars map[string]interface{}) error {
+	return func(ctx context.Context, gwc gateway.GatewayAPIClient, vars map[string]any) error {
 		var target *user.User
 		switch {
 		case impersonator != nil:
@@ -206,7 +206,7 @@ func WithUser(uid *user.UserId, u *user.User, impersonator *user.User) ActivityO

 // WithSharee sets the sharee variable for an activity
 func WithSharee(uid *user.UserId, gid *group.GroupId) ActivityOption {
-	return func(ctx context.Context, gwc gateway.GatewayAPIClient, vars map[string]interface{}) error {
+	return func(ctx context.Context, gwc gateway.GatewayAPIClient, vars map[string]any) error {
 		switch {
 		case uid != nil:
 			u, err := utils.GetUserNoGroups(ctx, uid, gwc)
@@ -252,7 +252,7 @@ func WithSharee(uid *user.UserId, gid *group.GroupId) ActivityOption {

 // WithSpace sets the space variable for an activity
 func WithSpace(spaceid *provider.StorageSpaceId) ActivityOption {
-	return func(ctx context.Context, gwc gateway.GatewayAPIClient, vars map[string]interface{}) error {
+	return func(ctx context.Context, gwc gateway.GatewayAPIClient, vars map[string]any) error {
 		s, err := utils.GetSpace(ctx, spaceid.GetOpaqueId(), gwc)
 		if err != nil {
 			vars["space"] = Resource{
@@ -272,7 +272,7 @@ func WithSpace(spaceid *provider.StorageSpaceId) ActivityOption {

 // WithTranslation sets a variable that translation is needed for
 func WithTranslation(t *l10n.Translator, locale string, key string, values []string) ActivityOption {
-	return func(_ context.Context, _ gateway.GatewayAPIClient, vars map[string]interface{}) error {
+	return func(_ context.Context, _ gateway.GatewayAPIClient, vars map[string]any) error {
 		f := t.Translate(StrSomeField, locale)
 		if len(values) > 0 {
 			for i := range values {
@@ -289,7 +289,7 @@ func WithTranslation(t *l10n.Translator, locale string, key string, values []str

 // WithVar sets a variable for an activity
 func WithVar(key, id, name string) ActivityOption {
-	return func(_ context.Context, _ gateway.GatewayAPIClient, vars map[string]interface{}) error {
+	return func(_ context.Context, _ gateway.GatewayAPIClient, vars map[string]any) error {
 		vars[key] = Resource{
 			ID:   id,
 			Name: name,
@@ -299,7 +299,7 @@ func WithVar(key, id, name string) ActivityOption {
 }

 // NewActivity creates a new activity
-func NewActivity(message string, ts time.Time, eventID string, vars map[string]interface{}) libregraph.Activity {
+func NewActivity(message string, ts time.Time, eventID string, vars map[string]any) libregraph.Activity {
 	return libregraph.Activity{
 		Id:    eventID,
 		Times: libregraph.ActivityTimes{RecordedTime: ts},
@@ -311,13 +311,13 @@ func NewActivity(message string, ts time.Time, eventID string, vars map[string]i
 }

 // GetVars calls other service to gather the required data for the activity variables
-func (s *ActivitylogService) GetVars(ctx context.Context, opts ...ActivityOption) (map[string]interface{}, error) {
+func (s *ActivitylogService) GetVars(ctx context.Context, opts ...ActivityOption) (map[string]any, error) {
 	gwc, err := s.gws.Next()
 	if err != nil {
 		return nil, err
 	}

-	vars := make(map[string]interface{})
+	vars := make(map[string]any)
 	for _, opt := range opts {
 		if err := opt(ctx, gwc, vars); err != nil {
 			s.log.Info().Err(err).Msg("error getting activity vars")
--- a/services/activitylog/pkg/service/service_test.go
+++ b/services/activitylog/pkg/service/service_test.go
@@ -268,7 +268,7 @@ var _ = Describe("ActivitylogService", func() {
 	})
 })

-func activitites(acts ...interface{}) []RawActivity {
+func activitites(acts ...any) []RawActivity {
 	var activities []RawActivity
 	act := RawActivity{}
 	for _, a := range acts {
--- a/services/app-provider/pkg/revaconfig/config.go
+++ b/services/app-provider/pkg/revaconfig/config.go
@@ -6,28 +6,28 @@ import (
 )

 // AppProviderConfigFromStruct will adapt an OpenCloud config struct into a reva mapstructure to start a reva service.
-func AppProviderConfigFromStruct(cfg *config.Config) map[string]interface{} {
-	rcfg := map[string]interface{}{
-		"shared": map[string]interface{}{
+func AppProviderConfigFromStruct(cfg *config.Config) map[string]any {
+	rcfg := map[string]any{
+		"shared": map[string]any{
 			"jwt_secret":           cfg.TokenManager.JWTSecret,
 			"gatewaysvc":           cfg.Reva.Address,
 			"grpc_client_options":  cfg.Reva.GetGRPCClientConfig(),
 			"multi_tenant_enabled": cfg.Commons.MultiTenantEnabled,
 		},
-		"grpc": map[string]interface{}{
+		"grpc": map[string]any{
 			"network": cfg.GRPC.Protocol,
 			"address": cfg.GRPC.Addr,
-			"tls_settings": map[string]interface{}{
+			"tls_settings": map[string]any{
 				"enabled":     cfg.GRPC.TLS.Enabled,
 				"certificate": cfg.GRPC.TLS.Cert,
 				"key":         cfg.GRPC.TLS.Key,
 			},
-			"services": map[string]interface{}{
-				"appprovider": map[string]interface{}{
+			"services": map[string]any{
+				"appprovider": map[string]any{
 					"app_provider_url": cfg.ExternalAddr,
 					"driver":           cfg.Driver,
-					"drivers": map[string]interface{}{
-						"wopi": map[string]interface{}{
+					"drivers": map[string]any{
+						"wopi": map[string]any{
 							"app_api_key":                   cfg.Drivers.WOPI.AppAPIKey,
 							"app_desktop_only":              cfg.Drivers.WOPI.AppDesktopOnly,
 							"app_icon_uri":                  cfg.Drivers.WOPI.AppIconURI,
@@ -45,8 +45,8 @@ func AppProviderConfigFromStruct(cfg *config.Config) map[string]interface{} {
 					},
 				},
 			},
-			"interceptors": map[string]interface{}{
-				"prometheus": map[string]interface{}{
+			"interceptors": map[string]any{
+				"prometheus": map[string]any{
 					"namespace": "opencloud",
 					"subsystem": "app_provider",
 				},
--- a/services/app-registry/pkg/revaconfig/config.go
+++ b/services/app-registry/pkg/revaconfig/config.go
@@ -7,34 +7,34 @@ import (
 )

 // AppRegistryConfigFromStruct will adapt an OpenCloud config struct into a reva mapstructure to start a reva service.
-func AppRegistryConfigFromStruct(cfg *config.Config, logger log.Logger) map[string]interface{} {
-	rcfg := map[string]interface{}{
-		"shared": map[string]interface{}{
+func AppRegistryConfigFromStruct(cfg *config.Config, logger log.Logger) map[string]any {
+	rcfg := map[string]any{
+		"shared": map[string]any{
 			"jwt_secret":           cfg.TokenManager.JWTSecret,
 			"gatewaysvc":           cfg.Reva.Address,
 			"grpc_client_options":  cfg.Reva.GetGRPCClientConfig(),
 			"multi_tenant_enabled": cfg.Commons.MultiTenantEnabled,
 		},
-		"grpc": map[string]interface{}{
+		"grpc": map[string]any{
 			"network": cfg.GRPC.Protocol,
 			"address": cfg.GRPC.Addr,
-			"tls_settings": map[string]interface{}{
+			"tls_settings": map[string]any{
 				"enabled":     cfg.GRPC.TLS.Enabled,
 				"certificate": cfg.GRPC.TLS.Cert,
 				"key":         cfg.GRPC.TLS.Key,
 			},
-			"services": map[string]interface{}{
-				"appregistry": map[string]interface{}{
+			"services": map[string]any{
+				"appregistry": map[string]any{
 					"driver": "static",
-					"drivers": map[string]interface{}{
-						"static": map[string]interface{}{
+					"drivers": map[string]any{
+						"static": map[string]any{
 							"mime_types": mimetypes(cfg, logger),
 						},
 					},
 				},
 			},
-			"interceptors": map[string]interface{}{
-				"prometheus": map[string]interface{}{
+			"interceptors": map[string]any{
+				"prometheus": map[string]any{
 					"namespace": "opencloud",
 					"subsystem": "app_registry",
 				},
@@ -44,8 +44,8 @@ func AppRegistryConfigFromStruct(cfg *config.Config, logger log.Logger) map[stri
 	return rcfg
 }

-func mimetypes(cfg *config.Config, logger log.Logger) []map[string]interface{} {
-	var m []map[string]interface{}
+func mimetypes(cfg *config.Config, logger log.Logger) []map[string]any {
+	var m []map[string]any
 	if err := mapstructure.Decode(cfg.AppRegistry.MimeTypeConfig, &m); err != nil {
 		logger.Error().Err(err).Msg("Failed to decode appregistry mimetypes to mapstructure")
 		return nil
--- a/services/audit/pkg/service/service.go
+++ b/services/audit/pkg/service/service.go
@@ -16,7 +16,7 @@ import (
 type Log func([]byte)

 // Marshaller is used to marshal events
-type Marshaller func(interface{}) ([]byte, error)
+type Marshaller func(any) ([]byte, error)

 // AuditLoggerFromConfig will start a new AuditLogger generated from the config
 func AuditLoggerFromConfig(ctx context.Context, cfg config.Auditlog, ch <-chan events.Event, log log.Logger) {
@@ -47,7 +47,7 @@ func StartAuditLogger(ctx context.Context, ch <-chan events.Event, log log.Logge
 				return
 			}

-			var auditEvent interface{}
+			var auditEvent any
 			switch ev := i.Event.(type) {
 			case events.ShareCreated:
 				auditEvent = types.ShareCreated(ev)
@@ -177,13 +177,13 @@ func Marshal(format string, log log.Logger) Marshaller {
 	case "json":
 		return json.Marshal
 	case "minimal":
-		return func(ev interface{}) ([]byte, error) {
+		return func(ev any) ([]byte, error) {
 			b, err := json.Marshal(ev)
 			if err != nil {
 				return nil, err
 			}

-			m := make(map[string]interface{})
+			m := make(map[string]any)
 			if err := json.Unmarshal(b, &m); err != nil {
 				return nil, err
 			}
--- a/services/auth-app/pkg/revaconfig/config.go
+++ b/services/auth-app/pkg/revaconfig/config.go
@@ -8,7 +8,7 @@ import (
 )

 // AuthAppConfigFromStruct will adapt an OpenCloud config struct into a reva mapstructure to start a reva service.
-func AuthAppConfigFromStruct(cfg *config.Config) map[string]interface{} {
+func AuthAppConfigFromStruct(cfg *config.Config) map[string]any {
 	appAuthJSON := filepath.Join(defaults.BaseDataPath(), "appauth.json")

 	jsonCS3pwGenOpt := map[string]any{}
@@ -19,38 +19,38 @@ func AuthAppConfigFromStruct(cfg *config.Config) map[string]interface{} {
 		jsonCS3pwGenOpt["number_of_words"] = cfg.StorageDrivers.JSONCS3.PasswordGeneratorOptions.DicewareOptions.NumberOfWords
 	}

-	rcfg := map[string]interface{}{
-		"shared": map[string]interface{}{
+	rcfg := map[string]any{
+		"shared": map[string]any{
 			"jwt_secret":                cfg.TokenManager.JWTSecret,
 			"gatewaysvc":                cfg.Reva.Address,
 			"skip_user_groups_in_token": cfg.SkipUserGroupsInToken,
 			"grpc_client_options":       cfg.Reva.GetGRPCClientConfig(),
 			"multi_tenant_enabled":      cfg.Commons.MultiTenantEnabled,
 		},
-		"grpc": map[string]interface{}{
+		"grpc": map[string]any{
 			"network": cfg.GRPC.Protocol,
 			"address": cfg.GRPC.Addr,
-			"tls_settings": map[string]interface{}{
+			"tls_settings": map[string]any{
 				"enabled":     cfg.GRPC.TLS.Enabled,
 				"certificate": cfg.GRPC.TLS.Cert,
 				"key":         cfg.GRPC.TLS.Key,
 			},
-			"services": map[string]interface{}{
-				"authprovider": map[string]interface{}{
+			"services": map[string]any{
+				"authprovider": map[string]any{
 					"auth_manager": "appauth",
-					"auth_managers": map[string]interface{}{
-						"appauth": map[string]interface{}{
+					"auth_managers": map[string]any{
+						"appauth": map[string]any{
 							"gateway_addr": cfg.Reva.Address,
 						},
 					},
 				},
-				"applicationauth": map[string]interface{}{
+				"applicationauth": map[string]any{
 					"driver": cfg.StorageDriver,
-					"drivers": map[string]interface{}{
-						"json": map[string]interface{}{
+					"drivers": map[string]any{
+						"json": map[string]any{
 							"file": appAuthJSON,
 						},
-						"jsoncs3": map[string]interface{}{
+						"jsoncs3": map[string]any{
 							"provider_addr":       cfg.StorageDrivers.JSONCS3.ProviderAddr,
 							"service_user_id":     cfg.StorageDrivers.JSONCS3.SystemUserID,
 							"service_user_idp":    cfg.StorageDrivers.JSONCS3.SystemUserIDP,
@@ -61,8 +61,8 @@ func AuthAppConfigFromStruct(cfg *config.Config) map[string]interface{} {
 					},
 				},
 			},
-			"interceptors": map[string]interface{}{
-				"prometheus": map[string]interface{}{
+			"interceptors": map[string]any{
+				"prometheus": map[string]any{
 					"namespace": "opencloud",
 					"subsystem": "auth_app",
 				},
--- a/services/auth-app/pkg/server/http/server.go
+++ b/services/auth-app/pkg/server/http/server.go
@@ -19,7 +19,7 @@ import (
 )

 // Service is the service interface
-type Service interface{}
+type Service any

 // Server initializes the http service and server.
 func Server(opts ...Option) (http.Service, error) {
--- a/services/auth-basic/pkg/revaconfig/config.go
+++ b/services/auth-basic/pkg/revaconfig/config.go
@@ -5,33 +5,33 @@ import (
 )

 // AuthBasicConfigFromStruct will adapt an OpenCloud config struct into a reva mapstructure to start a reva service.
-func AuthBasicConfigFromStruct(cfg *config.Config) map[string]interface{} {
-	rcfg := map[string]interface{}{
-		"shared": map[string]interface{}{
+func AuthBasicConfigFromStruct(cfg *config.Config) map[string]any {
+	rcfg := map[string]any{
+		"shared": map[string]any{
 			"jwt_secret":                cfg.TokenManager.JWTSecret,
 			"gatewaysvc":                cfg.Reva.Address,
 			"skip_user_groups_in_token": cfg.SkipUserGroupsInToken,
 			"grpc_client_options":       cfg.Reva.GetGRPCClientConfig(),
 			"multi_tenant_enabled":      cfg.Commons.MultiTenantEnabled,
 		},
-		"grpc": map[string]interface{}{
+		"grpc": map[string]any{
 			"network": cfg.GRPC.Protocol,
 			"address": cfg.GRPC.Addr,
-			"tls_settings": map[string]interface{}{
+			"tls_settings": map[string]any{
 				"enabled":     cfg.GRPC.TLS.Enabled,
 				"certificate": cfg.GRPC.TLS.Cert,
 				"key":         cfg.GRPC.TLS.Key,
 			},
 			// TODO build services dynamically
-			"services": map[string]interface{}{
-				"authprovider": map[string]interface{}{
+			"services": map[string]any{
+				"authprovider": map[string]any{
 					"auth_manager": cfg.AuthProvider,
-					"auth_managers": map[string]interface{}{
-						"json": map[string]interface{}{
+					"auth_managers": map[string]any{
+						"json": map[string]any{
 							"users": cfg.AuthProviders.JSON.File,
 						},
 						"ldap": ldapConfigFromString(cfg.AuthProviders.LDAP),
-						"owncloudsql": map[string]interface{}{
+						"owncloudsql": map[string]any{
 							"dbusername":        cfg.AuthProviders.OwnCloudSQL.DBUsername,
 							"dbpassword":        cfg.AuthProviders.OwnCloudSQL.DBPassword,
 							"dbhost":            cfg.AuthProviders.OwnCloudSQL.DBHost,
@@ -45,8 +45,8 @@ func AuthBasicConfigFromStruct(cfg *config.Config) map[string]interface{} {
 					},
 				},
 			},
-			"interceptors": map[string]interface{}{
-				"prometheus": map[string]interface{}{
+			"interceptors": map[string]any{
+				"prometheus": map[string]any{
 					"namespace": "opencloud",
 					"subsystem": "auth_basic",
 				},
@@ -56,8 +56,8 @@ func AuthBasicConfigFromStruct(cfg *config.Config) map[string]interface{} {
 	return rcfg
 }

-func ldapConfigFromString(cfg config.LDAPProvider) map[string]interface{} {
-	return map[string]interface{}{
+func ldapConfigFromString(cfg config.LDAPProvider) map[string]any {
+	return map[string]any{
 		"uri":                     cfg.URI,
 		"cacert":                  cfg.CACert,
 		"insecure":                cfg.Insecure,
@@ -76,7 +76,7 @@ func ldapConfigFromString(cfg config.LDAPProvider) map[string]interface{} {
 		"user_enabled_property":   cfg.UserSchema.Enabled,
 		"group_local_disabled_dn": cfg.LdapDisabledUsersGroupDN,
 		"idp":                     cfg.IDP,
-		"user_schema": map[string]interface{}{
+		"user_schema": map[string]any{
 			"id":              cfg.UserSchema.ID,
 			"tenantId":        cfg.UserSchema.TenantID,
 			"idIsOctetString": cfg.UserSchema.IDIsOctetString,
@@ -84,7 +84,7 @@ func ldapConfigFromString(cfg config.LDAPProvider) map[string]interface{} {
 			"displayName":     cfg.UserSchema.DisplayName,
 			"userName":        cfg.UserSchema.Username,
 		},
-		"group_schema": map[string]interface{}{
+		"group_schema": map[string]any{
 			"id":              cfg.GroupSchema.ID,
 			"idIsOctetString": cfg.GroupSchema.IDIsOctetString,
 			"mail":            cfg.GroupSchema.Mail,
--- a/services/auth-bearer/pkg/revaconfig/config.go
+++ b/services/auth-bearer/pkg/revaconfig/config.go
@@ -6,28 +6,28 @@ import (
 )

 // AuthBearerConfigFromStruct will adapt an OpenCloud config struct into a reva mapstructure to start a reva service.
-func AuthBearerConfigFromStruct(cfg *config.Config) map[string]interface{} {
-	return map[string]interface{}{
-		"shared": map[string]interface{}{
+func AuthBearerConfigFromStruct(cfg *config.Config) map[string]any {
+	return map[string]any{
+		"shared": map[string]any{
 			"jwt_secret":                cfg.TokenManager.JWTSecret,
 			"gatewaysvc":                cfg.Reva.Address,
 			"skip_user_groups_in_token": cfg.SkipUserGroupsInToken,
 			"grpc_client_options":       cfg.Reva.GetGRPCClientConfig(),
 			"multi_tenant_enabled":      cfg.Commons.MultiTenantEnabled,
 		},
-		"grpc": map[string]interface{}{
+		"grpc": map[string]any{
 			"network": cfg.GRPC.Protocol,
 			"address": cfg.GRPC.Addr,
-			"tls_settings": map[string]interface{}{
+			"tls_settings": map[string]any{
 				"enabled":     cfg.GRPC.TLS.Enabled,
 				"certificate": cfg.GRPC.TLS.Cert,
 				"key":         cfg.GRPC.TLS.Key,
 			},
-			"services": map[string]interface{}{
-				"authprovider": map[string]interface{}{
+			"services": map[string]any{
+				"authprovider": map[string]any{
 					"auth_manager": "oidc",
-					"auth_managers": map[string]interface{}{
-						"oidc": map[string]interface{}{
+					"auth_managers": map[string]any{
+						"oidc": map[string]any{
 							"issuer":    cfg.OIDC.Issuer,
 							"insecure":  cfg.OIDC.Insecure,
 							"id_claim":  cfg.OIDC.IDClaim,
@@ -37,8 +37,8 @@ func AuthBearerConfigFromStruct(cfg *config.Config) map[string]interface{} {
 					},
 				},
 			},
-			"interceptors": map[string]interface{}{
-				"prometheus": map[string]interface{}{
+			"interceptors": map[string]any{
+				"prometheus": map[string]any{
 					"namespace": "opencloud",
 					"subsystem": "auth_bearer",
 				},
--- a/services/auth-machine/pkg/revaconfig/config.go
+++ b/services/auth-machine/pkg/revaconfig/config.go
@@ -5,36 +5,36 @@ import (
 )

 // AuthMachineConfigFromStruct will adapt an OpenCloud config struct into a reva mapstructure to start a reva service.
-func AuthMachineConfigFromStruct(cfg *config.Config) map[string]interface{} {
-	return map[string]interface{}{
-		"shared": map[string]interface{}{
+func AuthMachineConfigFromStruct(cfg *config.Config) map[string]any {
+	return map[string]any{
+		"shared": map[string]any{
 			"jwt_secret":                cfg.TokenManager.JWTSecret,
 			"gatewaysvc":                cfg.Reva.Address,
 			"skip_user_groups_in_token": cfg.SkipUserGroupsInToken,
 			"grpc_client_options":       cfg.Reva.GetGRPCClientConfig(),
 			"multi_tenant_enabled":      cfg.Commons.MultiTenantEnabled,
 		},
-		"grpc": map[string]interface{}{
+		"grpc": map[string]any{
 			"network": cfg.GRPC.Protocol,
 			"address": cfg.GRPC.Addr,
-			"tls_settings": map[string]interface{}{
+			"tls_settings": map[string]any{
 				"enabled":     cfg.GRPC.TLS.Enabled,
 				"certificate": cfg.GRPC.TLS.Cert,
 				"key":         cfg.GRPC.TLS.Key,
 			},
-			"services": map[string]interface{}{
-				"authprovider": map[string]interface{}{
+			"services": map[string]any{
+				"authprovider": map[string]any{
 					"auth_manager": "machine",
-					"auth_managers": map[string]interface{}{
-						"machine": map[string]interface{}{
+					"auth_managers": map[string]any{
+						"machine": map[string]any{
 							"api_key":      cfg.MachineAuthAPIKey,
 							"gateway_addr": cfg.Reva.Address,
 						},
 					},
 				},
 			},
-			"interceptors": map[string]interface{}{
-				"prometheus": map[string]interface{}{
+			"interceptors": map[string]any{
+				"prometheus": map[string]any{
 					"namespace": "opencloud",
 					"subsystem": "auth_machine",
 				},
--- a/services/auth-service/pkg/revaconfig/config.go
+++ b/services/auth-service/pkg/revaconfig/config.go
@@ -5,28 +5,28 @@ import (
 )

 // AuthMachineConfigFromStruct will adapt an OpenCloud config struct into a reva mapstructure to start a reva service.
-func AuthMachineConfigFromStruct(cfg *config.Config) map[string]interface{} {
-	return map[string]interface{}{
-		"shared": map[string]interface{}{
+func AuthMachineConfigFromStruct(cfg *config.Config) map[string]any {
+	return map[string]any{
+		"shared": map[string]any{
 			"jwt_secret":           cfg.TokenManager.JWTSecret,
 			"gatewaysvc":           cfg.Reva.Address,
 			"grpc_client_options":  cfg.Reva.GetGRPCClientConfig(),
 			"multi_tenant_enabled": cfg.Commons.MultiTenantEnabled,
 		},
-		"grpc": map[string]interface{}{
+		"grpc": map[string]any{
 			"network": cfg.GRPC.Protocol,
 			"address": cfg.GRPC.Addr,
-			"tls_settings": map[string]interface{}{
+			"tls_settings": map[string]any{
 				"enabled":     cfg.GRPC.TLS.Enabled,
 				"certificate": cfg.GRPC.TLS.Cert,
 				"key":         cfg.GRPC.TLS.Key,
 			},
-			"services": map[string]interface{}{
-				"authprovider": map[string]interface{}{
+			"services": map[string]any{
+				"authprovider": map[string]any{
 					"auth_manager": "serviceaccounts",
-					"auth_managers": map[string]interface{}{
-						"serviceaccounts": map[string]interface{}{
-							"service_accounts": []map[string]interface{}{
+					"auth_managers": map[string]any{
+						"serviceaccounts": map[string]any{
+							"service_accounts": []map[string]any{
 								{
 									"id":     cfg.ServiceAccount.ServiceAccountID,
 									"secret": cfg.ServiceAccount.ServiceAccountSecret,
@@ -36,8 +36,8 @@ func AuthMachineConfigFromStruct(cfg *config.Config) map[string]interface{} {
 					},
 				},
 			},
-			"interceptors": map[string]interface{}{
-				"prometheus": map[string]interface{}{
+			"interceptors": map[string]any{
+				"prometheus": map[string]any{
 					"namespace": "opencloud",
 					"subsystem": "auth_service",
 				},
--- a/services/clientlog/pkg/service/service.go
+++ b/services/clientlog/pkg/service/service.go
@@ -118,7 +118,7 @@ func (cl *ClientlogService) processEvent(event events.Event) {
 	var (
 		users  []string
 		evType string
-		data   interface{}
+		data   any
 	)

 	fileEv := func(typ string, ref *provider.Reference) {
@@ -197,7 +197,7 @@ func (cl *ClientlogService) processEvent(event events.Event) {
 	}
 }

-func (cl *ClientlogService) sendSSE(userIDs []string, evType string, data interface{}) error {
+func (cl *ClientlogService) sendSSE(userIDs []string, evType string, data any) error {
 	b, err := json.Marshal(data)
 	if err != nil {
 		return err
--- a/services/collaboration/pkg/connector/connector.go
+++ b/services/collaboration/pkg/connector/connector.go
@@ -15,7 +15,7 @@ import (
 type ConnectorResponse struct {
 	Status  int
 	Headers map[string]string
-	Body    interface{}
+	Body    any
 }

 // NewResponse creates a new ConnectorResponse with just the specified status.
@@ -85,7 +85,7 @@ func NewResponseWithVersionAndLock(status int, mtime *types.Timestamp, lockID st
 // (success) status and the specified body. The headers will be nil.
 //
 // This is used for the `CheckFileInfo` method in order to return the fileinfo
-func NewResponseSuccessBody(body interface{}) *ConnectorResponse {
+func NewResponseSuccessBody(body any) *ConnectorResponse {
 	return &ConnectorResponse{
 		Status: 200,
 		Body:   body,
@@ -101,7 +101,7 @@ func NewResponseSuccessBody(body interface{}) *ConnectorResponse {
 func NewResponseSuccessBodyName(name string) *ConnectorResponse {
 	return &ConnectorResponse{
 		Status: 200,
-		Body: map[string]interface{}{
+		Body: map[string]any{
 			"Name": name,
 		},
 	}
@@ -115,7 +115,7 @@ func NewResponseSuccessBodyName(name string) *ConnectorResponse {
 func NewResponseSuccessBodyNameUrl(name, url string, hostEditURL string, hostViewURL string) *ConnectorResponse {
 	return &ConnectorResponse{
 		Status: 200,
-		Body: map[string]interface{}{
+		Body: map[string]any{
 			"Name":        name,
 			"Url":         url,
 			"HostEditUrl": hostEditURL,
--- a/services/collaboration/pkg/connector/fileconnector.go
+++ b/services/collaboration/pkg/connector/fileconnector.go
@@ -874,7 +874,7 @@ func (f *FileConnector) PutRelativeFileRelative(ctx context.Context, ccs Content
 				HeaderWopiLock:              lockID,
 				HeaderWopiLockFailureReason: "Lock Conflict",
 			},
-			Body: map[string]interface{}{
+			Body: map[string]any{
 				"Name":        target,
 				"Url":         wopiSrcURL.String(),
 				"HostViewUrl": createHostUrl("view", webURL, strings.ToLower(f.cfg.App.Name), newInfo),
@@ -1260,7 +1260,7 @@ func (f *FileConnector) CheckFileInfo(ctx context.Context) (*ConnectorResponse,
 		}
 	}
 	// fileinfo map
-	infoMap := map[string]interface{}{
+	infoMap := map[string]any{
 		fileinfo.KeyOwnerID:           hexEncodedOwnerId,
 		fileinfo.KeySize:              int64(statRes.GetInfo().GetSize()),
 		fileinfo.KeyVersion:           getVersion(statRes.GetInfo().GetMtime()),
--- a/services/collaboration/pkg/connector/fileconnector_test.go
+++ b/services/collaboration/pkg/connector/fileconnector_test.go
@@ -955,7 +955,7 @@ var _ = Describe("FileConnector", func() {
 			Expect(err).ToNot(HaveOccurred())
 			Expect(response.Status).To(Equal(200))
 			Expect(response.Headers).To(BeNil())
-			rBody := response.Body.(map[string]interface{})
+			rBody := response.Body.(map[string]any)
 			Expect(rBody["Name"]).To(Equal("newDocument.docx"))
 			Expect(rBody["Url"]).To(HavePrefix("https://wopi.opencloud.test/wopi/files/")) // skip checking the actual reference
 			Expect(rBody["HostEditUrl"]).To(Equal("https://cloud.opencloud.test/external-test/personal/path/to/newDocument.docx?fileId=storageid%24spaceid%21opaqueid_newDoc&view_mode=write"))
@@ -1010,7 +1010,7 @@ var _ = Describe("FileConnector", func() {
 			Expect(err).ToNot(HaveOccurred())
 			Expect(response.Status).To(Equal(200))
 			Expect(response.Headers).To(BeNil())
-			rBody := response.Body.(map[string]interface{})
+			rBody := response.Body.(map[string]any)
 			Expect(rBody["Name"]).To(Equal("file.pdf"))
 			Expect(rBody["Url"]).To(HavePrefix("https://wopi.opencloud.test/wopi/files/")) // skip checking the actual reference
 			Expect(rBody["HostEditUrl"]).To(Equal("https://cloud.opencloud.test/external-test/personal/path/to/file.pdf?fileId=storageid%24spaceid%21opaqueid_newDoc&view_mode=write"))
@@ -1082,7 +1082,7 @@ var _ = Describe("FileConnector", func() {
 			Expect(err).ToNot(HaveOccurred())
 			Expect(response.Status).To(Equal(200))
 			Expect(response.Headers).To(BeNil())
-			rBody := response.Body.(map[string]interface{})
+			rBody := response.Body.(map[string]any)
 			Expect(rBody["Name"]).To(MatchRegexp(`[a-zA-Z0-9_-] file\.pdf`))
 			Expect(rBody["Url"]).To(HavePrefix("https://wopi.opencloud.test/wopi/files/")) // skip checking the actual reference
 			Expect(rBody["HostEditUrl"]).To(Equal("https://cloud.opencloud.test/external-test/personal/path/to/" + url.PathEscape(path.Base(*newFilePath)) + "?fileId=storageid%24spaceid%21opaqueid_newDoc&view_mode=write"))
@@ -1206,7 +1206,7 @@ var _ = Describe("FileConnector", func() {
 			Expect(err).ToNot(HaveOccurred())
 			Expect(response.Status).To(Equal(200))
 			Expect(response.Headers).To(BeNil())
-			rBody := response.Body.(map[string]interface{})
+			rBody := response.Body.(map[string]any)
 			Expect(rBody["Name"]).To(Equal("newDocument.docx"))
 			Expect(rBody["Url"]).To(HavePrefix("https://wopi.opencloud.test/wopi/files/")) // skip checking the actual reference
 			Expect(rBody["HostEditUrl"]).To(Equal("https://cloud.opencloud.test/external-test/personal/path/to/newDocument.docx?fileId=storageid%24spaceid%21opaqueid_newDoc&view_mode=write"))
@@ -1265,7 +1265,7 @@ var _ = Describe("FileConnector", func() {
 			Expect(response.Status).To(Equal(409))
 			Expect(response.Headers[connector.HeaderWopiLock]).To(Equal("zzz999"))
 			Expect(response.Headers[connector.HeaderWopiValidRT]).To(MatchRegexp(`[a-zA-Z0-9_-] convFile\.pdf`))
-			rBody := response.Body.(map[string]interface{})
+			rBody := response.Body.(map[string]any)
 			Expect(rBody["Name"]).To(Equal("convFile.pdf"))
 			Expect(rBody["Url"]).To(HavePrefix("https://wopi.opencloud.test/wopi/files/")) // skip checking the actual reference
 			Expect(rBody["HostEditUrl"]).To(Equal("https://cloud.opencloud.test/external-test/personal/path/to/convFile.pdf?fileId=storageid%24spaceid%21opaqueid_newDoc&view_mode=write"))
@@ -1575,7 +1575,7 @@ var _ = Describe("FileConnector", func() {
 			Expect(err).ToNot(HaveOccurred())
 			Expect(response.Status).To(Equal(200))
 			Expect(response.Headers).To(BeNil())
-			rBody := response.Body.(map[string]interface{})
+			rBody := response.Body.(map[string]any)
 			Expect(rBody["Name"]).To(MatchRegexp(`^[a-zA-Z0-9_-]+ newFile$`))
 		})

@@ -1607,7 +1607,7 @@ var _ = Describe("FileConnector", func() {
 			Expect(err).ToNot(HaveOccurred())
 			Expect(response.Status).To(Equal(200))
 			Expect(response.Headers).To(BeNil())
-			rBody := response.Body.(map[string]interface{})
+			rBody := response.Body.(map[string]any)
 			Expect(rBody["Name"]).To(Equal("newFile"))
 		})
 	})
--- a/services/collaboration/pkg/connector/fileinfo/collabora.go
+++ b/services/collaboration/pkg/connector/fileinfo/collabora.go
@@ -96,7 +96,7 @@ type Collabora struct {
 }

 // SetProperties will set the file properties for the Collabora implementation.
-func (cinfo *Collabora) SetProperties(props map[string]interface{}) {
+func (cinfo *Collabora) SetProperties(props map[string]any) {
 	for key, value := range props {
 		switch key {
 		case KeyBaseFileName:
--- a/services/collaboration/pkg/connector/fileinfo/fileinfo.go
+++ b/services/collaboration/pkg/connector/fileinfo/fileinfo.go
@@ -17,7 +17,7 @@ type FileInfo interface {
 	// implementations with different properties. You can use the same map
 	// for all the implementations knowing that the relevant properties for
 	// each implementation will be set.
-	SetProperties(props map[string]interface{})
+	SetProperties(props map[string]any)

 	// GetTarget will return the target implementation (OnlyOffice, Collabora...).
 	// This will help to identify the implementation we're using in an easy way.
@@ -114,7 +114,7 @@ const (
 	KeyDownloadAsPostMessage   = "DownloadAsPostMessage"
 	KeySaveAsPostmessage       = "SaveAsPostmessage"
 	KeyEnableOwnerTermination  = "EnableOwnerTermination"
-	KeyUserExtraInfo = "UserExtraInfo"
+	KeyUserExtraInfo           = "UserExtraInfo"
 	//KeyUserPrivateInfo -> requires definition, currently not used
 	KeyWatermarkText = "WatermarkText"

--- a/services/collaboration/pkg/connector/fileinfo/microsoft.go
+++ b/services/collaboration/pkg/connector/fileinfo/microsoft.go
@@ -164,7 +164,7 @@ type Microsoft struct {
 }

 // SetProperties will set the file properties for the Microsoft implementation.
-func (minfo *Microsoft) SetProperties(props map[string]interface{}) {
+func (minfo *Microsoft) SetProperties(props map[string]any) {
 	for key, value := range props {
 		switch key {
 		case KeyBaseFileName:
--- a/services/collaboration/pkg/connector/fileinfo/onlyoffice.go
+++ b/services/collaboration/pkg/connector/fileinfo/onlyoffice.go
@@ -130,7 +130,7 @@ type OnlyOffice struct {
 }

 // SetProperties will set the file properties for the OnlyOffice implementation.
-func (oinfo *OnlyOffice) SetProperties(props map[string]interface{}) {
+func (oinfo *OnlyOffice) SetProperties(props map[string]any) {
 	for key, value := range props {
 		switch key {
 		case KeyBaseFileName:
--- a/services/collaboration/pkg/locks/parser.go
+++ b/services/collaboration/pkg/locks/parser.go
@@ -52,7 +52,7 @@ func (*NoopLockParser) ParseLock(id string) string {
 //
 // If the JSON string is not in the expected format, the original lockID will be returned.
 func (*LegacyLockParser) ParseLock(id string) string {
-	var decodedValues map[string]interface{}
+	var decodedValues map[string]any
 	err := json.Unmarshal([]byte(id), &decodedValues)
 	if err != nil || len(decodedValues) == 0 {
 		return id
--- a/services/collaboration/pkg/locks/parser_test.go
+++ b/services/collaboration/pkg/locks/parser_test.go
@@ -15,12 +15,12 @@ func TestLegacyLockParser(t *testing.T) {
 	}{
 		{
 			name:      "JsonStringWithLKey",
-			lock:      createJsonString(map[string]interface{}{"L": "12345678", "F": 4, "E": 2, "C": "", "P": "3453345345346", "M": "12345678"}),
+			lock:      createJsonString(map[string]any{"L": "12345678", "F": 4, "E": 2, "C": "", "P": "3453345345346", "M": "12345678"}),
 			cleanLock: "12345678",
 		},
 		{
 			name:      "JsonStringWithSKey",
-			lock:      createJsonString(map[string]interface{}{"S": "12345678", "F": 4, "E": 2, "C": "", "P": "3453345345346", "M": "12345678"}),
+			lock:      createJsonString(map[string]any{"S": "12345678", "F": 4, "E": 2, "C": "", "P": "3453345345346", "M": "12345678"}),
 			cleanLock: "12345678",
 		},
 		{
@@ -30,7 +30,7 @@ func TestLegacyLockParser(t *testing.T) {
 		},
 		{
 			name:      "JsonStringUnknownFormat",
-			lock:      createJsonString(map[string]interface{}{"A": "12345678", "F": 4, "E": 2, "C": "", "P": "3453345345346", "X": "12345678"}),
+			lock:      createJsonString(map[string]any{"A": "12345678", "F": 4, "E": 2, "C": "", "P": "3453345345346", "X": "12345678"}),
 			cleanLock: `{"A":"12345678","C":"","E":2,"F":4,"P":"3453345345346","X":"12345678"}`,
 		},
 		{
@@ -78,7 +78,7 @@ func TestNoopLockParser(t *testing.T) {
 	}
 }

-func createJsonString(input map[string]interface{}) string {
+func createJsonString(input map[string]any) string {
 	rawData, err := json.Marshal(&input)
 	if err != nil {
 		return ""
--- a/services/collaboration/pkg/middleware/wopicontext.go
+++ b/services/collaboration/pkg/middleware/wopicontext.go
@@ -90,7 +90,7 @@ func WopiContextAuthMiddleware(cfg *config.Config, st microstore.Store, next htt
 		}

 		claims := &Claims{}
-		_, err := jwt.ParseWithClaims(accessToken, claims, func(token *jwt.Token) (interface{}, error) {
+		_, err := jwt.ParseWithClaims(accessToken, claims, func(token *jwt.Token) (any, error) {

 			if _, ok := token.Method.(*jwt.SigningMethodHMAC); !ok {
 				return nil, fmt.Errorf("unexpected signing method: %v", token.Header["alg"])
@@ -111,7 +111,7 @@ func WopiContextAuthMiddleware(cfg *config.Config, st microstore.Store, next htt
 			http.Error(w, http.StatusText(http.StatusUnauthorized), http.StatusUnauthorized)
 			return
 		}
-		tokenManager, err := rjwt.New(map[string]interface{}{
+		tokenManager, err := rjwt.New(map[string]any{
 			"secret":  cfg.TokenManager.JWTSecret,
 			"expires": int64(24 * 60 * 60),
 		})
@@ -249,7 +249,7 @@ func parseWopiFileID(cfg *config.Config, path string) string {
 	}
 	// check if the fileid is a jwt
 	if strings.Contains(s[3], ".") {
-		token, err := jwt.Parse(s[3], func(_ *jwt.Token) (interface{}, error) {
+		token, err := jwt.Parse(s[3], func(_ *jwt.Token) (any, error) {
 			return []byte(cfg.Wopi.ProxySecret), nil
 		})
 		if err != nil {
--- a/services/collaboration/pkg/middleware/wopicontext_test.go
+++ b/services/collaboration/pkg/middleware/wopicontext_test.go
@@ -49,7 +49,7 @@ var _ = Describe("Wopi Context Middleware", func() {
 		})
 		mw = middleware.WopiContextAuthMiddleware(cfg, nil, next)

-		tknMngr, err = rjwt.New(map[string]interface{}{
+		tknMngr, err = rjwt.New(map[string]any{
 			"secret":  cfg.TokenManager.JWTSecret,
 			"expires": int64(24 * 60 * 60),
 		})
--- a/services/eventhistory/pkg/service/service.go
+++ b/services/eventhistory/pkg/service/service.go
@@ -63,7 +63,7 @@ func (eh *EventHistoryService) StoreEvents() {
 			Key:    event.ID,
 			Value:  ev,
 			Expiry: eh.cfg.Store.TTL,
-			Metadata: map[string]interface{}{
+			Metadata: map[string]any{
 				"type": event.Type,
 			},
 		}); err != nil {
--- a/services/eventhistory/pkg/service/service_test.go
+++ b/services/eventhistory/pkg/service/service_test.go
@@ -121,7 +121,7 @@ func (tb testBus) Consume(_ string, _ ...microevents.ConsumeOption) (<-chan micr
 	return ch, nil
 }

-func (tb testBus) Publish(e interface{}) string {
+func (tb testBus) Publish(e any) string {
 	ev := events.Event{
 		ID:    uuid.New().String(),
 		Type:  reflect.TypeOf(e).String(),
--- a/services/frontend/pkg/revaconfig/config.go
+++ b/services/frontend/pkg/revaconfig/config.go
@@ -18,7 +18,7 @@ import (
 )

 // FrontendConfigFromStruct will adapt an OpenCloud config struct into a reva mapstructure to start a reva service.
-func FrontendConfigFromStruct(cfg *config.Config, logger log.Logger) (map[string]interface{}, error) {
+func FrontendConfigFromStruct(cfg *config.Config, logger log.Logger) (map[string]any, error) {
 	webURL, err := url.Parse(cfg.PublicURL)
 	if err != nil {
 		return nil, err
@@ -32,7 +32,7 @@ func FrontendConfigFromStruct(cfg *config.Config, logger log.Logger) (map[string
 		return nil, err
 	}

-	archivers := []map[string]interface{}{
+	archivers := []map[string]any{
 		{
 			"enabled":       true,
 			"version":       "2.0.0",
@@ -43,7 +43,7 @@ func FrontendConfigFromStruct(cfg *config.Config, logger log.Logger) (map[string
 		},
 	}

-	appProviders := []map[string]interface{}{
+	appProviders := []map[string]any{
 		{
 			"enabled":      true,
 			"version":      "1.1.0",
@@ -54,7 +54,7 @@ func FrontendConfigFromStruct(cfg *config.Config, logger log.Logger) (map[string
 		},
 	}

-	filesCfg := map[string]interface{}{
+	filesCfg := map[string]any{
 		"private_links":     true,
 		"bigfilechunking":   false,
 		"blacklisted_files": []string{},
@@ -68,7 +68,7 @@ func FrontendConfigFromStruct(cfg *config.Config, logger log.Logger) (map[string
 	}

 	if cfg.DefaultUploadProtocol == "tus" {
-		filesCfg["tus_support"] = map[string]interface{}{
+		filesCfg["tus_support"] = map[string]any{
 			"version":              "1.0.0",
 			"resumable":            "1.0.0",
 			"extension":            "creation,creation-with-upload",
@@ -87,19 +87,19 @@ func FrontendConfigFromStruct(cfg *config.Config, logger log.Logger) (map[string
 		changePasswordDisabled = true
 	}

-	return map[string]interface{}{
-		"shared": map[string]interface{}{
+	return map[string]any{
+		"shared": map[string]any{
 			"jwt_secret":                cfg.TokenManager.JWTSecret,
 			"gatewaysvc":                cfg.Reva.Address, // Todo or address?
 			"skip_user_groups_in_token": cfg.SkipUserGroupsInToken,
 			"grpc_client_options":       cfg.Reva.GetGRPCClientConfig(),
 			"multi_tenant_enabled":      cfg.Commons.MultiTenantEnabled,
 		},
-		"http": map[string]interface{}{
+		"http": map[string]any{
 			"network": cfg.HTTP.Protocol,
 			"address": cfg.HTTP.Addr,
-			"middlewares": map[string]interface{}{
-				"cors": map[string]interface{}{
+			"middlewares": map[string]any{
+				"cors": map[string]any{
 					"allowed_origins":   cfg.HTTP.CORS.AllowedOrigins,
 					"allowed_methods":   cfg.HTTP.CORS.AllowedMethods,
 					"allowed_headers":   cfg.HTTP.CORS.AllowedHeaders,
@@ -111,29 +111,29 @@ func FrontendConfigFromStruct(cfg *config.Config, logger log.Logger) (map[string
 					//"priority": ,
 					//"exposed_headers": ,
 				},
-				"auth": map[string]interface{}{
+				"auth": map[string]any{
 					"credentials_by_user_agent": cfg.Middleware.Auth.CredentialsByUserAgent,
 				},
-				"prometheus": map[string]interface{}{
+				"prometheus": map[string]any{
 					"namespace": "opencloud",
 					"subsystem": "frontend",
 				},
-				"requestid": map[string]interface{}{},
+				"requestid": map[string]any{},
 			},
 			// TODO build services dynamically
-			"services": map[string]interface{}{
+			"services": map[string]any{
 				// this reva service called "appprovider" comes from
 				// `internal/http/services/appprovider` and is a translation
 				// layer from the grpc app registry to http, used by e.g. OpenCloud Web
 				// It should not be confused with `internal/grpc/services/appprovider`
 				// which is currently only the driver for the CS3org WOPI server
-				"appprovider": map[string]interface{}{
+				"appprovider": map[string]any{
 					"prefix":                 cfg.AppHandler.Prefix,
 					"transfer_shared_secret": cfg.TransferSecret,
 					"timeout":                86400,
 					"insecure":               cfg.AppHandler.Insecure,
 					"webbaseuri":             webOpenInAppURL,
-					"web": map[string]interface{}{
+					"web": map[string]any{
 						"urlparamsmapping": map[string]string{
 							// param -> value mapper
 							// these mappers are static and are only subject to change when changed in oC Web
@@ -146,24 +146,24 @@ func FrontendConfigFromStruct(cfg *config.Config, logger log.Logger) (map[string
 					},
 					"secure_view_app_addr": cfg.AppHandler.SecureViewAppAddr,
 				},
-				"archiver": map[string]interface{}{
+				"archiver": map[string]any{
 					"prefix":        cfg.Archiver.Prefix,
 					"timeout":       86400,
 					"insecure":      cfg.Archiver.Insecure,
 					"max_num_files": cfg.Archiver.MaxNumFiles,
 					"max_size":      cfg.Archiver.MaxSize,
 				},
-				"datagateway": map[string]interface{}{
+				"datagateway": map[string]any{
 					"prefix":                 cfg.DataGateway.Prefix,
 					"transfer_shared_secret": cfg.TransferSecret,
 					"timeout":                86400,
 					"insecure":               true,
 				},
-				"ocs": map[string]interface{}{
+				"ocs": map[string]any{
 					"storage_registry_svc": cfg.Reva.Address,
 					"share_prefix":         cfg.OCS.SharePrefix,
 					"home_namespace":       cfg.OCS.HomeNamespace,
-					"stat_cache_config": map[string]interface{}{
+					"stat_cache_config": map[string]any{
 						"cache_store":               cfg.OCS.StatCacheType,
 						"cache_nodes":               cfg.OCS.StatCacheNodes,
 						"cache_database":            cfg.OCS.StatCacheDatabase,
@@ -179,8 +179,8 @@ func FrontendConfigFromStruct(cfg *config.Config, logger log.Logger) (map[string
 					"enable_denials":            cfg.OCS.EnableDenials,
 					"list_ocm_shares":           cfg.OCS.ListOCMShares,
 					"cache_warmup_driver":       cfg.OCS.CacheWarmupDriver,
-					"cache_warmup_drivers": map[string]interface{}{
-						"cbox": map[string]interface{}{
+					"cache_warmup_drivers": map[string]any{
+						"cbox": map[string]any{
 							"db_username": cfg.OCS.CacheWarmupDrivers.CBOX.DBUsername,
 							"db_password": cfg.OCS.CacheWarmupDrivers.CBOX.DBPassword,
 							"db_host":     cfg.OCS.CacheWarmupDrivers.CBOX.DBHost,
@@ -190,7 +190,7 @@ func FrontendConfigFromStruct(cfg *config.Config, logger log.Logger) (map[string
 							"gatewaysvc":  cfg.Reva.Address,
 						},
 					},
-					"config": map[string]interface{}{
+					"config": map[string]any{
 						"version": "1.7",
 						"website": "OpenCloud",
 						"host":    cfg.PublicURL,
@@ -198,12 +198,12 @@ func FrontendConfigFromStruct(cfg *config.Config, logger log.Logger) (map[string
 						"ssl":     "false",
 					},
 					"default_upload_protocol": cfg.DefaultUploadProtocol,
-					"capabilities": map[string]interface{}{
-						"capabilities": map[string]interface{}{
-							"core": map[string]interface{}{
+					"capabilities": map[string]any{
+						"capabilities": map[string]any{
+							"core": map[string]any{
 								"poll_interval": 60,
 								"webdav_root":   "remote.php/webdav",
-								"status": map[string]interface{}{
+								"status": map[string]any{
 									"installed":      true,
 									"maintenance":    false,
 									"needsDbUpgrade": false,
@@ -220,9 +220,9 @@ func FrontendConfigFromStruct(cfg *config.Config, logger log.Logger) (map[string
 								"support_sse":         !cfg.DisableSSE,
 								"support_radicale":    !cfg.DisableRadicale,
 							},
-							"graph": map[string]interface{}{
+							"graph": map[string]any{
 								"personal_data_export": true,
-								"users": map[string]interface{}{
+								"users": map[string]any{
 									"read_only_attributes":          readOnlyUserAttributes,
 									"create_disabled":               !cfg.LDAPServerWriteEnabled,
 									"delete_disabled":               !cfg.LDAPServerWriteEnabled,
@@ -230,15 +230,15 @@ func FrontendConfigFromStruct(cfg *config.Config, logger log.Logger) (map[string
 									"edit_login_allowed_disabled":   cfg.EditLoginAllowedDisabled,
 								},
 							},
-							"checksums": map[string]interface{}{
+							"checksums": map[string]any{
 								"supported_types":       cfg.Checksums.SupportedTypes,
 								"preferred_upload_type": cfg.Checksums.PreferredUploadType,
 							},
 							"files": filesCfg,
-							"dav": map[string]interface{}{
+							"dav": map[string]any{
 								"reports": []string{"search-files"},
 							},
-							"files_sharing": map[string]interface{}{
+							"files_sharing": map[string]any{
 								"api_enabled":                       true,
 								"group_sharing":                     true,
 								"sharing_roles":                     true,
@@ -248,7 +248,7 @@ func FrontendConfigFromStruct(cfg *config.Config, logger log.Logger) (map[string
 								"share_with_membership_groups_only": true,
 								"default_permissions":               22,
 								"search_min_length":                 cfg.SearchMinLength,
-								"public": map[string]interface{}{
+								"public": map[string]any{
 									"alias":                      true,
 									"enabled":                    true,
 									"send_mail":                  true,
@@ -258,43 +258,43 @@ func FrontendConfigFromStruct(cfg *config.Config, logger log.Logger) (map[string
 									"multiple":                   true,
 									"supports_upload_only":       true,
 									"default_permissions":        cfg.DefaultLinkPermissions,
-									"password": map[string]interface{}{
+									"password": map[string]any{
 										"enforced": false,
-										"enforced_for": map[string]interface{}{
+										"enforced_for": map[string]any{
 											"read_only":         cfg.OCS.PublicShareMustHavePassword,
 											"read_write":        cfg.OCS.WriteablePublicShareMustHavePassword,
 											"read_write_delete": cfg.OCS.WriteablePublicShareMustHavePassword,
 											"upload_only":       cfg.OCS.WriteablePublicShareMustHavePassword,
 										},
 									},
-									"expire_date": map[string]interface{}{
+									"expire_date": map[string]any{
 										"enabled": false,
 									},
 									"can_edit": true,
 								},
-								"user": map[string]interface{}{
+								"user": map[string]any{
 									"send_mail":       true,
 									"profile_picture": false,
-									"settings": []map[string]interface{}{
+									"settings": []map[string]any{
 										{
 											"enabled": true,
 											"version": "1.0.0",
 										},
 									},
-									"expire_date": map[string]interface{}{
+									"expire_date": map[string]any{
 										"enabled": true,
 									},
 								},
-								"user_enumeration": map[string]interface{}{
+								"user_enumeration": map[string]any{
 									"enabled":            true,
 									"group_members_only": true,
 								},
-								"federation": map[string]interface{}{
+								"federation": map[string]any{
 									"outgoing": cfg.EnableFederatedSharingOutgoing,
 									"incoming": cfg.EnableFederatedSharingIncoming,
 								},
 							},
-							"spaces": map[string]interface{}{
+							"spaces": map[string]any{
 								"version":    "1.0.0",
 								"enabled":    true,
 								"projects":   true,
@@ -302,49 +302,49 @@ func FrontendConfigFromStruct(cfg *config.Config, logger log.Logger) (map[string
 								"max_quota":  cfg.MaxQuota,
 							},
 							"theme": capabilities.Default().Theme,
-							"search": map[string]interface{}{
-								"property": map[string]interface{}{
-									"name": map[string]interface{}{
+							"search": map[string]any{
+								"property": map[string]any{
+									"name": map[string]any{
 										"enabled": true,
 									},
-									"mtime": map[string]interface{}{
+									"mtime": map[string]any{
 										"keywords": []string{"today", "last 7 days", "last 30 days", "this year", "last year"},
 										"enabled":  true,
 									},
-									"size": map[string]interface{}{
+									"size": map[string]any{
 										"enabled": false,
 									},
-									"mediatype": map[string]interface{}{
+									"mediatype": map[string]any{
 										"keywords": []string{"document", "spreadsheet", "presentation", "pdf", "image", "video", "audio", "folder", "archive"},
 										"enabled":  true,
 									},
-									"type": map[string]interface{}{
+									"type": map[string]any{
 										"enabled": true,
 									},
-									"tag": map[string]interface{}{
+									"tag": map[string]any{
 										"enabled": true,
 									},
-									"tags": map[string]interface{}{
+									"tags": map[string]any{
 										"enabled": true,
 									},
-									"content": map[string]interface{}{
+									"content": map[string]any{
 										"enabled": true,
 									},
-									"scope": map[string]interface{}{
+									"scope": map[string]any{
 										"enabled": true,
 									},
 								},
 							},
 							"password_policy": passwordPolicyCfg,
-							"notifications": map[string]interface{}{
+							"notifications": map[string]any{
 								"endpoints":    []string{"list", "get", "delete"},
 								"configurable": cfg.ConfigurableNotifications,
 							},
-							"groupware": map[string]interface{}{
+							"groupware": map[string]any{
 								"enabled": cfg.Groupware.Enabled,
 							},
 						},
-						"version": map[string]interface{}{
+						"version": map[string]any{
 							"product":        "OpenCloud",
 							"edition":        version.Edition,
 							"major":          version.ParsedLegacy().Major(),
@@ -357,7 +357,7 @@ func FrontendConfigFromStruct(cfg *config.Config, logger log.Logger) (map[string
 					"include_ocm_sharees":   cfg.OCS.IncludeOCMSharees,
 					"show_email_in_results": cfg.OCS.ShowUserEmailInResults,
 				},
-				"ocdav": map[string]interface{}{
+				"ocdav": map[string]any{
 					"prefix":           cfg.OCDav.Prefix,
 					"files_namespace":  cfg.OCDav.FilesNamespace,
 					"webdav_namespace": cfg.OCDav.WebdavNamespace,
@@ -378,7 +378,7 @@ func FrontendConfigFromStruct(cfg *config.Config, logger log.Logger) (map[string
 					"product_name":         "OpenCloud",
 					"product_version":      version.GetString(),
 					"allow_depth_infinity": cfg.OCDav.AllowPropfindDepthInfinity,
-					"validation": map[string]interface{}{
+					"validation": map[string]any{
 						"invalid_chars": cfg.OCDav.NameValidation.InvalidChars,
 						"max_length":    cfg.OCDav.NameValidation.MaxLength,
 					},
@@ -418,10 +418,10 @@ func fileExists(path string) bool {
 	return !info.IsDir()
 }

-func passwordPolicyConfig(cfg *config.Config) (map[string]interface{}, error) {
+func passwordPolicyConfig(cfg *config.Config) (map[string]any, error) {
 	_maxCharacters := 72
 	if cfg.PasswordPolicy.Disabled {
-		return map[string]interface{}{
+		return map[string]any{
 			"max_characters":        _maxCharacters,
 			"banned_passwords_list": nil,
 		}, nil
@@ -434,7 +434,7 @@ func passwordPolicyConfig(cfg *config.Config) (map[string]interface{}, error) {
 			return nil, fmt.Errorf("failed to load the banned passwords from a file %s: %w", cfg.PasswordPolicy.BannedPasswordsList, err)
 		}
 	}
-	return map[string]interface{}{
+	return map[string]any{
 		"max_characters":           _maxCharacters,
 		"min_digits":               cfg.PasswordPolicy.MinDigits,
 		"min_characters":           cfg.PasswordPolicy.MinCharacters,
--- a/services/gateway/pkg/revaconfig/config.go
+++ b/services/gateway/pkg/revaconfig/config.go
@@ -12,28 +12,28 @@ import (
 )

 // GatewayConfigFromStruct will adapt an OpenCloud config struct into a reva mapstructure to start a reva service.
-func GatewayConfigFromStruct(cfg *config.Config, logger log.Logger) map[string]interface{} {
+func GatewayConfigFromStruct(cfg *config.Config, logger log.Logger) map[string]any {
 	localEndpoint := pkgconfig.LocalEndpoint(cfg.GRPC.Protocol, cfg.GRPC.Addr)

-	rcfg := map[string]interface{}{
-		"shared": map[string]interface{}{
+	rcfg := map[string]any{
+		"shared": map[string]any{
 			"jwt_secret":                cfg.TokenManager.JWTSecret,
 			"gatewaysvc":                cfg.Reva.Address,
 			"skip_user_groups_in_token": cfg.SkipUserGroupsInToken,
 			"grpc_client_options":       cfg.Reva.GetGRPCClientConfig(),
 			"multi_tenant_enabled":      cfg.Commons.MultiTenantEnabled,
 		},
-		"grpc": map[string]interface{}{
+		"grpc": map[string]any{
 			"network": cfg.GRPC.Protocol,
 			"address": cfg.GRPC.Addr,
-			"tls_settings": map[string]interface{}{
+			"tls_settings": map[string]any{
 				"enabled":     cfg.GRPC.TLS.Enabled,
 				"certificate": cfg.GRPC.TLS.Cert,
 				"key":         cfg.GRPC.TLS.Key,
 			},
 			// TODO build services dynamically
-			"services": map[string]interface{}{
-				"gateway": map[string]interface{}{
+			"services": map[string]any{
+				"gateway": map[string]any{
 					"applicationauthsvc": cfg.AuthAppEndpoint,
 					// registries are located on the gateway
 					"authregistrysvc":    localEndpoint,
@@ -59,7 +59,7 @@ func GatewayConfigFromStruct(cfg *config.Config, logger log.Logger) map[string]i
 					"transfer_shared_secret":         cfg.TransferSecret,
 					"transfer_expires":               cfg.TransferExpires,
 					// cache and TTLs
-					"provider_cache_config": map[string]interface{}{
+					"provider_cache_config": map[string]any{
 						"cache_store":         cfg.Cache.ProviderCacheStore,
 						"cache_nodes":         cfg.Cache.ProviderCacheNodes,
 						"cache_database":      cfg.Cache.ProviderCacheDatabase,
@@ -69,7 +69,7 @@ func GatewayConfigFromStruct(cfg *config.Config, logger log.Logger) map[string]i
 						"cache_auth_username": cfg.Cache.ProviderCacheAuthUsername,
 						"cache_auth_password": cfg.Cache.ProviderCacheAuthPassword,
 					},
-					"create_personal_space_cache_config": map[string]interface{}{
+					"create_personal_space_cache_config": map[string]any{
 						"cache_store":               cfg.Cache.CreateHomeCacheStore,
 						"cache_nodes":               cfg.Cache.CreateHomeCacheNodes,
 						"cache_database":            cfg.Cache.CreateHomeCacheDatabase,
@@ -80,11 +80,11 @@ func GatewayConfigFromStruct(cfg *config.Config, logger log.Logger) map[string]i
 						"cache_auth_password":       cfg.Cache.CreateHomeCacheAuthPassword,
 					},
 				},
-				"authregistry": map[string]interface{}{
+				"authregistry": map[string]any{
 					"driver": "static",
-					"drivers": map[string]interface{}{
-						"static": map[string]interface{}{
-							"rules": map[string]interface{}{
+					"drivers": map[string]any{
+						"static": map[string]any{
+							"rules": map[string]any{
 								"appauth":         cfg.AuthAppEndpoint,
 								"basic":           cfg.AuthBasicEndpoint,
 								"machine":         cfg.AuthMachineEndpoint,
@@ -95,17 +95,17 @@ func GatewayConfigFromStruct(cfg *config.Config, logger log.Logger) map[string]i
 						},
 					},
 				},
-				"storageregistry": map[string]interface{}{
+				"storageregistry": map[string]any{
 					"driver": cfg.StorageRegistry.Driver,
-					"drivers": map[string]interface{}{
-						"spaces": map[string]interface{}{
+					"drivers": map[string]any{
+						"spaces": map[string]any{
 							"providers": spacesProviders(cfg, logger),
 						},
 					},
 				},
 			},
-			"interceptors": map[string]interface{}{
-				"prometheus": map[string]interface{}{
+			"interceptors": map[string]any{
+				"prometheus": map[string]any{
 					"namespace": "opencloud",
 					"subsystem": "gateway",
 				},
@@ -115,14 +115,14 @@ func GatewayConfigFromStruct(cfg *config.Config, logger log.Logger) map[string]i
 	return rcfg
 }

-func spacesProviders(cfg *config.Config, logger log.Logger) map[string]map[string]interface{} {
+func spacesProviders(cfg *config.Config, logger log.Logger) map[string]map[string]any {

 	// if a list of rules is given it overrides the generated rules from below
 	if len(cfg.StorageRegistry.Rules) > 0 {
-		rules := map[string]map[string]interface{}{}
+		rules := map[string]map[string]any{}
 		for i := range cfg.StorageRegistry.Rules {
 			parts := strings.SplitN(cfg.StorageRegistry.Rules[i], "=", 2)
-			rules[parts[0]] = map[string]interface{}{"address": parts[1]}
+			rules[parts[0]] = map[string]any{"address": parts[1]}
 		}
 		return rules
 	}
@@ -134,7 +134,7 @@ func spacesProviders(cfg *config.Config, logger log.Logger) map[string]map[strin
 			logger.Error().Err(err).Msg("Failed to read storage registry rules from JSON file: " + cfg.StorageRegistry.JSON)
 			return nil
 		}
-		var rules map[string]map[string]interface{}
+		var rules map[string]map[string]any
 		if err = json.Unmarshal(data, &rules); err != nil {
 			logger.Error().Err(err).Msg("Failed to unmarshal storage registry rules")
 			return nil
@@ -142,15 +142,15 @@ func spacesProviders(cfg *config.Config, logger log.Logger) map[string]map[strin
 		return rules
 	}
 	// generate rules based on default config
-	return map[string]map[string]interface{}{
+	return map[string]map[string]any{
 		cfg.StorageUsersEndpoint: {
 			"providerid": cfg.StorageRegistry.StorageUsersMountID,
-			"spaces": map[string]interface{}{
-				"personal": map[string]interface{}{
+			"spaces": map[string]any{
+				"personal": map[string]any{
 					"mount_point":   "/users",
 					"path_template": "/users/{{.Space.Owner.Id.OpaqueId}}",
 				},
-				"project": map[string]interface{}{
+				"project": map[string]any{
 					"mount_point":   "/projects",
 					"path_template": "/projects/{{.Space.Name}}",
 				},
@@ -158,16 +158,16 @@ func spacesProviders(cfg *config.Config, logger log.Logger) map[string]map[strin
 		},
 		cfg.StorageSharesEndpoint: {
 			"providerid": utils.ShareStorageProviderID,
-			"spaces": map[string]interface{}{
-				"virtual": map[string]interface{}{
+			"spaces": map[string]any{
+				"virtual": map[string]any{
 					// The root of the share jail is mounted here
 					"mount_point": "/users/{{.CurrentUser.Id.OpaqueId}}/Shares",
 				},
-				"grant": map[string]interface{}{
+				"grant": map[string]any{
 					// Grants are relative to a space root that the gateway will determine with a stat
 					"mount_point": ".",
 				},
-				"mountpoint": map[string]interface{}{
+				"mountpoint": map[string]any{
 					// The jail needs to be filled with mount points
 					// .Space.Name is a path relative to the mount point
 					"mount_point":   "/users/{{.CurrentUser.Id.OpaqueId}}/Shares",
@@ -178,11 +178,11 @@ func spacesProviders(cfg *config.Config, logger log.Logger) map[string]map[strin
 		// public link storage returns the mount id of the actual storage
 		cfg.StoragePublicLinkEndpoint: {
 			"providerid": utils.PublicStorageProviderID,
-			"spaces": map[string]interface{}{
-				"grant": map[string]interface{}{
+			"spaces": map[string]any{
+				"grant": map[string]any{
 					"mount_point": ".",
 				},
-				"mountpoint": map[string]interface{}{
+				"mountpoint": map[string]any{
 					"mount_point":   "/public",
 					"path_template": "/public/{{.Space.Root.OpaqueId}}",
 				},
@@ -190,11 +190,11 @@ func spacesProviders(cfg *config.Config, logger log.Logger) map[string]map[strin
 		},
 		cfg.OCMEndpoint: {
 			"providerid": utils.OCMStorageProviderID,
-			"spaces": map[string]interface{}{
-				"grant": map[string]interface{}{
+			"spaces": map[string]any{
+				"grant": map[string]any{
 					"mount_point": ".",
 				},
-				"mountpoint": map[string]interface{}{
+				"mountpoint": map[string]any{
 					"mount_point":   "/ocm",
 					"path_template": "/ocm/{{.Space.Root.OpaqueId}}",
 				},
--- a/services/graph/pkg/errorcode/errorcode.go
+++ b/services/graph/pkg/errorcode/errorcode.go
@@ -114,7 +114,7 @@ func (e ErrorCode) Render(w http.ResponseWriter, r *http.Request, status int, ms

 // CreateOdataError creates and populates a Graph ErrorCode object
 func (e ErrorCode) CreateOdataError(ctx context.Context, msg string) *libregraph.OdataError {
-	innererror := map[string]interface{}{
+	innererror := map[string]any{
 		"date": time.Now().UTC().Format(time.RFC3339),
 	}

--- a/services/graph/pkg/identity/ldap_education_class_test.go
+++ b/services/graph/pkg/identity/ldap_education_class_test.go
@@ -6,8 +6,8 @@ import (
 	"testing"

 	"github.com/go-ldap/ldap/v3"
-	"github.com/opencloud-eu/opencloud/services/graph/pkg/identity/mocks"
 	libregraph "github.com/opencloud-eu/libre-graph-api-go"
+	"github.com/opencloud-eu/opencloud/services/graph/pkg/identity/mocks"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/mock"
 )
@@ -333,7 +333,7 @@ func TestLDAP_UpdateEducationClass(t *testing.T) {
 		modifyDNData modifyDNData
 		modifyData   modifyData
 		searchData   searchData
-		assertion    func(assert.TestingT, error, ...interface{}) bool
+		assertion    func(assert.TestingT, error, ...any) bool
 	}{
 		{
 			name: "Change name",
@@ -343,7 +343,7 @@ func TestLDAP_UpdateEducationClass(t *testing.T) {
 					DisplayName: "Math-2",
 				},
 			},
-			assertion: func(tt assert.TestingT, err error, i ...interface{}) bool { return assert.Nil(tt, err) },
+			assertion: func(tt assert.TestingT, err error, i ...any) bool { return assert.Nil(tt, err) },
 			modifyData: modifyData{
 				arg: &ldap.ModifyRequest{
 					DN: "openCloudEducationExternalId=Math0123",
@@ -377,7 +377,7 @@ func TestLDAP_UpdateEducationClass(t *testing.T) {
 					ExternalId: &externalIDs[0],
 				},
 			},
-			assertion: func(tt assert.TestingT, err error, i ...interface{}) bool { return assert.Nil(tt, err) },
+			assertion: func(tt assert.TestingT, err error, i ...any) bool { return assert.Nil(tt, err) },
 			modifyData: modifyData{
 				arg: &ldap.ModifyRequest{},
 			},
@@ -406,7 +406,7 @@ func TestLDAP_UpdateEducationClass(t *testing.T) {
 					ExternalId:  &externalIDs[0],
 				},
 			},
-			assertion: func(tt assert.TestingT, err error, i ...interface{}) bool { return assert.Nil(tt, err) },
+			assertion: func(tt assert.TestingT, err error, i ...any) bool { return assert.Nil(tt, err) },
 			modifyData: modifyData{
 				arg: &ldap.ModifyRequest{
 					DN: "openCloudEducationExternalId=Math3210,ou=groups,dc=test",
@@ -445,7 +445,7 @@ func TestLDAP_UpdateEducationClass(t *testing.T) {
 					Id: &changeString,
 				},
 			},
-			assertion: func(tt assert.TestingT, err error, i ...interface{}) bool { return assert.Error(tt, err) },
+			assertion: func(tt assert.TestingT, err error, i ...any) bool { return assert.Error(tt, err) },
 			modifyData: modifyData{
 				arg: &ldap.ModifyRequest{},
 			},
@@ -468,7 +468,7 @@ func TestLDAP_UpdateEducationClass(t *testing.T) {
 					Description: &changeString,
 				},
 			},
-			assertion: func(tt assert.TestingT, err error, i ...interface{}) bool { return assert.Error(tt, err) },
+			assertion: func(tt assert.TestingT, err error, i ...any) bool { return assert.Error(tt, err) },
 			modifyData: modifyData{
 				arg: &ldap.ModifyRequest{},
 			},
@@ -491,7 +491,7 @@ func TestLDAP_UpdateEducationClass(t *testing.T) {
 					Classification: changeString,
 				},
 			},
-			assertion: func(tt assert.TestingT, err error, i ...interface{}) bool { return assert.Error(tt, err) },
+			assertion: func(tt assert.TestingT, err error, i ...any) bool { return assert.Error(tt, err) },
 			modifyData: modifyData{
 				arg: &ldap.ModifyRequest{},
 			},
@@ -514,7 +514,7 @@ func TestLDAP_UpdateEducationClass(t *testing.T) {
 					Members: []libregraph.User{*libregraph.NewUser("display name", "username")},
 				},
 			},
-			assertion: func(tt assert.TestingT, err error, i ...interface{}) bool { return assert.Error(tt, err) },
+			assertion: func(tt assert.TestingT, err error, i ...any) bool { return assert.Error(tt, err) },
 			modifyData: modifyData{
 				arg: &ldap.ModifyRequest{},
 			},
--- a/services/graph/pkg/identity/ldap_group_test.go
+++ b/services/graph/pkg/identity/ldap_group_test.go
@@ -327,8 +327,8 @@ func TestUpdateGroupName(t *testing.T) {

 	type mockInputs struct {
 		funcName string
-		args     []interface{}
-		returns  []interface{}
+		args     []any
+		returns  []any
 	}

 	tests := []struct {
@@ -343,13 +343,13 @@ func TestUpdateGroupName(t *testing.T) {
 				groupId: "some-uuid-string",
 				newName: "TheGroup",
 			},
-			assertion: func(t assert.TestingT, err error, args ...interface{}) bool {
+			assertion: func(t assert.TestingT, err error, args ...any) bool {
 				return assert.Nil(t, err, args...)
 			},
 			ldapMocks: []mockInputs{
 				{
 					funcName: "Search",
-					args: []interface{}{
+					args: []any{
 						ldap.NewSearchRequest(
 							"ou=groups,dc=test",
 							ldap.ScopeWholeSubtree,
@@ -359,7 +359,7 @@ func TestUpdateGroupName(t *testing.T) {
 							nil,
 						),
 					},
-					returns: []interface{}{
+					returns: []any{
 						&ldap.SearchResult{
 							Entries: []*ldap.Entry{
 								{
@@ -384,13 +384,13 @@ func TestUpdateGroupName(t *testing.T) {
 				groupId: "some-uuid-string",
 				newName: "TheGroupWithShinyNewName",
 			},
-			assertion: func(t assert.TestingT, err error, args ...interface{}) bool {
+			assertion: func(t assert.TestingT, err error, args ...any) bool {
 				return assert.Nil(t, err, args...)
 			},
 			ldapMocks: []mockInputs{
 				{
 					funcName: "Search",
-					args: []interface{}{
+					args: []any{
 						ldap.NewSearchRequest(
 							"ou=groups,dc=test",
 							ldap.ScopeWholeSubtree,
@@ -400,7 +400,7 @@ func TestUpdateGroupName(t *testing.T) {
 							nil,
 						),
 					},
-					returns: []interface{}{
+					returns: []any{
 						&ldap.SearchResult{
 							Entries: []*ldap.Entry{
 								{
@@ -419,7 +419,7 @@ func TestUpdateGroupName(t *testing.T) {
 				},
 				{
 					funcName: "ModifyDN",
-					args: []interface{}{
+					args: []any{
 						&ldap.ModifyDNRequest{
 							DN:           groupDn,
 							NewRDN:       "cn=TheGroupWithShinyNewName",
@@ -428,7 +428,7 @@ func TestUpdateGroupName(t *testing.T) {
 							Controls:     []ldap.Control(nil),
 						},
 					},
-					returns: []interface{}{
+					returns: []any{
 						nil,
 					},
 				},
--- a/services/graph/pkg/identity/ldap_test.go
+++ b/services/graph/pkg/identity/ldap_test.go
@@ -405,8 +405,8 @@ func TestUpdateUser(t *testing.T) {
 	}
 	type mockInputs struct {
 		funcName string
-		args     []interface{}
-		returns  []interface{}
+		args     []any
+		returns  []any
 	}
 	tests := []struct {
 		name      string
@@ -424,13 +424,13 @@ func TestUpdateUser(t *testing.T) {
 				},
 			},
 			want: nil,
-			assertion: func(t assert.TestingT, err error, args ...interface{}) bool {
+			assertion: func(t assert.TestingT, err error, args ...any) bool {
 				return assert.NotNil(t, err, args...)
 			},
 			ldapMocks: []mockInputs{
 				{
 					funcName: "Search",
-					args: []interface{}{
+					args: []any{
 						ldap.NewSearchRequest(
 							"ou=people,dc=test",
 							ldap.ScopeWholeSubtree,
@@ -440,7 +440,7 @@ func TestUpdateUser(t *testing.T) {
 							nil,
 						),
 					},
-					returns: []interface{}{
+					returns: []any{
 						&ldap.SearchResult{
 							Entries: []*ldap.Entry{
 								{
@@ -469,13 +469,13 @@ func TestUpdateUser(t *testing.T) {
 				accountEnabled:           nil,
 				userType:                 &memberType,
 			},
-			assertion: func(t assert.TestingT, err error, args ...interface{}) bool {
+			assertion: func(t assert.TestingT, err error, args ...any) bool {
 				return assert.Nil(t, err, args...)
 			},
 			ldapMocks: []mockInputs{
 				{
 					funcName: "Search",
-					args: []interface{}{
+					args: []any{
 						ldap.NewSearchRequest(
 							"ou=people,dc=test",
 							ldap.ScopeWholeSubtree,
@@ -485,7 +485,7 @@ func TestUpdateUser(t *testing.T) {
 							nil,
 						),
 					},
-					returns: []interface{}{
+					returns: []any{
 						&ldap.SearchResult{
 							Entries: []*ldap.Entry{
 								{
@@ -516,7 +516,7 @@ func TestUpdateUser(t *testing.T) {
 				},
 				{
 					funcName: "Search",
-					args: []interface{}{
+					args: []any{
 						&ldap.SearchRequest{
 							BaseDN:       "uid=oldName",
 							Scope:        0,
@@ -529,7 +529,7 @@ func TestUpdateUser(t *testing.T) {
 							Controls:     []ldap.Control(nil),
 						},
 					},
-					returns: []interface{}{
+					returns: []any{
 						&ldap.SearchResult{
 							Entries: []*ldap.Entry{
 								{
@@ -564,7 +564,7 @@ func TestUpdateUser(t *testing.T) {
 				},
 				{
 					funcName: "Modify",
-					args: []interface{}{
+					args: []any{
 						&ldap.ModifyRequest{
 							DN: "uid=oldName",
 							Changes: []ldap.Change{
@@ -579,7 +579,7 @@ func TestUpdateUser(t *testing.T) {
 							Controls: []ldap.Control(nil),
 						},
 					},
-					returns: []interface{}{nil},
+					returns: []any{nil},
 				},
 			},
 		},
@@ -599,13 +599,13 @@ func TestUpdateUser(t *testing.T) {
 				accountEnabled:           nil,
 				userType:                 &memberType,
 			},
-			assertion: func(t assert.TestingT, err error, args ...interface{}) bool {
+			assertion: func(t assert.TestingT, err error, args ...any) bool {
 				return assert.Nil(t, err, args...)
 			},
 			ldapMocks: []mockInputs{
 				{
 					funcName: "Search",
-					args: []interface{}{
+					args: []any{
 						ldap.NewSearchRequest(
 							"ou=people,dc=test",
 							ldap.ScopeWholeSubtree,
@@ -615,7 +615,7 @@ func TestUpdateUser(t *testing.T) {
 							nil,
 						),
 					},
-					returns: []interface{}{
+					returns: []any{
 						&ldap.SearchResult{
 							Entries: []*ldap.Entry{
 								{
@@ -646,7 +646,7 @@ func TestUpdateUser(t *testing.T) {
 				},
 				{
 					funcName: "Search",
-					args: []interface{}{
+					args: []any{
 						&ldap.SearchRequest{
 							BaseDN:       "uid=oldName",
 							Scope:        0,
@@ -659,7 +659,7 @@ func TestUpdateUser(t *testing.T) {
 							Controls:     []ldap.Control(nil),
 						},
 					},
-					returns: []interface{}{
+					returns: []any{
 						&ldap.SearchResult{
 							Entries: []*ldap.Entry{
 								{
@@ -694,7 +694,7 @@ func TestUpdateUser(t *testing.T) {
 				},
 				{
 					funcName: "Modify",
-					args: []interface{}{
+					args: []any{
 						&ldap.ModifyRequest{
 							DN: "uid=oldName",
 							Changes: []ldap.Change{
@@ -709,7 +709,7 @@ func TestUpdateUser(t *testing.T) {
 							Controls: []ldap.Control(nil),
 						},
 					},
-					returns: []interface{}{nil},
+					returns: []any{nil},
 				},
 			},
 		},
@@ -729,13 +729,13 @@ func TestUpdateUser(t *testing.T) {
 				accountEnabled:           nil,
 				userType:                 &memberType,
 			},
-			assertion: func(t assert.TestingT, err error, args ...interface{}) bool {
+			assertion: func(t assert.TestingT, err error, args ...any) bool {
 				return assert.Nil(t, err, args...)
 			},
 			ldapMocks: []mockInputs{
 				{
 					funcName: "Search",
-					args: []interface{}{
+					args: []any{
 						ldap.NewSearchRequest(
 							"ou=people,dc=test",
 							ldap.ScopeWholeSubtree,
@@ -745,7 +745,7 @@ func TestUpdateUser(t *testing.T) {
 							nil,
 						),
 					},
-					returns: []interface{}{
+					returns: []any{
 						&ldap.SearchResult{
 							Entries: []*ldap.Entry{
 								{
@@ -780,7 +780,7 @@ func TestUpdateUser(t *testing.T) {
 				},
 				{
 					funcName: "Search",
-					args: []interface{}{
+					args: []any{
 						&ldap.SearchRequest{
 							BaseDN: "ou=groups,dc=test",
 							Scope:  2, DerefAliases: 0, SizeLimit: 0, TimeLimit: 0,
@@ -790,7 +790,7 @@ func TestUpdateUser(t *testing.T) {
 							Controls:   []ldap.Control(nil),
 						},
 					},
-					returns: []interface{}{
+					returns: []any{
 						&ldap.SearchResult{
 							Entries: []*ldap.Entry{
 								{
@@ -813,7 +813,7 @@ func TestUpdateUser(t *testing.T) {
 				},
 				{
 					funcName: "ModifyDN",
-					args: []interface{}{
+					args: []any{
 						&ldap.ModifyDNRequest{
 							DN:           "uid=oldName,ou=people,dc=test,dc=net",
 							NewRDN:       "uid=newName",
@@ -822,13 +822,13 @@ func TestUpdateUser(t *testing.T) {
 							Controls:     []ldap.Control(nil),
 						},
 					},
-					returns: []interface{}{
+					returns: []any{
 						nil,
 					},
 				},
 				{
 					funcName: "Search",
-					args: []interface{}{
+					args: []any{
 						&ldap.SearchRequest{
 							BaseDN:       "uid=newName,ou=people,dc=test,dc=net",
 							Scope:        0,
@@ -841,7 +841,7 @@ func TestUpdateUser(t *testing.T) {
 							Controls:     []ldap.Control(nil),
 						},
 					},
-					returns: []interface{}{
+					returns: []any{
 						&ldap.SearchResult{
 							Entries: []*ldap.Entry{
 								{
@@ -876,7 +876,7 @@ func TestUpdateUser(t *testing.T) {
 				},
 				{
 					funcName: "Modify",
-					args: []interface{}{
+					args: []any{
 						&ldap.ModifyRequest{
 							DN: "cn=group1",
 							Changes: []ldap.Change{
@@ -898,7 +898,7 @@ func TestUpdateUser(t *testing.T) {
 							Controls: []ldap.Control(nil),
 						},
 					},
-					returns: []interface{}{nil},
+					returns: []any{nil},
 				},
 			},
 		},
@@ -919,13 +919,13 @@ func TestUpdateUser(t *testing.T) {
 				accountEnabled:           &falseBool,
 				userType:                 &memberType,
 			},
-			assertion: func(t assert.TestingT, err error, args ...interface{}) bool {
+			assertion: func(t assert.TestingT, err error, args ...any) bool {
 				return assert.Nil(t, err, args...)
 			},
 			ldapMocks: []mockInputs{
 				{
 					funcName: "Search",
-					args: []interface{}{
+					args: []any{
 						ldap.NewSearchRequest(
 							"ou=people,dc=test",
 							ldap.ScopeWholeSubtree,
@@ -935,7 +935,7 @@ func TestUpdateUser(t *testing.T) {
 							nil,
 						),
 					},
-					returns: []interface{}{
+					returns: []any{
 						&ldap.SearchResult{
 							Entries: []*ldap.Entry{
 								{
@@ -966,7 +966,7 @@ func TestUpdateUser(t *testing.T) {
 				},
 				{
 					funcName: "Search",
-					args: []interface{}{
+					args: []any{
 						&ldap.SearchRequest{
 							BaseDN:       "uid=name",
 							Scope:        0,
@@ -979,7 +979,7 @@ func TestUpdateUser(t *testing.T) {
 							Controls:     []ldap.Control(nil),
 						},
 					},
-					returns: []interface{}{
+					returns: []any{
 						&ldap.SearchResult{
 							Entries: []*ldap.Entry{
 								{
@@ -1014,7 +1014,7 @@ func TestUpdateUser(t *testing.T) {
 				},
 				{
 					funcName: "Modify",
-					args: []interface{}{
+					args: []any{
 						&ldap.ModifyRequest{
 							DN: "uid=name",
 							Changes: []ldap.Change{
@@ -1029,7 +1029,7 @@ func TestUpdateUser(t *testing.T) {
 							Controls: []ldap.Control(nil),
 						},
 					},
-					returns: []interface{}{nil},
+					returns: []any{nil},
 				},
 			},
 		},
@@ -1050,13 +1050,13 @@ func TestUpdateUser(t *testing.T) {
 				accountEnabled:           &falseBool,
 				userType:                 &memberType,
 			},
-			assertion: func(t assert.TestingT, err error, args ...interface{}) bool {
+			assertion: func(t assert.TestingT, err error, args ...any) bool {
 				return assert.Nil(t, err, args...)
 			},
 			ldapMocks: []mockInputs{
 				{
 					funcName: "Search",
-					args: []interface{}{
+					args: []any{
 						ldap.NewSearchRequest(
 							"ou=people,dc=test",
 							ldap.ScopeWholeSubtree,
@@ -1066,7 +1066,7 @@ func TestUpdateUser(t *testing.T) {
 							nil,
 						),
 					},
-					returns: []interface{}{
+					returns: []any{
 						&ldap.SearchResult{
 							Entries: []*ldap.Entry{
 								{
@@ -1097,7 +1097,7 @@ func TestUpdateUser(t *testing.T) {
 				},
 				{
 					funcName: "Search",
-					args: []interface{}{
+					args: []any{
 						&ldap.SearchRequest{
 							BaseDN:       disableUsersGroup,
 							Scope:        0,
@@ -1110,7 +1110,7 @@ func TestUpdateUser(t *testing.T) {
 							Controls:     []ldap.Control(nil),
 						},
 					},
-					returns: []interface{}{
+					returns: []any{
 						&ldap.SearchResult{
 							Entries: []*ldap.Entry{
 								{
@@ -1129,7 +1129,7 @@ func TestUpdateUser(t *testing.T) {
 				},
 				{
 					funcName: "Modify",
-					args: []interface{}{
+					args: []any{
 						&ldap.ModifyRequest{
 							DN: "uid=name",
 							Changes: []ldap.Change{
@@ -1144,22 +1144,22 @@ func TestUpdateUser(t *testing.T) {
 							Controls: []ldap.Control(nil),
 						},
 					},
-					returns: []interface{}{nil},
+					returns: []any{nil},
 				},
 				{
 					funcName: "Modify",
-					args: []interface{}{
+					args: []any{
 						&ldap.ModifyRequest{
 							DN:       "uid=name",
 							Changes:  []ldap.Change(nil),
 							Controls: []ldap.Control(nil),
 						},
 					},
-					returns: []interface{}{nil},
+					returns: []any{nil},
 				},
 				{
 					funcName: "Search",
-					args: []interface{}{
+					args: []any{
 						ldap.NewSearchRequest(
 							"uid=name",
 							ldap.ScopeBaseObject,
@@ -1169,7 +1169,7 @@ func TestUpdateUser(t *testing.T) {
 							[]ldap.Control(nil),
 						),
 					},
-					returns: []interface{}{
+					returns: []any{
 						&ldap.SearchResult{
 							Entries: []*ldap.Entry{
 								{
@@ -1217,13 +1217,13 @@ func TestUpdateUser(t *testing.T) {
 				accountEnabled:           &trueBool,
 				userType:                 &memberType,
 			},
-			assertion: func(t assert.TestingT, err error, args ...interface{}) bool {
+			assertion: func(t assert.TestingT, err error, args ...any) bool {
 				return assert.Nil(t, err, args...)
 			},
 			ldapMocks: []mockInputs{
 				{
 					funcName: "Search",
-					args: []interface{}{
+					args: []any{
 						ldap.NewSearchRequest(
 							"ou=people,dc=test",
 							ldap.ScopeWholeSubtree,
@@ -1233,7 +1233,7 @@ func TestUpdateUser(t *testing.T) {
 							nil,
 						),
 					},
-					returns: []interface{}{
+					returns: []any{
 						&ldap.SearchResult{
 							Entries: []*ldap.Entry{
 								{
@@ -1264,7 +1264,7 @@ func TestUpdateUser(t *testing.T) {
 				},
 				{
 					funcName: "Search",
-					args: []interface{}{
+					args: []any{
 						&ldap.SearchRequest{
 							BaseDN:       disableUsersGroup,
 							Scope:        0,
@@ -1277,7 +1277,7 @@ func TestUpdateUser(t *testing.T) {
 							Controls:     []ldap.Control(nil),
 						},
 					},
-					returns: []interface{}{
+					returns: []any{
 						&ldap.SearchResult{
 							Entries: []*ldap.Entry{
 								{
@@ -1296,7 +1296,7 @@ func TestUpdateUser(t *testing.T) {
 				},
 				{
 					funcName: "Modify",
-					args: []interface{}{
+					args: []any{
 						&ldap.ModifyRequest{
 							DN: "uid=name",
 							Changes: []ldap.Change{
@@ -1311,22 +1311,22 @@ func TestUpdateUser(t *testing.T) {
 							Controls: []ldap.Control(nil),
 						},
 					},
-					returns: []interface{}{nil},
+					returns: []any{nil},
 				},
 				{
 					funcName: "Modify",
-					args: []interface{}{
+					args: []any{
 						&ldap.ModifyRequest{
 							DN:       "uid=name",
 							Changes:  []ldap.Change(nil),
 							Controls: []ldap.Control(nil),
 						},
 					},
-					returns: []interface{}{nil},
+					returns: []any{nil},
 				},
 				{
 					funcName: "Search",
-					args: []interface{}{
+					args: []any{
 						ldap.NewSearchRequest(
 							"uid=name",
 							ldap.ScopeBaseObject,
@@ -1336,7 +1336,7 @@ func TestUpdateUser(t *testing.T) {
 							[]ldap.Control(nil),
 						),
 					},
-					returns: []interface{}{
+					returns: []any{
 						&ldap.SearchResult{
 							Entries: []*ldap.Entry{
 								{
@@ -1383,13 +1383,13 @@ func TestUpdateUser(t *testing.T) {
 				onPremisesSamAccountName: "testUser",
 				userType:                 &memberType,
 			},
-			assertion: func(t assert.TestingT, err error, args ...interface{}) bool {
+			assertion: func(t assert.TestingT, err error, args ...any) bool {
 				return assert.Nil(t, err, args...)
 			},
 			ldapMocks: []mockInputs{
 				{
 					funcName: "Search",
-					args: []interface{}{
+					args: []any{
 						ldap.NewSearchRequest(
 							"ou=people,dc=test",
 							ldap.ScopeWholeSubtree,
@@ -1399,7 +1399,7 @@ func TestUpdateUser(t *testing.T) {
 							nil,
 						),
 					},
-					returns: []interface{}{
+					returns: []any{
 						&ldap.SearchResult{
 							Entries: []*ldap.Entry{
 								{
@@ -1430,7 +1430,7 @@ func TestUpdateUser(t *testing.T) {
 				},
 				{
 					funcName: "Modify",
-					args: []interface{}{
+					args: []any{
 						&ldap.ModifyRequest{
 							DN: "uid=name",
 							Changes: []ldap.Change{
@@ -1445,22 +1445,22 @@ func TestUpdateUser(t *testing.T) {
 							Controls: []ldap.Control(nil),
 						},
 					},
-					returns: []interface{}{nil},
+					returns: []any{nil},
 				},
 				{
 					funcName: "Modify",
-					args: []interface{}{
+					args: []any{
 						&ldap.ModifyRequest{
 							DN:       "uid=name",
 							Changes:  []ldap.Change(nil),
 							Controls: []ldap.Control(nil),
 						},
 					},
-					returns: []interface{}{nil},
+					returns: []any{nil},
 				},
 				{
 					funcName: "Search",
-					args: []interface{}{
+					args: []any{
 						ldap.NewSearchRequest(
 							"uid=name",
 							ldap.ScopeBaseObject,
@@ -1470,7 +1470,7 @@ func TestUpdateUser(t *testing.T) {
 							[]ldap.Control(nil),
 						),
 					},
-					returns: []interface{}{
+					returns: []any{
 						&ldap.SearchResult{
 							Entries: []*ldap.Entry{
 								{
@@ -1588,8 +1588,8 @@ func TestUsersEnabledState(t *testing.T) {
 	}
 	type mockInputs struct {
 		funcName string
-		args     []interface{}
-		returns  []interface{}
+		args     []any
+		returns  []any
 	}
 	tests := []struct {
 		name      string
@@ -1606,7 +1606,7 @@ func TestUsersEnabledState(t *testing.T) {
 				disableUserMechanism: "attribute",
 			},
 			want: map[string]bool{},
-			assertion: func(t assert.TestingT, err error, args ...interface{}) bool {
+			assertion: func(t assert.TestingT, err error, args ...any) bool {
 				return assert.Nil(t, err, args...)
 			},
 			ldapMocks: []mockInputs{},
@@ -1619,7 +1619,7 @@ func TestUsersEnabledState(t *testing.T) {
 				disableUserMechanism: "attribute",
 			},
 			want: map[string]bool{"alice": true, "bob": false, "carol": true},
-			assertion: func(t assert.TestingT, err error, args ...interface{}) bool {
+			assertion: func(t assert.TestingT, err error, args ...any) bool {
 				return assert.Nil(t, err, args...)
 			},
 			ldapMocks: []mockInputs{},
@@ -1632,13 +1632,13 @@ func TestUsersEnabledState(t *testing.T) {
 				disableUserMechanism: "group",
 			},
 			want: map[string]bool{"alice": true, "bob": true, "carol": true},
-			assertion: func(t assert.TestingT, err error, args ...interface{}) bool {
+			assertion: func(t assert.TestingT, err error, args ...any) bool {
 				return assert.Nil(t, err, args...)
 			},
 			ldapMocks: []mockInputs{
 				{
 					funcName: "Search",
-					args: []interface{}{
+					args: []any{
 						ldap.NewSearchRequest(
 							disableUsersGroup,
 							ldap.ScopeBaseObject,
@@ -1648,7 +1648,7 @@ func TestUsersEnabledState(t *testing.T) {
 							[]ldap.Control(nil),
 						),
 					},
-					returns: []interface{}{
+					returns: []any{
 						&ldap.SearchResult{
 							Entries: []*ldap.Entry{
 								{
@@ -1675,13 +1675,13 @@ func TestUsersEnabledState(t *testing.T) {
 				disableUserMechanism: "group",
 			},
 			want: map[string]bool{"alice": false, "bob": true, "carol": false},
-			assertion: func(t assert.TestingT, err error, args ...interface{}) bool {
+			assertion: func(t assert.TestingT, err error, args ...any) bool {
 				return assert.Nil(t, err, args...)
 			},
 			ldapMocks: []mockInputs{
 				{
 					funcName: "Search",
-					args: []interface{}{
+					args: []any{
 						ldap.NewSearchRequest(
 							disableUsersGroup,
 							ldap.ScopeBaseObject,
@@ -1691,7 +1691,7 @@ func TestUsersEnabledState(t *testing.T) {
 							[]ldap.Control(nil),
 						),
 					},
-					returns: []interface{}{
+					returns: []any{
 						&ldap.SearchResult{
 							Entries: []*ldap.Entry{
 								{
@@ -1718,13 +1718,13 @@ func TestUsersEnabledState(t *testing.T) {
 				disableUserMechanism: "group",
 			},
 			want: nil,
-			assertion: func(t assert.TestingT, err error, args ...interface{}) bool {
+			assertion: func(t assert.TestingT, err error, args ...any) bool {
 				return assert.NotNil(t, err, args...)
 			},
 			ldapMocks: []mockInputs{
 				{
 					funcName: "Search",
-					args: []interface{}{
+					args: []any{
 						ldap.NewSearchRequest(
 							disableUsersGroup,
 							ldap.ScopeBaseObject,
@@ -1734,7 +1734,7 @@ func TestUsersEnabledState(t *testing.T) {
 							[]ldap.Control(nil),
 						),
 					},
-					returns: []interface{}{
+					returns: []any{
 						nil,
 						&ldap.Error{
 							Err: fmt.Errorf("very problematic problems"),
--- a/services/graph/pkg/middleware/auth.go
+++ b/services/graph/pkg/middleware/auth.go
@@ -32,7 +32,7 @@ func Auth(opts ...account.Option) func(http.Handler) http.Handler {
 	// Note: This largely duplicates what pkg/middleware/account.go already does (apart from a slightly different error
 	// handling). Ideally we should merge both middlewares.
 	opt := authOptions(opts...)
-	tokenManager, err := jwt.New(map[string]interface{}{
+	tokenManager, err := jwt.New(map[string]any{
 		"secret":  opt.JWTSecret,
 		"expires": int64(24 * 60 * 60),
 	})
--- a/services/graph/pkg/service/v0/api_driveitem_permissions.go
+++ b/services/graph/pkg/service/v0/api_driveitem_permissions.go
@@ -684,7 +684,7 @@ func (api DriveItemPermissionsApi) Invite(w http.ResponseWriter, r *http.Request
 	}

 	render.Status(r, http.StatusOK)
-	render.JSON(w, r, &ListResponse{Value: []interface{}{permission}})
+	render.JSON(w, r, &ListResponse{Value: []any{permission}})
 }

 // SpaceRootInvite handles DriveItemInvite requests on a space root
@@ -717,7 +717,7 @@ func (api DriveItemPermissionsApi) SpaceRootInvite(w http.ResponseWriter, r *htt
 	}

 	render.Status(r, http.StatusOK)
-	render.JSON(w, r, &ListResponse{Value: []interface{}{permission}})
+	render.JSON(w, r, &ListResponse{Value: []any{permission}})
 }

 // ListPermissions handles ListPermissions requests
--- a/services/graph/pkg/service/v0/educationclasses_test.go
+++ b/services/graph/pkg/service/v0/educationclasses_test.go
@@ -158,7 +158,7 @@ var _ = Describe("EducationClass", func() {
 			res := service.ListResponse{}
 			err = json.Unmarshal(data, &res)
 			Expect(err).ToNot(HaveOccurred())
-			Expect(res.Value).To(Equal([]interface{}{}))
+			Expect(res.Value).To(Equal([]any{}))
 		})

 		It("renders a list of classes", func() {
--- a/services/graph/pkg/service/v0/educationschools_test.go
+++ b/services/graph/pkg/service/v0/educationschools_test.go
@@ -157,7 +157,7 @@ var _ = Describe("Schools", func() {
 			res := service.ListResponse{}
 			err = json.Unmarshal(data, &res)
 			Expect(err).ToNot(HaveOccurred())
-			Expect(res.Value).To(Equal([]interface{}{}))
+			Expect(res.Value).To(Equal([]any{}))
 		})

 		It("renders a list of schools", func() {
--- a/services/graph/pkg/service/v0/graph.go
+++ b/services/graph/pkg/service/v0/graph.go
@@ -61,7 +61,7 @@ type Graph struct {
 	roleService              RoleService
 	permissionsService       Permissions
 	valueService             settingssvc.ValueService
-	specialDriveItemsCache   *ttlcache.Cache[string, interface{}]
+	specialDriveItemsCache   *ttlcache.Cache[string, any]
 	eventsPublisher          events.Publisher
 	eventsConsumer           events.Consumer
 	searchService            searchsvc.SearchProviderService
@@ -83,7 +83,7 @@ func (g Graph) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 	g.mux.ServeHTTP(w, r)
 }

-func (g Graph) publishEvent(ctx context.Context, ev interface{}) {
+func (g Graph) publishEvent(ctx context.Context, ev any) {
 	if g.eventsPublisher != nil {
 		if err := events.Publish(ctx, g.eventsPublisher, ev); err != nil {
 			g.logger.Error().
@@ -104,7 +104,7 @@ func (g Graph) getWebDavBaseURL() (*url.URL, error) {

 // ListResponse is used for proper marshalling of Graph list responses
 type ListResponse struct {
-	Value interface{} `json:"value,omitempty"`
+	Value any `json:"value,omitempty"`
 }

 const (
--- a/services/graph/pkg/service/v0/groups_test.go
+++ b/services/graph/pkg/service/v0/groups_test.go
@@ -188,7 +188,7 @@ var _ = Describe("Groups", func() {
 			res := service.ListResponse{}
 			err = json.Unmarshal(data, &res)
 			Expect(err).ToNot(HaveOccurred())
-			Expect(res.Value).To(Equal([]interface{}{}))
+			Expect(res.Value).To(Equal([]any{}))
 		})

 		It("renders a list of groups", func() {
--- a/services/graph/pkg/service/v0/personaldata.go
+++ b/services/graph/pkg/service/v0/personaldata.go
@@ -150,7 +150,7 @@ func (g Graph) GatherPersonalData(usr *user.User, ref *provider.Reference, token
 		g.logger.Error().Err(err).Str("userID", usr.GetId().GetOpaqueId()).Msg("cannot impersonate user")
 	}
 	// create data
-	data := make(map[string]interface{})
+	data := make(map[string]any)

 	// reva user
 	data["user"] = usr
@@ -316,12 +316,12 @@ func getLocation(r *http.Request) string {
 }

 // we want the events to look nice in the file, don't we?
-func convertEvents(evs []*ehmsg.Event) []map[string]interface{} {
-	out := make([]map[string]interface{}, len(evs))
+func convertEvents(evs []*ehmsg.Event) []map[string]any {
+	out := make([]map[string]any, len(evs))
 	for i, e := range evs {
-		var content map[string]interface{}
+		var content map[string]any
 		_ = json.Unmarshal(e.GetEvent(), &content)
-		out[i] = map[string]interface{}{
+		out[i] = map[string]any{
 			"id":    e.GetId(),
 			"type":  e.GetType(),
 			"event": content,
--- a/services/graph/pkg/service/v0/service.go
+++ b/services/graph/pkg/service/v0/service.go
@@ -141,10 +141,10 @@ func NewService(opts ...Option) (Graph, error) { //nolint:maintidx
 	)

 	spacePropertiesCache := ttlcache.New(
-		ttlcache.WithTTL[string, interface{}](
+		ttlcache.WithTTL[string, any](
 			time.Duration(options.Config.Spaces.ExtendedSpacePropertiesCacheTTL),
 		),
-		ttlcache.WithDisableTouchOnHit[string, interface{}](),
+		ttlcache.WithDisableTouchOnHit[string, any](),
 	)
 	go spacePropertiesCache.Start()

--- a/services/graph/pkg/service/v0/utils.go
+++ b/services/graph/pkg/service/v0/utils.go
@@ -26,7 +26,7 @@ import (
 )

 // StrictJSONUnmarshal is a wrapper around json.Unmarshal that returns an error if the json contains unknown fields.
-func StrictJSONUnmarshal(r io.Reader, v interface{}) error {
+func StrictJSONUnmarshal(r io.Reader, v any) error {
 	dec := json.NewDecoder(r)
 	dec.DisallowUnknownFields()
 	return dec.Decode(v)
--- a/services/graph/pkg/validate/validate.go
+++ b/services/graph/pkg/validate/validate.go
@@ -21,6 +21,6 @@ func init() {
 func Default() *validator.Validate { return defaultValidator.Load().(*validator.Validate) }

 // StructCtx validates a struct and returns the error.
-func StructCtx(ctx context.Context, s interface{}) error {
+func StructCtx(ctx context.Context, s any) error {
 	return Default().StructCtx(ctx, s)
 }
--- a/services/groups/pkg/revaconfig/config.go
+++ b/services/groups/pkg/revaconfig/config.go
@@ -5,33 +5,33 @@ import (
 )

 // GroupsConfigFromStruct will adapt an OpenCloud config struct into a reva mapstructure to start a reva service.
-func GroupsConfigFromStruct(cfg *config.Config) map[string]interface{} {
-	return map[string]interface{}{
-		"shared": map[string]interface{}{
+func GroupsConfigFromStruct(cfg *config.Config) map[string]any {
+	return map[string]any{
+		"shared": map[string]any{
 			"jwt_secret":                cfg.TokenManager.JWTSecret,
 			"gatewaysvc":                cfg.Reva.Address,
 			"skip_user_groups_in_token": cfg.SkipUserGroupsInToken,
 			"grpc_client_options":       cfg.Reva.GetGRPCClientConfig(),
 			"multi_tenant_enabled":      cfg.Commons.MultiTenantEnabled,
 		},
-		"grpc": map[string]interface{}{
+		"grpc": map[string]any{
 			"network": cfg.GRPC.Protocol,
 			"address": cfg.GRPC.Addr,
-			"tls_settings": map[string]interface{}{
+			"tls_settings": map[string]any{
 				"enabled":     cfg.GRPC.TLS.Enabled,
 				"certificate": cfg.GRPC.TLS.Cert,
 				"key":         cfg.GRPC.TLS.Key,
 			},
 			// TODO build services dynamically
-			"services": map[string]interface{}{
-				"groupprovider": map[string]interface{}{
+			"services": map[string]any{
+				"groupprovider": map[string]any{
 					"driver": cfg.Driver,
-					"drivers": map[string]interface{}{
-						"json": map[string]interface{}{
+					"drivers": map[string]any{
+						"json": map[string]any{
 							"groups": cfg.Drivers.JSON.File,
 						},
 						"ldap": ldapConfigFromString(cfg.Drivers.LDAP),
-						"rest": map[string]interface{}{
+						"rest": map[string]any{
 							"client_id":           cfg.Drivers.REST.ClientID,
 							"client_secret":       cfg.Drivers.REST.ClientSecret,
 							"redis_address":       cfg.Drivers.REST.RedisAddr,
@@ -45,8 +45,8 @@ func GroupsConfigFromStruct(cfg *config.Config) map[string]interface{} {
 					},
 				},
 			},
-			"interceptors": map[string]interface{}{
-				"prometheus": map[string]interface{}{
+			"interceptors": map[string]any{
+				"prometheus": map[string]any{
 					"namespace": "opencloud",
 					"subsystem": "groups",
 				},
@@ -55,8 +55,8 @@ func GroupsConfigFromStruct(cfg *config.Config) map[string]interface{} {
 	}
 }

-func ldapConfigFromString(cfg config.LDAPDriver) map[string]interface{} {
-	return map[string]interface{}{
+func ldapConfigFromString(cfg config.LDAPDriver) map[string]any {
+	return map[string]any{
 		"uri":                         cfg.URI,
 		"cacert":                      cfg.CACert,
 		"insecure":                    cfg.Insecure,
@@ -72,14 +72,14 @@ func ldapConfigFromString(cfg config.LDAPDriver) map[string]interface{} {
 		"user_objectclass":            cfg.UserObjectClass,
 		"group_objectclass":           cfg.GroupObjectClass,
 		"idp":                         cfg.IDP,
-		"user_schema": map[string]interface{}{
+		"user_schema": map[string]any{
 			"id":              cfg.UserSchema.ID,
 			"idIsOctetString": cfg.UserSchema.IDIsOctetString,
 			"mail":            cfg.UserSchema.Mail,
 			"displayName":     cfg.UserSchema.DisplayName,
 			"userName":        cfg.UserSchema.Username,
 		},
-		"group_schema": map[string]interface{}{
+		"group_schema": map[string]any{
 			"id":              cfg.GroupSchema.ID,
 			"idIsOctetString": cfg.GroupSchema.IDIsOctetString,
 			"mail":            cfg.GroupSchema.Mail,
--- a/services/idp/pkg/backends/cs3/identifier/cs3.go
+++ b/services/idp/pkg/backends/cs3/identifier/cs3.go
@@ -196,7 +196,7 @@ func (b *CS3Backend) ResolveUserByUsername(ctx context.Context, username string)
 }

 // RefreshSession implements the Backend interface.
-func (b *CS3Backend) RefreshSession(_ context.Context, _ string, _ *string, _ map[string]interface{}) error {
+func (b *CS3Backend) RefreshSession(_ context.Context, _ string, _ *string, _ map[string]any) error {
 	return nil
 }

@@ -208,7 +208,7 @@ func (b *CS3Backend) DestroySession(_ context.Context, sessionRef *string) error

 // UserClaims implements the Backend interface, providing user specific claims
 // for the user specified by the userID.
-func (b *CS3Backend) UserClaims(_ string, _ map[string]bool) map[string]interface{} {
+func (b *CS3Backend) UserClaims(_ string, _ map[string]bool) map[string]any {
 	return nil
 }

--- a/services/idp/pkg/backends/cs3/identifier/user.go
+++ b/services/idp/pkg/backends/cs3/identifier/user.go
@@ -56,8 +56,8 @@ func (u *cs3User) UniqueID() string {
 }

 // BackendClaims returns additional claims the cs3 users provides
-func (u *cs3User) BackendClaims() map[string]interface{} {
-	claims := make(map[string]interface{})
+func (u *cs3User) BackendClaims() map[string]any {
+	claims := make(map[string]any)
 	claims[konnect.IdentifiedUserIDClaim] = u.u.GetId().GetOpaqueId()

 	return claims
--- a/services/invitations/pkg/backends/keycloak/backend_test.go
+++ b/services/invitations/pkg/backends/keycloak/backend_test.go
@@ -30,8 +30,8 @@ func TestBackend_CreateUser(t *testing.T) {
 	}
 	type mockInputs struct {
 		funcName string
-		args     []interface{}
-		returns  []interface{}
+		args     []any
+		returns  []any
 	}
 	tests := []struct {
 		name        string
@@ -51,7 +51,7 @@ func TestBackend_CreateUser(t *testing.T) {
 			clientMocks: []mockInputs{
 				{
 					funcName: "CreateUser",
-					args: []interface{}{
+					args: []any{
 						mock.Anything,
 						userRealm,
 						mock.Anything, // can't match on the user because it generates a UUID internally.
@@ -60,13 +60,13 @@ func TestBackend_CreateUser(t *testing.T) {
 							kcpkg.UserActionVerifyEmail,
 						},
 					},
-					returns: []interface{}{
+					returns: []any{
 						"test-id",
 						nil,
 					},
 				},
 			},
-			assertion: func(t assert.TestingT, err error, args ...interface{}) bool {
+			assertion: func(t assert.TestingT, err error, args ...any) bool {
 				return assert.Nil(t, err, args...)
 			},
 		},
@@ -92,8 +92,8 @@ func TestBackend_SendMail(t *testing.T) {
 	}
 	type mockInputs struct {
 		funcName string
-		args     []interface{}
-		returns  []interface{}
+		args     []any
+		returns  []any
 	}
 	tests := []struct {
 		name        string
@@ -109,7 +109,7 @@ func TestBackend_SendMail(t *testing.T) {
 			clientMocks: []mockInputs{
 				{
 					funcName: "SendActionsMail",
-					args: []interface{}{
+					args: []any{
 						mock.Anything,
 						userRealm,
 						"test-id",
@@ -118,12 +118,12 @@ func TestBackend_SendMail(t *testing.T) {
 							kcpkg.UserActionVerifyEmail,
 						},
 					},
-					returns: []interface{}{
+					returns: []any{
 						nil,
 					},
 				},
 			},
-			assertion: func(t assert.TestingT, err error, args ...interface{}) bool {
+			assertion: func(t assert.TestingT, err error, args ...any) bool {
 				return assert.Nil(t, err, args...)
 			},
 		},
--- a/services/nats/pkg/logging/nats.go
+++ b/services/nats/pkg/logging/nats.go
@@ -16,37 +16,37 @@ type LogWrapper struct {
 }

 // Noticef logs a notice statement
-func (l *LogWrapper) Noticef(format string, v ...interface{}) {
+func (l *LogWrapper) Noticef(format string, v ...any) {
 	msg := fmt.Sprintf(format, v...)
 	l.logger.Info().Msg(msg)
 }

 // Warnf logs a warning statement
-func (l *LogWrapper) Warnf(format string, v ...interface{}) {
+func (l *LogWrapper) Warnf(format string, v ...any) {
 	msg := fmt.Sprintf(format, v...)
 	l.logger.Warn().Msg(msg)
 }

 // Fatalf logs a fatal statement
-func (l *LogWrapper) Fatalf(format string, v ...interface{}) {
+func (l *LogWrapper) Fatalf(format string, v ...any) {
 	msg := fmt.Sprintf(format, v...)
 	l.logger.Fatal().Msg(msg)
 }

 // Errorf logs an error statement
-func (l *LogWrapper) Errorf(format string, v ...interface{}) {
+func (l *LogWrapper) Errorf(format string, v ...any) {
 	msg := fmt.Sprintf(format, v...)
 	l.logger.Error().Msg(msg)
 }

 // Debugf logs a debug statement
-func (l *LogWrapper) Debugf(format string, v ...interface{}) {
+func (l *LogWrapper) Debugf(format string, v ...any) {
 	msg := fmt.Sprintf(format, v...)
 	l.logger.Debug().Msg(msg)
 }

 // Tracef logs a trace statement
-func (l *LogWrapper) Tracef(format string, v ...interface{}) {
+func (l *LogWrapper) Tracef(format string, v ...any) {
 	msg := fmt.Sprintf(format, v...)
 	l.logger.Trace().Msg(msg)
 }
--- a/services/notifications/pkg/email/composer.go
+++ b/services/notifications/pkg/email/composer.go
@@ -21,19 +21,19 @@ var (
 func NewTextTemplate(mt MessageTemplate, locale, defaultLocale string, translationPath string, vars map[string]string) (MessageTemplate, error) {
 	var err error
 	t := l10n.NewTranslatorFromCommonConfig(defaultLocale, _domain, translationPath, _translationFS, "l10n/locale").Locale(locale)
-	mt.Subject, err = composeMessage(t.Get(mt.Subject, []interface{}{}...), vars)
+	mt.Subject, err = composeMessage(t.Get(mt.Subject, []any{}...), vars)
 	if err != nil {
 		return mt, err
 	}
-	mt.Greeting, err = composeMessage(t.Get(mt.Greeting, []interface{}{}...), vars)
+	mt.Greeting, err = composeMessage(t.Get(mt.Greeting, []any{}...), vars)
 	if err != nil {
 		return mt, err
 	}
-	mt.MessageBody, err = composeMessage(t.Get(mt.MessageBody, []interface{}{}...), vars)
+	mt.MessageBody, err = composeMessage(t.Get(mt.MessageBody, []any{}...), vars)
 	if err != nil {
 		return mt, err
 	}
-	mt.CallToAction, err = composeMessage(t.Get(mt.CallToAction, []interface{}{}...), vars)
+	mt.CallToAction, err = composeMessage(t.Get(mt.CallToAction, []any{}...), vars)
 	if err != nil {
 		return mt, err
 	}
@@ -44,19 +44,19 @@ func NewTextTemplate(mt MessageTemplate, locale, defaultLocale string, translati
 func NewHTMLTemplate(mt MessageTemplate, locale, defaultLocale string, translationPath string, vars map[string]string) (MessageTemplate, error) {
 	var err error
 	t := l10n.NewTranslatorFromCommonConfig(defaultLocale, _domain, translationPath, _translationFS, "l10n/locale").Locale(locale)
-	mt.Subject, err = composeMessage(t.Get(mt.Subject, []interface{}{}...), vars)
+	mt.Subject, err = composeMessage(t.Get(mt.Subject, []any{}...), vars)
 	if err != nil {
 		return mt, err
 	}
-	mt.Greeting, err = composeMessage(newlineToBr(t.Get(mt.Greeting, []interface{}{}...)), vars)
+	mt.Greeting, err = composeMessage(newlineToBr(t.Get(mt.Greeting, []any{}...)), vars)
 	if err != nil {
 		return mt, err
 	}
-	mt.MessageBody, err = composeMessage(newlineToBr(t.Get(mt.MessageBody, []interface{}{}...)), vars)
+	mt.MessageBody, err = composeMessage(newlineToBr(t.Get(mt.MessageBody, []any{}...)), vars)
 	if err != nil {
 		return mt, err
 	}
-	mt.CallToAction, err = composeMessage(callToActionToHTML(t.Get(mt.CallToAction, []interface{}{}...)), vars)
+	mt.CallToAction, err = composeMessage(callToActionToHTML(t.Get(mt.CallToAction, []any{}...)), vars)
 	if err != nil {
 		return mt, err
 	}
@@ -71,18 +71,18 @@ func NewGroupedTextTemplate(gmt GroupedMessageTemplate, vars map[string]string,

 	var err error
 	t := l10n.NewTranslatorFromCommonConfig(defaultLocale, _domain, translationPath, _translationFS, "l10n/locale").Locale(locale)
-	gmt.Subject, err = composeMessage(t.Get(gmt.Subject, []interface{}{}...), vars)
+	gmt.Subject, err = composeMessage(t.Get(gmt.Subject, []any{}...), vars)
 	if err != nil {
 		return gmt, err
 	}
-	gmt.Greeting, err = composeMessage(t.Get(gmt.Greeting, []interface{}{}...), vars)
+	gmt.Greeting, err = composeMessage(t.Get(gmt.Greeting, []any{}...), vars)
 	if err != nil {
 		return gmt, err
 	}

 	bodyParts := make([]string, 0, len(mtsVars))
 	for i, mt := range mts {
-		bodyPart, err := composeMessage(t.Get(mt.MessageBody, []interface{}{}...), mtsVars[i])
+		bodyPart, err := composeMessage(t.Get(mt.MessageBody, []any{}...), mtsVars[i])
 		if err != nil {
 			return gmt, err
 		}
@@ -100,18 +100,18 @@ func NewGroupedHTMLTemplate(gmt GroupedMessageTemplate, vars map[string]string,

 	var err error
 	t := l10n.NewTranslatorFromCommonConfig(defaultLocale, _domain, translationPath, _translationFS, "l10n/locale").Locale(locale)
-	gmt.Subject, err = composeMessage(t.Get(gmt.Subject, []interface{}{}...), vars)
+	gmt.Subject, err = composeMessage(t.Get(gmt.Subject, []any{}...), vars)
 	if err != nil {
 		return gmt, err
 	}
-	gmt.Greeting, err = composeMessage(newlineToBr(t.Get(gmt.Greeting, []interface{}{}...)), vars)
+	gmt.Greeting, err = composeMessage(newlineToBr(t.Get(gmt.Greeting, []any{}...)), vars)
 	if err != nil {
 		return gmt, err
 	}

 	bodyParts := make([]string, 0, len(mtsVars))
 	for i, mt := range mts {
-		bodyPart, err := composeMessage(t.Get(mt.MessageBody, []interface{}{}...), mtsVars[i])
+		bodyPart, err := composeMessage(t.Get(mt.MessageBody, []any{}...), mtsVars[i])
 		if err != nil {
 			return gmt, err
 		}
--- a/services/notifications/pkg/email/email.go
+++ b/services/notifications/pkg/email/email.go
@@ -116,7 +116,7 @@ func RenderGroupedEmailTemplate(gmt GroupedMessageTemplate, vars map[string]stri

 // emailTemplate builds the email template. It does not use any user provided input, so it is safe to use template.HTML.
 func emailTemplate(tpl *template.Template, mt MessageTemplate) (string, error) {
-	str, err := executeTemplate(tpl, map[string]interface{}{
+	str, err := executeTemplate(tpl, map[string]any{
 		"Greeting":     template.HTML(strings.TrimSpace(mt.Greeting)),     // #nosec G203
 		"MessageBody":  template.HTML(strings.TrimSpace(mt.MessageBody)),  // #nosec G203
 		"CallToAction": template.HTML(strings.TrimSpace(mt.CallToAction)), // #nosec G203
@@ -129,7 +129,7 @@ func emailTemplate(tpl *template.Template, mt MessageTemplate) (string, error) {

 // groupedEmailTemplate builds the email template. It does not use any user provided input, so it is safe to use template.HTML.
 func groupedEmailTemplate(tpl *template.Template, gmt GroupedMessageTemplate) (string, error) {
-	str, err := executeTemplate(tpl, map[string]interface{}{
+	str, err := executeTemplate(tpl, map[string]any{
 		"Greeting":    template.HTML(strings.TrimSpace(gmt.Greeting)),    // #nosec G203
 		"MessageBody": template.HTML(strings.TrimSpace(gmt.MessageBody)), // #nosec G203
 	})
--- a/services/notifications/pkg/service/sciencemesh.go
+++ b/services/notifications/pkg/service/sciencemesh.go
@@ -45,12 +45,12 @@ func (s eventsNotifier) handleScienceMeshInviteTokenGenerated(e events.ScienceMe
 	// event that is optional when the event got triggered...
 	// this means if we get a validation error, we can't send the message and skip it
 	{
-		validationEnv := make(map[string]interface{}, len(msgENV))
+		validationEnv := make(map[string]any, len(msgENV))
 		for k, v := range msgENV {
 			validationEnv[k] = v
 		}
 		if errs := validate.ValidateMap(validationEnv,
-			map[string]interface{}{
+			map[string]any{
 				"RecipientMail": "required,email", // only recipient mail is required to send the message
 			}); len(errs) > 0 {
 			return // no mail, no message
--- a/services/ocm/pkg/revaconfig/config.go
+++ b/services/ocm/pkg/revaconfig/config.go
@@ -9,7 +9,7 @@ import (
 )

 // OCMConfigFromStruct will adapt an OpenCloud config struct into a reva mapstructure to start a reva service.
-func OCMConfigFromStruct(cfg *config.Config, logger log.Logger) map[string]interface{} {
+func OCMConfigFromStruct(cfg *config.Config, logger log.Logger) map[string]any {

 	// Construct the ocm provider domain from the OpenCloud URL
 	providerDomain := ""
@@ -23,18 +23,18 @@ func OCMConfigFromStruct(cfg *config.Config, logger log.Logger) map[string]inter
 		providerDomain = u.Host
 	}

-	return map[string]interface{}{
-		"shared": map[string]interface{}{
+	return map[string]any{
+		"shared": map[string]any{
 			"jwt_secret":           cfg.TokenManager.JWTSecret,
 			"gatewaysvc":           cfg.Reva.Address, // Todo or address?
 			"grpc_client_options":  cfg.Reva.GetGRPCClientConfig(),
 			"multi_tenant_enabled": cfg.Commons.MultiTenantEnabled,
 		},
-		"http": map[string]interface{}{
+		"http": map[string]any{
 			"network": cfg.HTTP.Protocol,
 			"address": cfg.HTTP.Addr,
-			"middlewares": map[string]interface{}{
-				"cors": map[string]interface{}{
+			"middlewares": map[string]any{
+				"cors": map[string]any{
 					"allowed_origins":   cfg.HTTP.CORS.AllowedOrigins,
 					"allowed_methods":   cfg.HTTP.CORS.AllowedMethods,
 					"allowed_headers":   cfg.HTTP.CORS.AllowedHeaders,
@@ -46,20 +46,20 @@ func OCMConfigFromStruct(cfg *config.Config, logger log.Logger) map[string]inter
 					//"priority": ,
 					//"exposed_headers": ,
 				},
-				"auth": map[string]interface{}{
+				"auth": map[string]any{
 					"credentials_by_user_agent": cfg.Middleware.Auth.CredentialsByUserAgent,
 				},
-				"prometheus": map[string]interface{}{
+				"prometheus": map[string]any{
 					"namespace": "opencloud",
 					"subsystem": "ocm",
 				},
-				"requestid": map[string]interface{}{},
+				"requestid": map[string]any{},
 			},
 			// TODO build services dynamically
-			"services": map[string]interface{}{
-				"wellknown": map[string]interface{}{
+			"services": map[string]any{
+				"wellknown": map[string]any{
 					"prefix": ".well-known",
-					"ocmprovider": map[string]interface{}{
+					"ocmprovider": map[string]any{
 						"ocm_prefix":           cfg.OCMD.Prefix,
 						"endpoint":             cfg.Commons.OpenCloudURL,
 						"provider":             "OpenCloud",
@@ -70,7 +70,7 @@ func OCMConfigFromStruct(cfg *config.Config, logger log.Logger) map[string]inter
 						"enable_datatx":        false,
 					},
 				},
-				"sciencemesh": map[string]interface{}{
+				"sciencemesh": map[string]any{
 					"prefix":                 cfg.ScienceMesh.Prefix,
 					"smtp_credentials":       map[string]string{},
 					"gatewaysvc":             cfg.Reva.Address,
@@ -78,7 +78,7 @@ func OCMConfigFromStruct(cfg *config.Config, logger log.Logger) map[string]inter
 					"directory_service_urls": cfg.ScienceMesh.DirectoryServiceURLs,
 					"ocm_client_insecure":    cfg.ScienceMesh.OCMClientInsecure,
 					"provider_domain":        providerDomain,
-					"events": map[string]interface{}{
+					"events": map[string]any{
 						"natsaddress":          cfg.Events.Endpoint,
 						"natsclusterid":        cfg.Events.Cluster,
 						"tlsinsecure":          cfg.Events.TLSInsecure,
@@ -87,34 +87,34 @@ func OCMConfigFromStruct(cfg *config.Config, logger log.Logger) map[string]inter
 						"authpassword":         cfg.Events.AuthPassword,
 					},
 				},
-				"ocmd": map[string]interface{}{
+				"ocmd": map[string]any{
 					"prefix":                        cfg.OCMD.Prefix,
 					"gatewaysvc":                    cfg.Reva.Address,
 					"expose_recipient_display_name": cfg.OCMD.ExposeRecipientDisplayName,
 				},
-				"dataprovider": map[string]interface{}{
+				"dataprovider": map[string]any{
 					"prefix": "data",
 					"driver": "ocmreceived",
-					"drivers": map[string]interface{}{
-						"ocmreceived": map[string]interface{}{
+					"drivers": map[string]any{
+						"ocmreceived": map[string]any{
 							"insecure":               cfg.OCMStorageProvider.Insecure,
 							"storage_root":           cfg.OCMStorageProvider.StorageRoot,
 							"service_account_id":     cfg.ServiceAccount.ID,
 							"service_account_secret": cfg.ServiceAccount.Secret,
 						},
 					},
-					"data_txs": map[string]interface{}{
-						"simple": map[string]interface{}{
+					"data_txs": map[string]any{
+						"simple": map[string]any{
 							"cache_store":    "noop",
 							"cache_database": "system",
 							"cache_table":    "stat",
 						},
-						"spaces": map[string]interface{}{
+						"spaces": map[string]any{
 							"cache_store":    "noop",
 							"cache_database": "system",
 							"cache_table":    "stat",
 						},
-						"tus": map[string]interface{}{
+						"tus": map[string]any{
 							"cache_store":    "noop",
 							"cache_database": "system",
 							"cache_table":    "stat",
@@ -123,19 +123,19 @@ func OCMConfigFromStruct(cfg *config.Config, logger log.Logger) map[string]inter
 				},
 			},
 		},
-		"grpc": map[string]interface{}{
+		"grpc": map[string]any{
 			"network": cfg.GRPC.Protocol,
 			"address": cfg.GRPC.Addr,
-			"tls_settings": map[string]interface{}{
+			"tls_settings": map[string]any{
 				"enabled":     cfg.GRPC.TLS.Enabled,
 				"certificate": cfg.GRPC.TLS.Cert,
 				"key":         cfg.GRPC.TLS.Key,
 			},
-			"services": map[string]interface{}{
-				"ocminvitemanager": map[string]interface{}{
+			"services": map[string]any{
+				"ocminvitemanager": map[string]any{
 					"driver": cfg.OCMInviteManager.Driver,
-					"drivers": map[string]interface{}{
-						"json": map[string]interface{}{
+					"drivers": map[string]any{
+						"json": map[string]any{
 							"file": cfg.OCMInviteManager.Drivers.JSON.File,
 						},
 					},
@@ -144,18 +144,18 @@ func OCMConfigFromStruct(cfg *config.Config, logger log.Logger) map[string]inter
 					"ocm_timeout":      int(math.Round(cfg.OCMInviteManager.Timeout.Seconds())),
 					"ocm_insecure":     cfg.OCMInviteManager.Insecure,
 				},
-				"ocmproviderauthorizer": map[string]interface{}{
+				"ocmproviderauthorizer": map[string]any{
 					"driver": cfg.OCMProviderAuthorizerDriver,
-					"drivers": map[string]interface{}{
-						"json": map[string]interface{}{
+					"drivers": map[string]any{
+						"json": map[string]any{
 							"providers": cfg.OCMProviderAuthorizerDrivers.JSON.Providers,
 						},
 					},
 				},
-				"ocmshareprovider": map[string]interface{}{
+				"ocmshareprovider": map[string]any{
 					"driver": cfg.OCMShareProvider.Driver,
-					"drivers": map[string]interface{}{
-						"json": map[string]interface{}{
+					"drivers": map[string]any{
+						"json": map[string]any{
 							"file": cfg.OCMShareProvider.Drivers.JSON.File,
 						},
 					},
@@ -165,28 +165,28 @@ func OCMConfigFromStruct(cfg *config.Config, logger log.Logger) map[string]inter
 					"webapp_template": cfg.OCMShareProvider.WebappTemplate,
 					"client_insecure": cfg.OCMShareProvider.Insecure,
 				},
-				"ocmcore": map[string]interface{}{
+				"ocmcore": map[string]any{
 					"driver": cfg.OCMCore.Driver,
-					"drivers": map[string]interface{}{
-						"json": map[string]interface{}{
+					"drivers": map[string]any{
+						"json": map[string]any{
 							"file": cfg.OCMCore.Drivers.JSON.File,
 						},
 					},
 				},
-				"storageprovider": map[string]interface{}{
+				"storageprovider": map[string]any{
 					"driver": "ocmreceived",
-					"drivers": map[string]interface{}{
-						"ocmreceived": map[string]interface{}{
+					"drivers": map[string]any{
+						"ocmreceived": map[string]any{
 							"insecure":     cfg.OCMStorageProvider.Insecure,
 							"storage_root": cfg.OCMStorageProvider.StorageRoot,
 						},
 					},
 					"data_server_url": cfg.OCMStorageProvider.DataServerURL,
 				},
-				"authprovider": map[string]interface{}{
+				"authprovider": map[string]any{
 					"auth_manager": "ocmshares",
-					"auth_managers": map[string]interface{}{
-						"ocmshares": map[string]interface{}{
+					"auth_managers": map[string]any{
+						"ocmshares": map[string]any{
 							"gatewaysvc": cfg.Reva.Address,
 						},
 					},
--- a/services/ocs/pkg/service/v0/response/response.go
+++ b/services/ocs/pkg/service/v0/response/response.go
@@ -23,8 +23,8 @@ var (

 // Payload combines response metadata and data
 type Payload struct {
-	Meta data.Meta   `json:"meta" xml:"meta"`
-	Data interface{} `json:"data,omitempty" xml:"data,omitempty"`
+	Meta data.Meta `json:"meta" xml:"meta"`
+	Data any       `json:"data,omitempty" xml:"data,omitempty"`
 }

 // MarshalXML handles ocs specific wrapping of array members in 'element' tags for the data
@@ -81,7 +81,7 @@ func (rsp *Response) Render(w http.ResponseWriter, r *http.Request) error {
 }

 // DataRender creates an OK Payload for the given data
-func DataRender(d interface{}) render.Renderer {
+func DataRender(d any) render.Renderer {
 	return &Response{
 		&Payload{
 			Meta: data.MetaOK,
--- a/services/postprocessing/pkg/postprocessing/postprocessing.go
+++ b/services/postprocessing/pkg/postprocessing/postprocessing.go
@@ -43,7 +43,7 @@ func New(config config.Postprocessing) *Postprocessing {
 }

 // Init is the first step of the postprocessing
-func (pp *Postprocessing) Init(_ events.BytesReceived) interface{} {
+func (pp *Postprocessing) Init(_ events.BytesReceived) any {
 	if len(pp.Steps) == 0 {
 		return pp.finished(events.PPOutcomeContinue)
 	}
@@ -52,7 +52,7 @@ func (pp *Postprocessing) Init(_ events.BytesReceived) interface{} {
 }

 // NextStep returns the next postprocessing step
-func (pp *Postprocessing) NextStep(ev events.PostprocessingStepFinished) interface{} {
+func (pp *Postprocessing) NextStep(ev events.PostprocessingStepFinished) any {
 	switch ev.Outcome {
 	case events.PPOutcomeContinue:
 		return pp.next(ev.FinishedStep)
@@ -68,7 +68,7 @@ func (pp *Postprocessing) NextStep(ev events.PostprocessingStepFinished) interfa
 }

 // CurrentStep returns the current postprocessing step
-func (pp *Postprocessing) CurrentStep() interface{} {
+func (pp *Postprocessing) CurrentStep() any {
 	if pp.Status.CurrentStep == events.PPStepFinished {
 		return pp.finished(pp.Status.Outcome)
 	}
@@ -76,7 +76,7 @@ func (pp *Postprocessing) CurrentStep() interface{} {
 }

 // Delay will sleep the configured time then continue
-func (pp *Postprocessing) Delay(f func(next interface{})) {
+func (pp *Postprocessing) Delay(f func(next any)) {
 	next := pp.next(events.PPStepDelay)
 	go func() {
 		time.Sleep(pp.config.Delayprocessing)
@@ -89,7 +89,7 @@ func (pp *Postprocessing) BackoffDuration() time.Duration {
 	return pp.config.RetryBackoffDuration * time.Duration(math.Pow(2, float64(pp.Failures-1)))
 }

-func (pp *Postprocessing) next(current events.Postprocessingstep) interface{} {
+func (pp *Postprocessing) next(current events.Postprocessingstep) any {
 	l := len(pp.Steps)
 	for i, s := range pp.Steps {
 		if s == current && i+1 < l {
--- a/services/postprocessing/pkg/service/service.go
+++ b/services/postprocessing/pkg/service/service.go
@@ -171,7 +171,7 @@ func (pps *PostprocessingService) processEvent(e raw.Event) error {
 	pps.log.Debug().Str("Type", e.Type).Str("ID", e.ID).Msg("processing event received")

 	var (
-		next interface{}
+		next any
 		pp   *postprocessing.Postprocessing
 		err  error
 	)
@@ -247,7 +247,7 @@ func (pps *PostprocessingService) processEvent(e raw.Event) error {
 			pps.log.Error().Str("uploadID", ev.UploadID).Err(err).Msg("cannot get upload")
 			return fmt.Errorf("%w: cannot get upload", ErrEvent)
 		}
-		pp.Delay(func(next interface{}) {
+		pp.Delay(func(next any) {
 			if err := events.Publish(ctx, pps.pub, next); err != nil {
 				pps.log.Error().Err(err).Msg("cannot publish event")
 			}
--- a/services/proxy/pkg/middleware/account_resolver.go
+++ b/services/proxy/pkg/middleware/account_resolver.go
@@ -7,10 +7,10 @@ import (
 	"net/http"
 	"time"

-	"github.com/jellydator/ttlcache/v3"
 	gateway "github.com/cs3org/go-cs3apis/cs3/gateway/v1beta1"
 	tenantpb "github.com/cs3org/go-cs3apis/cs3/identity/tenant/v1beta1"
 	rpcpb "github.com/cs3org/go-cs3apis/cs3/rpc/v1beta1"
+	"github.com/jellydator/ttlcache/v3"
 	"github.com/opencloud-eu/opencloud/services/proxy/pkg/router"
 	"github.com/opencloud-eu/opencloud/services/proxy/pkg/user/backend"
 	"github.com/opencloud-eu/opencloud/services/proxy/pkg/userroles"
@@ -91,7 +91,7 @@ type accountResolver struct {
 	eventsPublisher events.Publisher
 }

-func readStringClaim(path string, claims map[string]interface{}) (string, error) {
+func readStringClaim(path string, claims map[string]any) (string, error) {
 	// happy path
 	value, _ := claims[path].(string)
 	if value != "" {
@@ -104,10 +104,10 @@ func readStringClaim(path string, claims map[string]interface{}) (string, error)
 	lastSegment := len(segments) - 1
 	for i := range segments {
 		if i < lastSegment {
-			if castedClaims, ok := subclaims[segments[i]].(map[string]interface{}); ok {
+			if castedClaims, ok := subclaims[segments[i]].(map[string]any); ok {
 				subclaims = castedClaims
-			} else if castedClaims, ok := subclaims[segments[i]].(map[interface{}]interface{}); ok {
-				subclaims = make(map[string]interface{}, len(castedClaims))
+			} else if castedClaims, ok := subclaims[segments[i]].(map[any]any); ok {
+				subclaims = make(map[string]any, len(castedClaims))
 				for k, v := range castedClaims {
 					if s, ok := k.(string); ok {
 						subclaims[s] = v
@@ -281,7 +281,7 @@ func (m accountResolver) ServeHTTP(w http.ResponseWriter, req *http.Request) {
 	m.next.ServeHTTP(w, req)
 }

-func (m accountResolver) verifyTenantClaim(ctx context.Context, userTenantID string, claims map[string]interface{}) error {
+func (m accountResolver) verifyTenantClaim(ctx context.Context, userTenantID string, claims map[string]any) error {
 	claimTenantID, err := readStringClaim(m.tenantOIDCClaim, claims)
 	if err != nil {
 		return fmt.Errorf("could not read tenant claim: %w", err)
--- a/services/proxy/pkg/middleware/account_resolver_test.go
+++ b/services/proxy/pkg/middleware/account_resolver_test.go
@@ -28,13 +28,13 @@ import (
 )

 const (
-	testIdP               = "https://idx.example.com"
-	testTenantA           = "tenant-a"
-	testTenantB           = "tenant-b"
-	testJWTSecret         = "change-me"
-	testSvcAccountID      = "svc-account-id"
-	testSvcAccountSecret  = "svc-account-secret"
-	testSvcAccountToken   = "svc-account-token"
+	testIdP              = "https://idx.example.com"
+	testTenantA          = "tenant-a"
+	testTenantB          = "tenant-b"
+	testJWTSecret        = "change-me"
+	testSvcAccountID     = "svc-account-id"
+	testSvcAccountSecret = "svc-account-secret"
+	testSvcAccountToken  = "svc-account-token"
 )

 func TestTokenIsAddedWithMailClaim(t *testing.T) {
@@ -43,7 +43,7 @@ func TestTokenIsAddedWithMailClaim(t *testing.T) {
 		Mail: "foo@example.com",
 	}, nil, oidc.Email, "mail", false)

-	req, rw := mockRequest(map[string]interface{}{
+	req, rw := mockRequest(map[string]any{
 		oidc.Iss:   testIdP,
 		oidc.Email: "foo@example.com",
 	})
@@ -61,7 +61,7 @@ func TestTokenIsAddedWithUsernameClaim(t *testing.T) {
 		Mail: "foo@example.com",
 	}, nil, oidc.PreferredUsername, "username", false)

-	req, rw := mockRequest(map[string]interface{}{
+	req, rw := mockRequest(map[string]any{
 		oidc.Iss:               testIdP,
 		oidc.PreferredUsername: "foo",
 	})
@@ -81,9 +81,9 @@ func TestTokenIsAddedWithDotUsernamePathClaim(t *testing.T) {
 	}, nil, "li.un", "username", false)

 	// This is how lico adds the username to the access token
-	req, rw := mockRequest(map[string]interface{}{
+	req, rw := mockRequest(map[string]any{
 		oidc.Iss: testIdP,
-		"li": map[string]interface{}{
+		"li": map[string]any{
 			"un": "foo",
 		},
 	})
@@ -122,7 +122,7 @@ func TestTokenIsAddedWithDottedUsernameClaim(t *testing.T) {
 				Mail: "foo@example.com",
 			}, nil, tc.oidcClaim, "username", false)

-			req, rw := mockRequest(map[string]interface{}{
+			req, rw := mockRequest(map[string]any{
 				oidc.Iss: testIdP,
 				"li.un":  "foo",
 			})
@@ -149,7 +149,7 @@ func TestNSkipOnNoClaims(t *testing.T) {

 func TestUnauthorizedOnUserNotFound(t *testing.T) {
 	sut := newMockAccountResolver(nil, backend.ErrAccountNotFound, oidc.PreferredUsername, "username", false)
-	req, rw := mockRequest(map[string]interface{}{
+	req, rw := mockRequest(map[string]any{
 		oidc.Iss:               testIdP,
 		oidc.PreferredUsername: "foo",
 	})
@@ -163,7 +163,7 @@ func TestUnauthorizedOnUserNotFound(t *testing.T) {

 func TestUnauthorizedOnUserDisabled(t *testing.T) {
 	sut := newMockAccountResolver(nil, backend.ErrAccountDisabled, oidc.PreferredUsername, "username", false)
-	req, rw := mockRequest(map[string]interface{}{
+	req, rw := mockRequest(map[string]any{
 		oidc.Iss:               testIdP,
 		oidc.PreferredUsername: "foo",
 	})
@@ -177,7 +177,7 @@ func TestUnauthorizedOnUserDisabled(t *testing.T) {

 func TestInternalServerErrorOnMissingMailAndUsername(t *testing.T) {
 	sut := newMockAccountResolver(nil, backend.ErrAccountNotFound, oidc.Email, "mail", false)
-	req, rw := mockRequest(map[string]interface{}{
+	req, rw := mockRequest(map[string]any{
 		oidc.Iss: testIdP,
 	})

@@ -262,7 +262,7 @@ func TestTenantClaimValidation(t *testing.T) {
 				Username: "foo",
 			}

-			tokenManager, _ := jwt.New(map[string]interface{}{"secret": testJWTSecret, "expires": int64(60)})
+			tokenManager, _ := jwt.New(map[string]any{"secret": testJWTSecret, "expires": int64(60)})
 			s, _ := scope.AddOwnerScope(nil)
 			token, _ := tokenManager.MintToken(context.Background(), user, s)

@@ -281,7 +281,7 @@ func TestTenantClaimValidation(t *testing.T) {
 				MultiTenantEnabled(true),
 			)(mockHandler{})

-			req, rw := mockRequest(map[string]interface{}{
+			req, rw := mockRequest(map[string]any{
 				oidc.Iss:               testIdP,
 				oidc.PreferredUsername: "foo",
 				"tenant_id":            tc.requestTenant,
@@ -300,7 +300,7 @@ func TestTenantClaimValidation(t *testing.T) {
 }

 func newMockAccountResolver(userBackendResult *userv1beta1.User, userBackendErr error, oidcclaim, cs3claim string, multiTenant bool) http.Handler {
-	tokenManager, _ := jwt.New(map[string]interface{}{
+	tokenManager, _ := jwt.New(map[string]any{
 		"secret":  testJWTSecret,
 		"expires": int64(60),
 	})
@@ -330,7 +330,7 @@ func newMockAccountResolver(userBackendResult *userv1beta1.User, userBackendErr
 	)(mockHandler{})
 }

-func mockRequest(claims map[string]interface{}) (*http.Request, *httptest.ResponseRecorder) {
+func mockRequest(claims map[string]any) (*http.Request, *httptest.ResponseRecorder) {
 	if claims == nil {
 		return httptest.NewRequest("GET", "http://example.com/foo", nil), httptest.NewRecorder()
 	}
@@ -362,7 +362,7 @@ func TestTenantIDMapping(t *testing.T) {
 		Username: "foo",
 	}

-	tokenManager, _ := jwt.New(map[string]interface{}{"secret": testJWTSecret, "expires": int64(60)})
+	tokenManager, _ := jwt.New(map[string]any{"secret": testJWTSecret, "expires": int64(60)})
 	s, _ := scope.AddOwnerScope(nil)
 	token, _ := tokenManager.MintToken(context.Background(), user, s)

@@ -449,7 +449,7 @@ func TestTenantIDMapping(t *testing.T) {
 				Value: externalTenantID,
 			}).Return(tc.tenantResponse, nil)

-			req, rw := mockRequest(map[string]interface{}{
+			req, rw := mockRequest(map[string]any{
 				oidc.Iss:               testIdP,
 				oidc.PreferredUsername: "foo",
 				"tenant_id":            externalTenantID,
--- a/services/proxy/pkg/middleware/authentication_test.go
+++ b/services/proxy/pkg/middleware/authentication_test.go
@@ -126,7 +126,7 @@ var _ = Describe("Authenticating requests", Label("Authentication"), func() {
 				EnableBasicAuth(true),
 			)
 			testHandler := handler(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
-				Expect(oidc.FromContext(r.Context())).To(Equal(map[string]interface{}{
+				Expect(oidc.FromContext(r.Context())).To(Equal(map[string]any{
 					"sid": "a-session-id",
 					"exp": int64(1147483647),
 				}))
@@ -144,7 +144,7 @@ var _ = Describe("Authenticating requests", Label("Authentication"), func() {
 				EnableBasicAuth(true),
 			)
 			testHandler := handler(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
-				Expect(oidc.FromContext(r.Context())).To(Equal(map[string]interface{}{
+				Expect(oidc.FromContext(r.Context())).To(Equal(map[string]any{
 					"email":              "testuser@example.com",
 					"openclouduuid":      "OpaqueId",
 					"iss":                "IdpId",
--- a/services/proxy/pkg/middleware/basic_auth.go
+++ b/services/proxy/pkg/middleware/basic_auth.go
@@ -41,7 +41,7 @@ func (m BasicAuthenticator) Authenticate(r *http.Request) (*http.Request, bool)
 	}

 	// fake oidc claims
-	claims := map[string]interface{}{
+	claims := map[string]any{
 		oidc.Iss:               user.Id.Idp,
 		oidc.PreferredUsername: user.Username,
 		oidc.Email:             user.Mail,
--- a/services/proxy/pkg/middleware/oidc_auth.go
+++ b/services/proxy/pkg/middleware/oidc_auth.go
@@ -54,8 +54,8 @@ type OIDCAuthenticator struct {
 	TimeFunc                func() time.Time
 }

-func (m *OIDCAuthenticator) getClaims(token string, req *http.Request) (map[string]interface{}, bool, error) {
-	var claims map[string]interface{}
+func (m *OIDCAuthenticator) getClaims(token string, req *http.Request) (map[string]any, bool, error) {
+	var claims map[string]any

 	// use a 64 bytes long hash to have 256-bit collision resistance.
 	hash := make([]byte, 64)
@@ -159,7 +159,7 @@ func (m OIDCAuthenticator) extractExpiration(aClaims oidc.RegClaimsWithSID) time
 	return defaultExpiration
 }

-func verifyExpiresAt(claims map[string]interface{}, cmp time.Time) bool {
+func verifyExpiresAt(claims map[string]any, cmp time.Time) bool {
 	var expiry time.Time
 	switch v := claims["exp"].(type) {
 	case nil:
--- a/services/proxy/pkg/middleware/policies.go
+++ b/services/proxy/pkg/middleware/policies.go
@@ -35,7 +35,7 @@ type (
 		Code    string `json:"code"`
 		Message string `json:"message"`
 		// The structure of this object is service-specific
-		Innererror map[string]interface{} `json:"innererror,omitempty"`
+		Innererror map[string]any `json:"innererror,omitempty"`
 	}
 )

@@ -154,7 +154,7 @@ func RenderError(w http.ResponseWriter, r *http.Request, evaluateReq *pService.E
 		filename = path.Base(evaluateReq.Environment.GetRequest().GetPath())
 	}

-	innererror := map[string]interface{}{
+	innererror := map[string]any{
 		"date": time.Now().UTC().Format(time.RFC3339),
 	}

--- a/services/proxy/pkg/middleware/security.go
+++ b/services/proxy/pkg/middleware/security.go
@@ -28,12 +28,12 @@ func loadCSPConfig(presetYamlContent, customYamlContent []byte) (*config.CSP, er
 	gofig.WithOptions(gofig.ParseEnv)
 	gofig.AddDriver(yaml.Driver)

-	presetMap := map[string]interface{}{}
+	presetMap := map[string]any{}
 	err := yamlv3.Unmarshal(presetYamlContent, &presetMap)
 	if err != nil {
 		return nil, err
 	}
-	customMap := map[string]interface{}{}
+	customMap := map[string]any{}
 	err = yamlv3.Unmarshal(customYamlContent, &customMap)
 	if err != nil {
 		return nil, err
@@ -63,9 +63,9 @@ func loadCSPConfig(presetYamlContent, customYamlContent []byte) (*config.CSP, er
 // - nested maps are merged recursively
 // - slices are concatenated, preserving order and avoiding duplicates
 // - scalar or type-mismatched values from map2 overwrite map1
-func deepMerge(map1, map2 map[string]interface{}) map[string]interface{} {
+func deepMerge(map1, map2 map[string]any) map[string]any {
 	if map1 == nil {
-		out := make(map[string]interface{}, len(map2))
+		out := make(map[string]any, len(map2))
 		for k, v := range map2 {
 			out[k] = v
 		}
@@ -75,17 +75,17 @@ func deepMerge(map1, map2 map[string]interface{}) map[string]interface{} {
 	for k, v2 := range map2 {
 		if v1, ok := map1[k]; ok {
 			// both maps -> recurse
-			if m1, ok1 := v1.(map[string]interface{}); ok1 {
-				if m2, ok2 := v2.(map[string]interface{}); ok2 {
+			if m1, ok1 := v1.(map[string]any); ok1 {
+				if m2, ok2 := v2.(map[string]any); ok2 {
 					map1[k] = deepMerge(m1, m2)
 					continue
 				}
 			}

 			// both slices -> merge unique
-			if s1, ok1 := v1.([]interface{}); ok1 {
-				if s2, ok2 := v2.([]interface{}); ok2 {
-					merged := append([]interface{}{}, s1...)
+			if s1, ok1 := v1.([]any); ok1 {
+				if s2, ok2 := v2.([]any); ok2 {
+					merged := append([]any{}, s1...)
 					for _, item := range s2 {
 						if !sliceContains(merged, item) {
 							merged = append(merged, item)
@@ -112,7 +112,7 @@ func deepMerge(map1, map2 map[string]interface{}) map[string]interface{} {
 	return map1
 }

-func sliceContains(slice []interface{}, val interface{}) bool {
+func sliceContains(slice []any, val any) bool {
 	for _, v := range slice {
 		if reflect.DeepEqual(v, val) {
 			return true
--- a/services/proxy/pkg/proxy/policy/selector_test.go
+++ b/services/proxy/pkg/proxy/policy/selector_test.go
@@ -79,10 +79,10 @@ func TestClaimsSelector(t *testing.T) {

 	var tests = []testCase{
 		{"unauthenticated", context.Background(), nil, "unauthenticated"},
-		{"default", oidc.NewContext(context.Background(), map[string]interface{}{oidc.OpenCloudRoutingPolicy: ""}), nil, "default"},
-		{"claim-value", oidc.NewContext(context.Background(), map[string]interface{}{oidc.OpenCloudRoutingPolicy: "opencloud.routing.policy-value"}), nil, "opencloud.routing.policy-value"},
+		{"default", oidc.NewContext(context.Background(), map[string]any{oidc.OpenCloudRoutingPolicy: ""}), nil, "default"},
+		{"claim-value", oidc.NewContext(context.Background(), map[string]any{oidc.OpenCloudRoutingPolicy: "opencloud.routing.policy-value"}), nil, "opencloud.routing.policy-value"},
 		{"cookie-only", context.Background(), &http.Cookie{Name: SelectorCookieName, Value: "cookie"}, "cookie"},
-		{"claim-can-override-cookie", oidc.NewContext(context.Background(), map[string]interface{}{oidc.OpenCloudRoutingPolicy: "opencloud.routing.policy-value"}), &http.Cookie{Name: SelectorCookieName, Value: "cookie"}, "opencloud.routing.policy-value"},
+		{"claim-can-override-cookie", oidc.NewContext(context.Background(), map[string]any{oidc.OpenCloudRoutingPolicy: "opencloud.routing.policy-value"}), &http.Cookie{Name: SelectorCookieName, Value: "cookie"}, "opencloud.routing.policy-value"},
 	}
 	for _, tc := range tests {
 		r := httptest.NewRequest("GET", "https://example.com", nil)
--- a/services/proxy/pkg/staticroutes/backchannellogout.go
+++ b/services/proxy/pkg/staticroutes/backchannellogout.go
@@ -150,7 +150,7 @@ func (s *StaticRouteHandler) publishBackchannelLogoutEvent(ctx context.Context,
 		return fmt.Errorf("no claim found for key: %s", claimKey)
 	}

-	var claims map[string]interface{}
+	var claims map[string]any
 	if err = msgpack.Unmarshal(claimRecords[0].Value, &claims); err != nil {
 		return fmt.Errorf("failed to unmarshal claims: %w", err)
 	}
--- a/services/proxy/pkg/user/backend/backend.go
+++ b/services/proxy/pkg/user/backend/backend.go
@@ -20,7 +20,7 @@ var (
 type UserBackend interface {
 	GetUserByClaims(ctx context.Context, claim, value string) (*cs3.User, string, error)
 	Authenticate(ctx context.Context, username string, password string) (*cs3.User, string, error)
-	CreateUserFromClaims(ctx context.Context, claims map[string]interface{}) (*cs3.User, error)
-	UpdateUserIfNeeded(ctx context.Context, user *cs3.User, claims map[string]interface{}) error
-	SyncGroupMemberships(ctx context.Context, user *cs3.User, claims map[string]interface{}) error
+	CreateUserFromClaims(ctx context.Context, claims map[string]any) (*cs3.User, error)
+	UpdateUserIfNeeded(ctx context.Context, user *cs3.User, claims map[string]any) error
+	SyncGroupMemberships(ctx context.Context, user *cs3.User, claims map[string]any) error
 }
--- a/services/proxy/pkg/user/backend/cs3.go
+++ b/services/proxy/pkg/user/backend/cs3.go
@@ -11,6 +11,7 @@ import (
 	gateway "github.com/cs3org/go-cs3apis/cs3/gateway/v1beta1"
 	cs3 "github.com/cs3org/go-cs3apis/cs3/identity/user/v1beta1"
 	rpcv1beta1 "github.com/cs3org/go-cs3apis/cs3/rpc/v1beta1"
+	libregraph "github.com/opencloud-eu/libre-graph-api-go"
 	"github.com/opencloud-eu/opencloud/pkg/log"
 	"github.com/opencloud-eu/opencloud/pkg/oidc"
 	"github.com/opencloud-eu/opencloud/services/graph/pkg/errorcode"
@@ -18,7 +19,6 @@ import (
 	revactx "github.com/opencloud-eu/reva/v2/pkg/ctx"
 	"github.com/opencloud-eu/reva/v2/pkg/rgrpc/todo/pool"
 	utils "github.com/opencloud-eu/reva/v2/pkg/utils"
-	libregraph "github.com/opencloud-eu/libre-graph-api-go"
 	"go-micro.dev/v4/selector"
 )

@@ -161,7 +161,7 @@ func (c *cs3backend) Authenticate(ctx context.Context, username string, password
 // attributes from the provided `claims` map. On success it returns the new
 // user. If the user already exist this is not considered an error and the
 // function will just return the existing user.
-func (c *cs3backend) CreateUserFromClaims(ctx context.Context, claims map[string]interface{}) (*cs3.User, error) {
+func (c *cs3backend) CreateUserFromClaims(ctx context.Context, claims map[string]any) (*cs3.User, error) {
 	gatewayClient, err := c.gatewaySelector.Next()
 	if err != nil {
 		c.logger.Error().Err(err).Msg("could not select next gateway client")
@@ -233,7 +233,7 @@ func (c *cs3backend) CreateUserFromClaims(ctx context.Context, claims map[string
 	return &cs3UserCreated, nil
 }

-func (c cs3backend) UpdateUserIfNeeded(ctx context.Context, user *cs3.User, claims map[string]interface{}) error {
+func (c cs3backend) UpdateUserIfNeeded(ctx context.Context, user *cs3.User, claims map[string]any) error {
 	newUser, err := c.libregraphUserFromClaims(claims)
 	if err != nil {
 		c.logger.Error().Err(err).Interface("claims", claims).Msg("Error converting claims to user")
@@ -258,7 +258,7 @@ func (c cs3backend) UpdateUserIfNeeded(ctx context.Context, user *cs3.User, clai
 }

 // SyncGroupMemberships maintains a users group memberships based on an OIDC claim
-func (c cs3backend) SyncGroupMemberships(ctx context.Context, user *cs3.User, claims map[string]interface{}) error {
+func (c cs3backend) SyncGroupMemberships(ctx context.Context, user *cs3.User, claims map[string]any) error {
 	gatewayClient, err := c.gatewaySelector.Next()
 	if err != nil {
 		c.logger.Error().Err(err).Msg("could not select next gateway client")
@@ -293,7 +293,7 @@ func (c cs3backend) SyncGroupMemberships(ctx context.Context, user *cs3.User, cl
 	}

 	newGroupSet := make(map[string]struct{})
-	if groups, ok := claims[c.autoProvisionClaims.Groups].([]interface{}); ok {
+	if groups, ok := claims[c.autoProvisionClaims.Groups].([]any); ok {
 		for _, g := range groups {
 			if group, ok := g.(string); ok {
 				newGroupSet[group] = struct{}{}
@@ -469,7 +469,7 @@ func (c cs3backend) isAlreadyExists(resp *http.Response) (bool, error) {
 	return false, nil
 }

-func (c cs3backend) libregraphUserFromClaims(claims map[string]interface{}) (libregraph.User, error) {
+func (c cs3backend) libregraphUserFromClaims(claims map[string]any) (libregraph.User, error) {
 	user := libregraph.User{}
 	if dn, ok := claims[c.autoProvisionClaims.DisplayName].(string); ok {
 		user.SetDisplayName(dn)
--- a/services/proxy/pkg/userroles/defaultrole.go
+++ b/services/proxy/pkg/userroles/defaultrole.go
@@ -29,7 +29,7 @@ func NewDefaultRoleAssigner(opts ...Option) UserRoleAssigner {

 // UpdateUserRoleAssignment assigns the role "User" to the supplied user. Unless the user
 // already has a different role assigned.
-func (d defaultRoleAssigner) UpdateUserRoleAssignment(ctx context.Context, user *cs3.User, claims map[string]interface{}) (*cs3.User, error) {
+func (d defaultRoleAssigner) UpdateUserRoleAssignment(ctx context.Context, user *cs3.User, claims map[string]any) (*cs3.User, error) {
 	var roleIDs []string
 	if user.Id.Type != cs3.UserType_USER_TYPE_LIGHTWEIGHT {
 		var err error
--- a/services/proxy/pkg/userroles/oidcroles.go
+++ b/services/proxy/pkg/userroles/oidcroles.go
@@ -30,7 +30,7 @@ func NewOIDCRoleAssigner(opts ...Option) UserRoleAssigner {
 	}
 }

-func extractRoles(rolesClaim string, claims map[string]interface{}) (map[string]struct{}, error) {
+func extractRoles(rolesClaim string, claims map[string]any) (map[string]struct{}, error) {

 	claimRoles := map[string]struct{}{}
 	// happy path
@@ -50,7 +50,7 @@ func extractRoles(rolesClaim string, claims map[string]interface{}) (map[string]
 		for _, cr := range v {
 			claimRoles[cr] = struct{}{}
 		}
-	case []interface{}:
+	case []any:
 		for _, cri := range v {
 			cr, ok := cri.(string)
 			if !ok {
@@ -71,7 +71,7 @@ func extractRoles(rolesClaim string, claims map[string]interface{}) (map[string]

 // UpdateUserRoleAssignment assigns the role "User" to the supplied user. Unless the user
 // already has a different role assigned.
-func (ra oidcRoleAssigner) UpdateUserRoleAssignment(ctx context.Context, user *cs3.User, claims map[string]interface{}) (*cs3.User, error) {
+func (ra oidcRoleAssigner) UpdateUserRoleAssignment(ctx context.Context, user *cs3.User, claims map[string]any) (*cs3.User, error) {
 	logger := ra.logger.SubloggerWithRequestID(ctx).With().Str("userid", user.GetId().GetOpaqueId()).Logger()
 	roleNamesToRoleIDs, err := ra.roleNamesToRoleIDs()
 	if err != nil {
--- a/services/proxy/pkg/userroles/oidcroles_test.go
+++ b/services/proxy/pkg/userroles/oidcroles_test.go
@@ -8,7 +8,7 @@ import (
 func TestExtractRolesArray(t *testing.T) {
 	byt := []byte(`{"roles":["a","b"]}`)

-	claims := map[string]interface{}{}
+	claims := map[string]any{}
 	err := json.Unmarshal(byt, &claims)
 	if err != nil {
 		t.Fatal(err)
@@ -29,7 +29,7 @@ func TestExtractRolesArray(t *testing.T) {
 func TestExtractRolesString(t *testing.T) {
 	byt := []byte(`{"roles":"a"}`)

-	claims := map[string]interface{}{}
+	claims := map[string]any{}
 	err := json.Unmarshal(byt, &claims)
 	if err != nil {
 		t.Fatal(err)
@@ -47,7 +47,7 @@ func TestExtractRolesString(t *testing.T) {
 func TestExtractRolesPathArray(t *testing.T) {
 	byt := []byte(`{"sub":{"roles":["a","b"]}}`)

-	claims := map[string]interface{}{}
+	claims := map[string]any{}
 	err := json.Unmarshal(byt, &claims)
 	if err != nil {
 		t.Fatal(err)
@@ -68,7 +68,7 @@ func TestExtractRolesPathArray(t *testing.T) {
 func TestExtractRolesPathString(t *testing.T) {
 	byt := []byte(`{"sub":{"roles":"a"}}`)

-	claims := map[string]interface{}{}
+	claims := map[string]any{}
 	err := json.Unmarshal(byt, &claims)
 	if err != nil {
 		t.Fatal(err)
@@ -86,7 +86,7 @@ func TestExtractRolesPathString(t *testing.T) {
 func TestExtractEscapedRolesPathString(t *testing.T) {
 	byt := []byte(`{"sub.roles":"a"}`)

-	claims := map[string]interface{}{}
+	claims := map[string]any{}
 	err := json.Unmarshal(byt, &claims)
 	if err != nil {
 		t.Fatal(err)
@@ -104,7 +104,7 @@ func TestExtractEscapedRolesPathString(t *testing.T) {
 func TestNoRoles(t *testing.T) {
 	byt := []byte(`{"sub":{"foo":"a"}}`)

-	claims := map[string]interface{}{}
+	claims := map[string]any{}
 	err := json.Unmarshal(byt, &claims)
 	if err != nil {
 		t.Fatal(err)
--- a/services/proxy/pkg/userroles/userroles.go
+++ b/services/proxy/pkg/userroles/userroles.go
@@ -16,7 +16,7 @@ import (
 type UserRoleAssigner interface {
 	// UpdateUserRoleAssignment is called by the account resolver middleware. It updates the user's role assignment
 	// based on the user's (OIDC) claims. It adds the user's roles to the opaque data of the cs3.User struct
-	UpdateUserRoleAssignment(ctx context.Context, user *cs3.User, claims map[string]interface{}) (*cs3.User, error)
+	UpdateUserRoleAssignment(ctx context.Context, user *cs3.User, claims map[string]any) (*cs3.User, error)
 	// ApplyUserRole can be called by proxy middlewares, it looks up the user's roles and adds them
 	// the users "roles" key in the user's opaque data
 	ApplyUserRole(ctx context.Context, user *cs3.User) (*cs3.User, error)
--- a/Show More
+++ b/Show More