From 79c75876a8fbd641cc4de3cc79d7a8ddfb4fbaba Mon Sep 17 00:00:00 2001
From: Matthieu MOREL <matthieu.morel35@gmail.com>
Date: Sun, 15 Jun 2025 22:11:38 +0200
Subject: [PATCH] chore(lint): enable httpNoBody rule from go-critic (#23399)

Signed-off-by: Matthieu MOREL <matthieu.morel35@gmail.com>
---
 .golangci.yaml                                |  1 -
 applicationset/metrics/metrics_test.go        |  4 +-
 applicationset/webhook/webhook_test.go        |  2 +-
 controller/metrics/metrics_test.go            | 16 ++++----
 .../generators/repo_generator.go              |  2 +-
 server/application/terminal_test.go           |  4 +-
 server/badge/badge_test.go                    | 28 ++++++-------
 server/extension/extension_test.go            | 16 ++++----
 server/logout/logout_test.go                  | 10 ++---
 server/rootpath_test.go                       |  6 +--
 server/server_norace_test.go                  |  6 +--
 server/server_test.go                         | 14 +++----
 util/git/git_test.go                          |  2 +-
 util/helm/client.go                           |  2 +-
 util/helm/creds.go                            |  2 +-
 util/http/http_test.go                        |  2 +-
 util/oidc/oidc.go                             |  2 +-
 util/oidc/oidc_test.go                        | 40 +++++++++----------
 util/proxy/proxy_test.go                      |  2 +-
 util/session/sessionmanager_test.go           |  2 +-
 util/settings/settings_test.go                |  2 +-
 util/webhook/webhook_test.go                  | 30 +++++++-------
 22 files changed, 97 insertions(+), 98 deletions(-)

diff --git a/.golangci.yaml b/.golangci.yaml
index 3265425d66..65252c81b2 100644
--- a/.golangci.yaml
+++ b/.golangci.yaml
@@ -62,7 +62,6 @@ linters:
         - exposedSyncMutex
         - evalOrder
         - filepathJoin
-        - httpNoBody
         - hugeParam
         - importShadow
         - mapKey
diff --git a/applicationset/metrics/metrics_test.go b/applicationset/metrics/metrics_test.go
index 1db5b3efbe..5b68ae7da0 100644
--- a/applicationset/metrics/metrics_test.go
+++ b/applicationset/metrics/metrics_test.go
@@ -174,7 +174,7 @@ func TestApplicationsetCollector(t *testing.T) {
 	appsetCollector := newAppsetCollector(utils.NewAppsetLister(client), collectedLabels, filter)
 
 	metrics.Registry.MustRegister(appsetCollector)
-	req, err := http.NewRequest(http.MethodGet, "/metrics", nil)
+	req, err := http.NewRequest(http.MethodGet, "/metrics", http.NoBody)
 	require.NoError(t, err)
 	rr := httptest.NewRecorder()
 	handler := promhttp.HandlerFor(metrics.Registry, promhttp.HandlerOpts{})
@@ -216,7 +216,7 @@ func TestObserveReconcile(t *testing.T) {
 
 	appsetMetrics := NewApplicationsetMetrics(utils.NewAppsetLister(client), collectedLabels, filter)
 
-	req, err := http.NewRequest(http.MethodGet, "/metrics", nil)
+	req, err := http.NewRequest(http.MethodGet, "/metrics", http.NoBody)
 	require.NoError(t, err)
 	rr := httptest.NewRecorder()
 	handler := promhttp.HandlerFor(metrics.Registry, promhttp.HandlerOpts{})
diff --git a/applicationset/webhook/webhook_test.go b/applicationset/webhook/webhook_test.go
index 5b38c174a1..6b2f1a2a6a 100644
--- a/applicationset/webhook/webhook_test.go
+++ b/applicationset/webhook/webhook_test.go
@@ -233,7 +233,7 @@ func TestWebhookHandler(t *testing.T) {
 			h, err := NewWebhookHandler(webhookParallelism, set, fc, mockGenerators())
 			require.NoError(t, err)
 
-			req := httptest.NewRequest(http.MethodPost, "/api/webhook", nil)
+			req := httptest.NewRequest(http.MethodPost, "/api/webhook", http.NoBody)
 			req.Header.Set(test.headerKey, test.headerValue)
 			eventJSON, err := os.ReadFile(filepath.Join("testdata", test.payloadFile))
 			require.NoError(t, err)
diff --git a/controller/metrics/metrics_test.go b/controller/metrics/metrics_test.go
index 3675d4038e..4a26e93157 100644
--- a/controller/metrics/metrics_test.go
+++ b/controller/metrics/metrics_test.go
@@ -276,7 +276,7 @@ func runTest(t *testing.T, cfg TestMetricServerConfig) {
 		metricsServ.registry.MustRegister(collector)
 	}
 
-	req, err := http.NewRequest(http.MethodGet, "/metrics", nil)
+	req, err := http.NewRequest(http.MethodGet, "/metrics", http.NoBody)
 	require.NoError(t, err)
 	rr := httptest.NewRecorder()
 	metricsServ.Handler.ServeHTTP(rr, req)
@@ -436,7 +436,7 @@ argocd_app_sync_total{dest_server="https://localhost:6443",dry_run="false",name=
 	metricsServ.IncSync(fakeApp, "https://localhost:6443", &argoappv1.OperationState{Phase: common.OperationSucceeded})
 	metricsServ.IncSync(fakeApp, "https://localhost:6443", &argoappv1.OperationState{Phase: common.OperationSucceeded})
 
-	req, err := http.NewRequest(http.MethodGet, "/metrics", nil)
+	req, err := http.NewRequest(http.MethodGet, "/metrics", http.NoBody)
 	require.NoError(t, err)
 	rr := httptest.NewRecorder()
 	metricsServ.Handler.ServeHTTP(rr, req)
@@ -492,7 +492,7 @@ argocd_app_reconcile_count{dest_server="https://localhost:6443",namespace="argoc
 	fakeApp := newFakeApp(fakeApp)
 	metricsServ.IncReconcile(fakeApp, "https://localhost:6443", 5*time.Second)
 
-	req, err := http.NewRequest(http.MethodGet, "/metrics", nil)
+	req, err := http.NewRequest(http.MethodGet, "/metrics", http.NoBody)
 	require.NoError(t, err)
 	rr := httptest.NewRecorder()
 	metricsServ.Handler.ServeHTTP(rr, req)
@@ -518,7 +518,7 @@ argocd_app_orphaned_resources_count{name="my-app-4",namespace="argocd",project="
 	numOrphanedResources := 1
 	metricsServ.SetOrphanedResourcesMetric(app, numOrphanedResources)
 
-	req, err := http.NewRequest(http.MethodGet, "/metrics", nil)
+	req, err := http.NewRequest(http.MethodGet, "/metrics", http.NoBody)
 	require.NoError(t, err)
 	rr := httptest.NewRecorder()
 	metricsServ.Handler.ServeHTTP(rr, req)
@@ -543,7 +543,7 @@ argocd_app_sync_total{dest_server="https://localhost:6443",dry_run="false",name=
 argocd_app_sync_total{dest_server="https://localhost:6443",dry_run="false",name="my-app",namespace="argocd",phase="Succeeded",project="important-project"} 2
 `
 
-	req, err := http.NewRequest(http.MethodGet, "/metrics", nil)
+	req, err := http.NewRequest(http.MethodGet, "/metrics", http.NoBody)
 	require.NoError(t, err)
 	rr := httptest.NewRecorder()
 	metricsServ.Handler.ServeHTTP(rr, req)
@@ -554,7 +554,7 @@ argocd_app_sync_total{dest_server="https://localhost:6443",dry_run="false",name=
 	err = metricsServ.SetExpiration(time.Second)
 	require.NoError(t, err)
 	time.Sleep(2 * time.Second)
-	req, err = http.NewRequest(http.MethodGet, "/metrics", nil)
+	req, err = http.NewRequest(http.MethodGet, "/metrics", http.NoBody)
 	require.NoError(t, err)
 	rr = httptest.NewRecorder()
 	metricsServ.Handler.ServeHTTP(rr, req)
@@ -587,7 +587,7 @@ workqueue_unfinished_work_seconds{controller="test",name="test"}
 `
 	workqueue.NewNamed("test")
 
-	req, err := http.NewRequest(http.MethodGet, "/metrics", nil)
+	req, err := http.NewRequest(http.MethodGet, "/metrics", http.NoBody)
 	require.NoError(t, err)
 	rr := httptest.NewRecorder()
 	metricsServ.Handler.ServeHTTP(rr, req)
@@ -620,7 +620,7 @@ go_memstats_sys_bytes
 go_threads
 `
 
-	req, err := http.NewRequest(http.MethodGet, "/metrics", nil)
+	req, err := http.NewRequest(http.MethodGet, "/metrics", http.NoBody)
 	require.NoError(t, err)
 	rr := httptest.NewRecorder()
 	metricsServ.Handler.ServeHTTP(rr, req)
diff --git a/hack/gen-resources/generators/repo_generator.go b/hack/gen-resources/generators/repo_generator.go
index bfdb302a2e..55057f7a0a 100644
--- a/hack/gen-resources/generators/repo_generator.go
+++ b/hack/gen-resources/generators/repo_generator.go
@@ -33,7 +33,7 @@ func NewRepoGenerator(clientSet *kubernetes.Clientset) Generator {
 
 func fetchRepos(token string, page int) ([]Repo, error) {
 	client := &http.Client{}
-	req, _ := http.NewRequest(http.MethodGet, fmt.Sprintf("https://api.github.com/repos/argoproj/argocd-example-apps/forks?per_page=100&page=%v", page), nil)
+	req, _ := http.NewRequest(http.MethodGet, fmt.Sprintf("https://api.github.com/repos/argoproj/argocd-example-apps/forks?per_page=100&page=%v", page), http.NoBody)
 	req.Header.Set("Authorization", token)
 	resp, err := client.Do(req)
 	if err != nil {
diff --git a/server/application/terminal_test.go b/server/application/terminal_test.go
index 6df268efe2..0a571adb0b 100644
--- a/server/application/terminal_test.go
+++ b/server/application/terminal_test.go
@@ -208,7 +208,7 @@ func TestTerminalHandler_ServeHTTP_empty_params(t *testing.T) {
 					paramsArray = append(paramsArray, key+"="+value)
 				}
 				paramsString := strings.Join(paramsArray, "&")
-				request := httptest.NewRequest(http.MethodGet, "https://argocd.example.com/api/v1/terminal?"+paramsString, nil)
+				request := httptest.NewRequest(http.MethodGet, "https://argocd.example.com/api/v1/terminal?"+paramsString, http.NoBody)
 				recorder := httptest.NewRecorder()
 				handler.ServeHTTP(recorder, request)
 				response := recorder.Result()
@@ -220,7 +220,7 @@ func TestTerminalHandler_ServeHTTP_empty_params(t *testing.T) {
 
 func TestTerminalHandler_ServeHTTP_disallowed_namespace(t *testing.T) {
 	handler := terminalHandler{namespace: "argocd", enabledNamespaces: []string{"allowed"}}
-	request := httptest.NewRequest(http.MethodGet, "https://argocd.example.com/api/v1/terminal?pod=valid&container=valid&appName=valid&projectName=valid&namespace=test&appNamespace=disallowed", nil)
+	request := httptest.NewRequest(http.MethodGet, "https://argocd.example.com/api/v1/terminal?pod=valid&container=valid&appName=valid&projectName=valid&namespace=test&appNamespace=disallowed", http.NoBody)
 	recorder := httptest.NewRecorder()
 	handler.ServeHTTP(recorder, request)
 	response := recorder.Result()
diff --git a/server/badge/badge_test.go b/server/badge/badge_test.go
index be822ffd5f..366da6a78f 100644
--- a/server/badge/badge_test.go
+++ b/server/badge/badge_test.go
@@ -101,7 +101,7 @@ func testProject() *v1alpha1.AppProject {
 func TestHandlerFeatureIsEnabled(t *testing.T) {
 	settingsMgr := settings.NewSettingsManager(t.Context(), fake.NewClientset(argoCDCm(), argoCDSecret()), "default")
 	handler := NewHandler(appclientset.NewSimpleClientset(testApp()), settingsMgr, "default", []string{})
-	req, err := http.NewRequest(http.MethodGet, "/api/badge?name=test-app", nil)
+	req, err := http.NewRequest(http.MethodGet, "/api/badge?name=test-app", http.NoBody)
 	require.NoError(t, err)
 
 	rr := httptest.NewRecorder()
@@ -204,7 +204,7 @@ func TestHandlerFeatureProjectIsEnabled(t *testing.T) {
 		}
 		handler := NewHandler(appclientset.NewSimpleClientset(objects...), settingsMgr, tt.namespace, []string{})
 		rr := httptest.NewRecorder()
-		req, err := http.NewRequest(http.MethodGet, tt.apiEndPoint, nil)
+		req, err := http.NewRequest(http.MethodGet, tt.apiEndPoint, http.NoBody)
 		require.NoError(t, err)
 		handler.ServeHTTP(rr, req)
 		require.Equal(t, tt.response, rr.Result().StatusCode)
@@ -226,7 +226,7 @@ func TestHandlerNamespacesIsEnabled(t *testing.T) {
 	t.Run("Application in allowed namespace", func(t *testing.T) {
 		settingsMgr := settings.NewSettingsManager(t.Context(), fake.NewClientset(argoCDCm(), argoCDSecret()), "default")
 		handler := NewHandler(appclientset.NewSimpleClientset(testApp2()), settingsMgr, "default", []string{"argocd-test"})
-		req, err := http.NewRequest(http.MethodGet, "/api/badge?name=test-app&namespace=argocd-test", nil)
+		req, err := http.NewRequest(http.MethodGet, "/api/badge?name=test-app&namespace=argocd-test", http.NoBody)
 		require.NoError(t, err)
 
 		rr := httptest.NewRecorder()
@@ -247,7 +247,7 @@ func TestHandlerNamespacesIsEnabled(t *testing.T) {
 	t.Run("Application in disallowed namespace", func(t *testing.T) {
 		settingsMgr := settings.NewSettingsManager(t.Context(), fake.NewClientset(argoCDCm(), argoCDSecret()), "default")
 		handler := NewHandler(appclientset.NewSimpleClientset(testApp2()), settingsMgr, "default", []string{"argocd-test"})
-		req, err := http.NewRequest(http.MethodGet, "/api/badge?name=test-app&namespace=kube-system", nil)
+		req, err := http.NewRequest(http.MethodGet, "/api/badge?name=test-app&namespace=kube-system", http.NoBody)
 		require.NoError(t, err)
 
 		rr := httptest.NewRecorder()
@@ -264,7 +264,7 @@ func TestHandlerNamespacesIsEnabled(t *testing.T) {
 	t.Run("Request with illegal namespace", func(t *testing.T) {
 		settingsMgr := settings.NewSettingsManager(t.Context(), fake.NewClientset(argoCDCm(), argoCDSecret()), "default")
 		handler := NewHandler(appclientset.NewSimpleClientset(testApp2()), settingsMgr, "default", []string{"argocd-test"})
-		req, err := http.NewRequest(http.MethodGet, "/api/badge?name=test-app&namespace=kube()system", nil)
+		req, err := http.NewRequest(http.MethodGet, "/api/badge?name=test-app&namespace=kube()system", http.NoBody)
 		require.NoError(t, err)
 
 		rr := httptest.NewRecorder()
@@ -277,7 +277,7 @@ func TestHandlerNamespacesIsEnabled(t *testing.T) {
 func TestHandlerFeatureIsEnabledKeepFullRevisionIsEnabled(t *testing.T) {
 	settingsMgr := settings.NewSettingsManager(t.Context(), fake.NewClientset(argoCDCm(), argoCDSecret()), "default")
 	handler := NewHandler(appclientset.NewSimpleClientset(testApp3()), settingsMgr, "argocd-test", []string{""})
-	req, err := http.NewRequest(http.MethodGet, "/api/badge?name=test-app&revision=true&keepFullRevision=true", nil)
+	req, err := http.NewRequest(http.MethodGet, "/api/badge?name=test-app&revision=true&keepFullRevision=true", http.NoBody)
 	require.NoError(t, err)
 
 	rr := httptest.NewRecorder()
@@ -298,7 +298,7 @@ func TestHandlerFeatureIsEnabledKeepFullRevisionIsEnabled(t *testing.T) {
 func TestHandlerFeatureIsEnabledKeepFullRevisionIsDisabled(t *testing.T) {
 	settingsMgr := settings.NewSettingsManager(t.Context(), fake.NewClientset(argoCDCm(), argoCDSecret()), "default")
 	handler := NewHandler(appclientset.NewSimpleClientset(testApp3()), settingsMgr, "argocd-test", []string{})
-	req, err := http.NewRequest(http.MethodGet, "/api/badge?name=test-app&revision=true&keepFullRevision=false", nil)
+	req, err := http.NewRequest(http.MethodGet, "/api/badge?name=test-app&revision=true&keepFullRevision=false", http.NoBody)
 	require.NoError(t, err)
 
 	rr := httptest.NewRecorder()
@@ -319,7 +319,7 @@ func TestHandlerFeatureIsEnabledKeepFullRevisionIsDisabled(t *testing.T) {
 func TestHandlerFeatureIsEnabledKeepFullRevisionAndWidthIsEnabled(t *testing.T) {
 	settingsMgr := settings.NewSettingsManager(t.Context(), fake.NewClientset(argoCDCm(), argoCDSecret()), "default")
 	handler := NewHandler(appclientset.NewSimpleClientset(testApp3()), settingsMgr, "argocd-test", []string{""})
-	req, err := http.NewRequest(http.MethodGet, "/api/badge?name=test-app&revision=true&keepFullRevision=true&width=500", nil)
+	req, err := http.NewRequest(http.MethodGet, "/api/badge?name=test-app&revision=true&keepFullRevision=true&width=500", http.NoBody)
 	require.NoError(t, err)
 
 	rr := httptest.NewRecorder()
@@ -393,7 +393,7 @@ func createApplicationsWithName(appCombo, projectName []string, namespace string
 func TestHandlerFeatureIsEnabledRevisionIsEnabled(t *testing.T) {
 	settingsMgr := settings.NewSettingsManager(t.Context(), fake.NewClientset(argoCDCm(), argoCDSecret()), "default")
 	handler := NewHandler(appclientset.NewSimpleClientset(testApp()), settingsMgr, "default", []string{})
-	req, err := http.NewRequest(http.MethodGet, "/api/badge?name=test-app&revision=true", nil)
+	req, err := http.NewRequest(http.MethodGet, "/api/badge?name=test-app&revision=true", http.NoBody)
 	require.NoError(t, err)
 
 	rr := httptest.NewRecorder()
@@ -417,7 +417,7 @@ func TestHandlerRevisionIsEnabledNoOperationState(t *testing.T) {
 
 	settingsMgr := settings.NewSettingsManager(t.Context(), fake.NewClientset(argoCDCm(), argoCDSecret()), "default")
 	handler := NewHandler(appclientset.NewSimpleClientset(app), settingsMgr, "default", []string{})
-	req, err := http.NewRequest(http.MethodGet, "/api/badge?name=test-app&revision=true", nil)
+	req, err := http.NewRequest(http.MethodGet, "/api/badge?name=test-app&revision=true", http.NoBody)
 	require.NoError(t, err)
 
 	rr := httptest.NewRecorder()
@@ -441,7 +441,7 @@ func TestHandlerRevisionIsEnabledShortCommitSHA(t *testing.T) {
 
 	settingsMgr := settings.NewSettingsManager(t.Context(), fake.NewClientset(argoCDCm(), argoCDSecret()), "default")
 	handler := NewHandler(appclientset.NewSimpleClientset(app), settingsMgr, "default", []string{})
-	req, err := http.NewRequest(http.MethodGet, "/api/badge?name=test-app&revision=true", nil)
+	req, err := http.NewRequest(http.MethodGet, "/api/badge?name=test-app&revision=true", http.NoBody)
 	require.NoError(t, err)
 
 	rr := httptest.NewRecorder()
@@ -457,7 +457,7 @@ func TestHandlerFeatureIsDisabled(t *testing.T) {
 
 	settingsMgr := settings.NewSettingsManager(t.Context(), fake.NewSimpleClientset(argoCDCmDisabled, argoCDSecret()), "default")
 	handler := NewHandler(appclientset.NewSimpleClientset(testApp()), settingsMgr, "default", []string{})
-	req, err := http.NewRequest(http.MethodGet, "/api/badge?name=test-app", nil)
+	req, err := http.NewRequest(http.MethodGet, "/api/badge?name=test-app", http.NoBody)
 	require.NoError(t, err)
 
 	rr := httptest.NewRecorder()
@@ -478,7 +478,7 @@ func TestHandlerFeatureIsDisabled(t *testing.T) {
 func TestHandlerApplicationNameInBadgeIsEnabled(t *testing.T) {
 	settingsMgr := settings.NewSettingsManager(t.Context(), fake.NewSimpleClientset(argoCDCm(), argoCDSecret()), "default")
 	handler := NewHandler(appclientset.NewSimpleClientset(testApp()), settingsMgr, "default", []string{})
-	req, err := http.NewRequest(http.MethodGet, "/api/badge?name=test-app&showAppName=true", nil)
+	req, err := http.NewRequest(http.MethodGet, "/api/badge?name=test-app&showAppName=true", http.NoBody)
 	require.NoError(t, err)
 
 	rr := httptest.NewRecorder()
@@ -505,7 +505,7 @@ func TestHandlerApplicationNameInBadgeIsEnabled(t *testing.T) {
 func TestHandlerApplicationNameInBadgeIsDisabled(t *testing.T) {
 	settingsMgr := settings.NewSettingsManager(t.Context(), fake.NewSimpleClientset(argoCDCm(), argoCDSecret()), "default")
 	handler := NewHandler(appclientset.NewSimpleClientset(testApp()), settingsMgr, "default", []string{})
-	req, err := http.NewRequest(http.MethodGet, "/api/badge?name=test-app", nil)
+	req, err := http.NewRequest(http.MethodGet, "/api/badge?name=test-app", http.NoBody)
 	require.NoError(t, err)
 
 	rr := httptest.NewRecorder()
diff --git a/server/extension/extension_test.go b/server/extension/extension_test.go
index 28b42236d7..6141c9b7bd 100644
--- a/server/extension/extension_test.go
+++ b/server/extension/extension_test.go
@@ -28,7 +28,7 @@ import (
 func TestValidateHeaders(t *testing.T) {
 	t.Run("will build RequestResources successfully", func(t *testing.T) {
 		// given
-		r, err := http.NewRequest(http.MethodGet, "http://null", nil)
+		r, err := http.NewRequest(http.MethodGet, "http://null", http.NoBody)
 		require.NoError(t, err, "error initializing request")
 		r.Header.Add(extension.HeaderArgoCDApplicationName, "namespace:app-name")
 		r.Header.Add(extension.HeaderArgoCDProjectName, "project-name")
@@ -45,7 +45,7 @@ func TestValidateHeaders(t *testing.T) {
 	})
 	t.Run("will return error if application is malformatted", func(t *testing.T) {
 		// given
-		r, err := http.NewRequest(http.MethodGet, "http://null", nil)
+		r, err := http.NewRequest(http.MethodGet, "http://null", http.NoBody)
 		require.NoError(t, err, "error initializing request")
 		r.Header.Add(extension.HeaderArgoCDApplicationName, "no-namespace")
 
@@ -58,7 +58,7 @@ func TestValidateHeaders(t *testing.T) {
 	})
 	t.Run("will return error if application header is missing", func(t *testing.T) {
 		// given
-		r, err := http.NewRequest(http.MethodGet, "http://null", nil)
+		r, err := http.NewRequest(http.MethodGet, "http://null", http.NoBody)
 		require.NoError(t, err, "error initializing request")
 		r.Header.Add(extension.HeaderArgoCDProjectName, "project-name")
 
@@ -71,7 +71,7 @@ func TestValidateHeaders(t *testing.T) {
 	})
 	t.Run("will return error if project header is missing", func(t *testing.T) {
 		// given
-		r, err := http.NewRequest(http.MethodGet, "http://null", nil)
+		r, err := http.NewRequest(http.MethodGet, "http://null", http.NoBody)
 		require.NoError(t, err, "error initializing request")
 		r.Header.Add(extension.HeaderArgoCDApplicationName, "namespace:app-name")
 
@@ -84,7 +84,7 @@ func TestValidateHeaders(t *testing.T) {
 	})
 	t.Run("will return error if invalid namespace", func(t *testing.T) {
 		// given
-		r, err := http.NewRequest(http.MethodGet, "http://null", nil)
+		r, err := http.NewRequest(http.MethodGet, "http://null", http.NoBody)
 		require.NoError(t, err, "error initializing request")
 		r.Header.Add(extension.HeaderArgoCDApplicationName, "bad%namespace:app-name")
 		r.Header.Add(extension.HeaderArgoCDProjectName, "project-name")
@@ -98,7 +98,7 @@ func TestValidateHeaders(t *testing.T) {
 	})
 	t.Run("will return error if invalid app name", func(t *testing.T) {
 		// given
-		r, err := http.NewRequest(http.MethodGet, "http://null", nil)
+		r, err := http.NewRequest(http.MethodGet, "http://null", http.NoBody)
 		require.NoError(t, err, "error initializing request")
 		r.Header.Add(extension.HeaderArgoCDApplicationName, "namespace:bad@app")
 		r.Header.Add(extension.HeaderArgoCDProjectName, "project-name")
@@ -112,7 +112,7 @@ func TestValidateHeaders(t *testing.T) {
 	})
 	t.Run("will return error if invalid project name", func(t *testing.T) {
 		// given
-		r, err := http.NewRequest(http.MethodGet, "http://null", nil)
+		r, err := http.NewRequest(http.MethodGet, "http://null", http.NoBody)
 		require.NoError(t, err, "error initializing request")
 		r.Header.Add(extension.HeaderArgoCDApplicationName, "namespace:app")
 		r.Header.Add(extension.HeaderArgoCDProjectName, "bad^project")
@@ -389,7 +389,7 @@ func TestCallExtension(t *testing.T) {
 	}
 	newExtensionRequest := func(t *testing.T, method, url string) *http.Request {
 		t.Helper()
-		r, err := http.NewRequest(method, url, nil)
+		r, err := http.NewRequest(method, url, http.NoBody)
 		require.NoError(t, err, "error initializing request")
 		r.Header.Add(extension.HeaderArgoCDApplicationName, "namespace:app-name")
 		r.Header.Add(extension.HeaderArgoCDProjectName, defaultProjectName)
diff --git a/server/logout/logout_test.go b/server/logout/logout_test.go
index 71eeeb5b18..27f1b0b043 100644
--- a/server/logout/logout_test.go
+++ b/server/logout/logout_test.go
@@ -287,20 +287,20 @@ func TestHandlerConstructLogoutURL(t *testing.T) {
 	invalidHeader := make(map[string][]string)
 	invalidHeader["Cookie"] = []string{"argocd.token=" + invalidToken}
 
-	oidcRequest, err := http.NewRequest(http.MethodGet, "http://localhost:4000/api/logout", nil)
+	oidcRequest, err := http.NewRequest(http.MethodGet, "http://localhost:4000/api/logout", http.NoBody)
 	require.NoError(t, err)
 	oidcRequest.Header = oidcTokenHeader
-	nonoidcRequest, err := http.NewRequest(http.MethodGet, "http://localhost:4000/api/logout", nil)
+	nonoidcRequest, err := http.NewRequest(http.MethodGet, "http://localhost:4000/api/logout", http.NoBody)
 	require.NoError(t, err)
 	nonoidcRequest.Header = nonOidcTokenHeader
-	nonoidcRequestOnSecondHost, err := http.NewRequest(http.MethodGet, "http://argocd.my-corp.tld/api/logout", nil)
+	nonoidcRequestOnSecondHost, err := http.NewRequest(http.MethodGet, "http://argocd.my-corp.tld/api/logout", http.NoBody)
 	assert.NoError(t, err)
 	nonoidcRequestOnSecondHost.Header = nonOidcTokenHeader
 	assert.NoError(t, err)
-	requestWithInvalidToken, err := http.NewRequest(http.MethodGet, "http://localhost:4000/api/logout", nil)
+	requestWithInvalidToken, err := http.NewRequest(http.MethodGet, "http://localhost:4000/api/logout", http.NoBody)
 	require.NoError(t, err)
 	requestWithInvalidToken.Header = invalidHeader
-	invalidRequest, err := http.NewRequest(http.MethodGet, "http://localhost:4000/api/logout", nil)
+	invalidRequest, err := http.NewRequest(http.MethodGet, "http://localhost:4000/api/logout", http.NoBody)
 	require.NoError(t, err)
 
 	tests := []struct {
diff --git a/server/rootpath_test.go b/server/rootpath_test.go
index 1187402945..c6d3bf9f3c 100644
--- a/server/rootpath_test.go
+++ b/server/rootpath_test.go
@@ -62,7 +62,7 @@ func TestNewRedirectServerEmptyRootPath(t *testing.T) {
 	assert.Equal(t, "localhost:8080", server.Addr, "When rootPath is empty, server address should be 'localhost:8080'")
 
 	// Test the redirect handler
-	req := httptest.NewRequest(http.MethodGet, "/applications", nil)
+	req := httptest.NewRequest(http.MethodGet, "/applications", http.NoBody)
 	req.Host = "example.com:8080"
 	w := httptest.NewRecorder()
 
@@ -84,7 +84,7 @@ func TestNewRedirectServerNonEmptyRootPath(t *testing.T) {
 	assert.Equal(t, "localhost:8080/argocd", server.Addr, "When rootPath is '/argocd', server address should be 'localhost:8080/argocd'")
 
 	// Test the redirect handler
-	req := httptest.NewRequest(http.MethodGet, "/applications", nil)
+	req := httptest.NewRequest(http.MethodGet, "/applications", http.NoBody)
 	req.Host = "example.com:8080"
 	w := httptest.NewRecorder()
 
@@ -103,7 +103,7 @@ func TestNewRedirectServerRootPathDuplication(t *testing.T) {
 	server := newRedirectServer(8080, "/argocd")
 
 	// Test the redirect handler with a request path that already includes rootPath
-	req := httptest.NewRequest(http.MethodGet, "/argocd/applications", nil)
+	req := httptest.NewRequest(http.MethodGet, "/argocd/applications", http.NoBody)
 	req.Host = "example.com:8080"
 	w := httptest.NewRecorder()
 
diff --git a/server/server_norace_test.go b/server/server_norace_test.go
index 7abb31ff77..9bce6410fa 100644
--- a/server/server_norace_test.go
+++ b/server/server_norace_test.go
@@ -110,7 +110,7 @@ func Test_StaticHeaders(t *testing.T) {
 
 		client := http.Client{}
 		url := fmt.Sprintf("http://127.0.0.1:%d/test.html", s.ListenPort)
-		req, err := http.NewRequest(http.MethodGet, url, nil)
+		req, err := http.NewRequest(http.MethodGet, url, http.NoBody)
 		require.NoError(t, err)
 		resp, err := client.Do(req)
 		require.NoError(t, err)
@@ -139,7 +139,7 @@ func Test_StaticHeaders(t *testing.T) {
 
 		client := http.Client{}
 		url := fmt.Sprintf("http://127.0.0.1:%d/test.html", s.ListenPort)
-		req, err := http.NewRequest(http.MethodGet, url, nil)
+		req, err := http.NewRequest(http.MethodGet, url, http.NoBody)
 		require.NoError(t, err)
 		resp, err := client.Do(req)
 		require.NoError(t, err)
@@ -171,7 +171,7 @@ func Test_StaticHeaders(t *testing.T) {
 
 		client := http.Client{}
 		url := fmt.Sprintf("http://127.0.0.1:%d/test.html", s.ListenPort)
-		req, err := http.NewRequest(http.MethodGet, url, nil)
+		req, err := http.NewRequest(http.MethodGet, url, http.NoBody)
 		require.NoError(t, err)
 		resp, err := client.Do(req)
 		require.NoError(t, err)
diff --git a/server/server_test.go b/server/server_test.go
index 52641c1ce7..f195bdeb14 100644
--- a/server/server_test.go
+++ b/server/server_test.go
@@ -1485,7 +1485,7 @@ func TestCacheControlHeaders(t *testing.T) {
 			handler := argocd.newStaticAssetsHandler()
 
 			rr := httptest.NewRecorder()
-			req := httptest.NewRequest("", "/"+testCase.filename, nil)
+			req := httptest.NewRequest("", "/"+testCase.filename, http.NoBody)
 
 			fp := filepath.Join(argocd.TmpAssetsDir, testCase.filename)
 
@@ -1641,7 +1641,7 @@ func Test_enforceContentTypes(t *testing.T) {
 		t.Parallel()
 
 		handler := enforceContentTypes(getBaseHandler(t, true), []string{"application/json"}).(http.HandlerFunc)
-		req := httptest.NewRequest(http.MethodGet, "/", nil)
+		req := httptest.NewRequest(http.MethodGet, "/", http.NoBody)
 		w := httptest.NewRecorder()
 		handler(w, req)
 		resp := w.Result()
@@ -1652,20 +1652,20 @@ func Test_enforceContentTypes(t *testing.T) {
 		t.Parallel()
 
 		handler := enforceContentTypes(getBaseHandler(t, true), []string{"application/json"}).(http.HandlerFunc)
-		req := httptest.NewRequest(http.MethodPost, "/", nil)
+		req := httptest.NewRequest(http.MethodPost, "/", http.NoBody)
 		w := httptest.NewRecorder()
 		handler(w, req)
 		resp := w.Result()
 		assert.Equal(t, http.StatusUnsupportedMediaType, resp.StatusCode, "didn't provide a content type, should have gotten an error")
 
-		req = httptest.NewRequest(http.MethodPost, "/", nil)
+		req = httptest.NewRequest(http.MethodPost, "/", http.NoBody)
 		req.Header = map[string][]string{"Content-Type": {"application/json"}}
 		w = httptest.NewRecorder()
 		handler(w, req)
 		resp = w.Result()
 		assert.Equal(t, http.StatusOK, resp.StatusCode, "should have passed, since an allowed content type was provided")
 
-		req = httptest.NewRequest(http.MethodPost, "/", nil)
+		req = httptest.NewRequest(http.MethodPost, "/", http.NoBody)
 		req.Header = map[string][]string{"Content-Type": {"not-allowed"}}
 		w = httptest.NewRecorder()
 		handler(w, req)
@@ -1694,7 +1694,7 @@ func Test_StaticAssetsDir_no_symlink_traversal(t *testing.T) {
 	require.NoError(t, err)
 
 	// Make a request to get the file from the /assets endpoint
-	req := httptest.NewRequest(http.MethodGet, "/link.txt", nil)
+	req := httptest.NewRequest(http.MethodGet, "/link.txt", http.NoBody)
 	w := httptest.NewRecorder()
 	argocd.newStaticAssetsHandler()(w, req)
 	resp := w.Result()
@@ -1704,7 +1704,7 @@ func Test_StaticAssetsDir_no_symlink_traversal(t *testing.T) {
 	normalFilePath := filepath.Join(argocd.StaticAssetsDir, "normal.txt")
 	err = os.WriteFile(normalFilePath, []byte("normal"), 0o644)
 	require.NoError(t, err)
-	req = httptest.NewRequest(http.MethodGet, "/normal.txt", nil)
+	req = httptest.NewRequest(http.MethodGet, "/normal.txt", http.NoBody)
 	w = httptest.NewRecorder()
 	argocd.newStaticAssetsHandler()(w, req)
 	resp = w.Result()
diff --git a/util/git/git_test.go b/util/git/git_test.go
index f92b4f2f4b..585fddda9f 100644
--- a/util/git/git_test.go
+++ b/util/git/git_test.go
@@ -183,7 +183,7 @@ func TestCustomHTTPClient(t *testing.T) {
 				assert.Nil(t, cert.PrivateKey)
 			}
 		}
-		req, err := http.NewRequest(http.MethodGet, "http://proxy-from-env:7878", nil)
+		req, err := http.NewRequest(http.MethodGet, "http://proxy-from-env:7878", http.NoBody)
 		require.NoError(t, err)
 		proxy, err := transport.Proxy(req)
 		require.NoError(t, err)
diff --git a/util/helm/client.go b/util/helm/client.go
index 66cc59a129..44370bef19 100644
--- a/util/helm/client.go
+++ b/util/helm/client.go
@@ -312,7 +312,7 @@ func (c *nativeHelmChart) loadRepoIndex(maxIndexSize int64) ([]byte, error) {
 		return nil, fmt.Errorf("error getting index URL: %w", err)
 	}
 
-	req, err := http.NewRequest(http.MethodGet, indexURL, nil)
+	req, err := http.NewRequest(http.MethodGet, indexURL, http.NoBody)
 	if err != nil {
 		return nil, fmt.Errorf("error creating HTTP request: %w", err)
 	}
diff --git a/util/helm/creds.go b/util/helm/creds.go
index 2af38a6d62..97cd10c487 100644
--- a/util/helm/creds.go
+++ b/util/helm/creds.go
@@ -244,7 +244,7 @@ func (creds AzureWorkloadIdentityCreds) challengeAzureContainerRegistry(azureCon
 		},
 	}
 
-	req, err := http.NewRequest(http.MethodGet, requestURL, nil)
+	req, err := http.NewRequest(http.MethodGet, requestURL, http.NoBody)
 	if err != nil {
 		return nil, err
 	}
diff --git a/util/http/http_test.go b/util/http/http_test.go
index 6421ce339f..5a19b9f973 100644
--- a/util/http/http_test.go
+++ b/util/http/http_test.go
@@ -65,7 +65,7 @@ func (rt TestRoundTripper) RoundTrip(req *http.Request) (*http.Response, error)
 
 func TestTransportWithHeader(t *testing.T) {
 	client := &http.Client{}
-	req, _ := http.NewRequest(http.MethodGet, "/foo", nil)
+	req, _ := http.NewRequest(http.MethodGet, "/foo", http.NoBody)
 	req.Header.Set("Bar", "req_1")
 	req.Header.Set("Foo", "req_1")
 
diff --git a/util/oidc/oidc.go b/util/oidc/oidc.go
index dcf79989b2..78bb806926 100644
--- a/util/oidc/oidc.go
+++ b/util/oidc/oidc.go
@@ -662,7 +662,7 @@ func (a *ClientApp) GetUserInfo(actualClaims jwt.MapClaims, issuerURL, userInfoP
 	}
 
 	url := issuerURL + userInfoPath
-	request, err := http.NewRequest(http.MethodGet, url, nil)
+	request, err := http.NewRequest(http.MethodGet, url, http.NoBody)
 	if err != nil {
 		err = fmt.Errorf("failed creating new http request: %w", err)
 		return claims, false, err
diff --git a/util/oidc/oidc_test.go b/util/oidc/oidc_test.go
index e2ef81fc02..f2bab53d8e 100644
--- a/util/oidc/oidc_test.go
+++ b/util/oidc/oidc_test.go
@@ -114,7 +114,7 @@ func (p *fakeProvider) Verify(_ string, _ *settings.ArgoCDSettings) (*gooidc.IDT
 func TestHandleCallback(t *testing.T) {
 	app := ClientApp{provider: &fakeProvider{}, settings: &settings.ArgoCDSettings{}}
 
-	req := httptest.NewRequest(http.MethodGet, "http://example.com/foo", nil)
+	req := httptest.NewRequest(http.MethodGet, "http://example.com/foo", http.NoBody)
 	req.Form = url.Values{
 		"error":             []string{"login-failed"},
 		"error_description": []string{"<script>alert('hello')</script>"},
@@ -146,7 +146,7 @@ requestedScopes: ["oidc"]`, oidcTestServer.URL),
 		app, err := NewClientApp(cdSettings, dexTestServer.URL, nil, "https://argocd.example.com", cache.NewInMemoryCache(24*time.Hour))
 		require.NoError(t, err)
 
-		req := httptest.NewRequest(http.MethodGet, "https://argocd.example.com/auth/login", nil)
+		req := httptest.NewRequest(http.MethodGet, "https://argocd.example.com/auth/login", http.NoBody)
 
 		w := httptest.NewRecorder()
 
@@ -183,7 +183,7 @@ requestedScopes: ["oidc"]`, oidcTestServer.URL),
 		app, err := NewClientApp(cdSettings, dexTestServer.URL, nil, "https://argocd.example.com", cache.NewInMemoryCache(24*time.Hour))
 		require.NoError(t, err)
 
-		req := httptest.NewRequest(http.MethodGet, "https://argocd.example.com/auth/login", nil)
+		req := httptest.NewRequest(http.MethodGet, "https://argocd.example.com/auth/login", http.NoBody)
 
 		w := httptest.NewRecorder()
 
@@ -222,7 +222,7 @@ requestedScopes: ["oidc"]`, oidcTestServer.URL),
 		app, err := NewClientApp(cdSettings, dexTestServer.URL, &dex.DexTLSConfig{StrictValidation: false}, "https://argocd.example.com", cache.NewInMemoryCache(24*time.Hour))
 		require.NoError(t, err)
 
-		req := httptest.NewRequest(http.MethodGet, "https://argocd.example.com/auth/login", nil)
+		req := httptest.NewRequest(http.MethodGet, "https://argocd.example.com/auth/login", http.NoBody)
 		w := httptest.NewRecorder()
 		app.HandleLogin(w, req)
 
@@ -255,7 +255,7 @@ requestedScopes: ["oidc"]`, oidcTestServer.URL),
 		app, err := NewClientApp(cdSettings, dexTestServer.URL, &dex.DexTLSConfig{StrictValidation: false}, "https://argocd.example.com", cache.NewInMemoryCache(24*time.Hour))
 		require.NoError(t, err)
 
-		req := httptest.NewRequest(http.MethodGet, "https://argocd.example.com/auth/login", nil)
+		req := httptest.NewRequest(http.MethodGet, "https://argocd.example.com/auth/login", http.NoBody)
 		w := httptest.NewRecorder()
 		app.HandleLogin(w, req)
 
@@ -292,7 +292,7 @@ requestedScopes: ["oidc"]`, oidcTestServer.URL),
 		app, err := NewClientApp(cdSettings, dexTestServer.URL, &dex.DexTLSConfig{StrictValidation: false}, "https://argocd.example.com", cache.NewInMemoryCache(24*time.Hour))
 		require.NoError(t, err)
 
-		req := httptest.NewRequest(http.MethodGet, "https://argocd.example.com/auth/login", nil)
+		req := httptest.NewRequest(http.MethodGet, "https://argocd.example.com/auth/login", http.NoBody)
 		w := httptest.NewRecorder()
 		app.HandleLogin(w, req)
 
@@ -331,7 +331,7 @@ requestedScopes: ["oidc"]`, oidcTestServer.URL),
 		require.NoError(t, err)
 
 		t.Run("should accept login redirecting on the main domain", func(t *testing.T) {
-			req := httptest.NewRequest(http.MethodGet, "https://argocd.example.com/auth/login", nil)
+			req := httptest.NewRequest(http.MethodGet, "https://argocd.example.com/auth/login", http.NoBody)
 
 			req.URL.RawQuery = url.Values{
 				"return_url": []string{"https://argocd.example.com/applications"},
@@ -350,7 +350,7 @@ requestedScopes: ["oidc"]`, oidcTestServer.URL),
 		})
 
 		t.Run("should accept login redirecting on the alternative domains", func(t *testing.T) {
-			req := httptest.NewRequest(http.MethodGet, "https://localhost:8080/auth/login", nil)
+			req := httptest.NewRequest(http.MethodGet, "https://localhost:8080/auth/login", http.NoBody)
 
 			req.URL.RawQuery = url.Values{
 				"return_url": []string{"https://localhost:8080/applications"},
@@ -369,7 +369,7 @@ requestedScopes: ["oidc"]`, oidcTestServer.URL),
 		})
 
 		t.Run("should accept login redirecting on the alternative domains", func(t *testing.T) {
-			req := httptest.NewRequest(http.MethodGet, "https://other.argocd.example.com/auth/login", nil)
+			req := httptest.NewRequest(http.MethodGet, "https://other.argocd.example.com/auth/login", http.NoBody)
 
 			req.URL.RawQuery = url.Values{
 				"return_url": []string{"https://other.argocd.example.com/applications"},
@@ -388,7 +388,7 @@ requestedScopes: ["oidc"]`, oidcTestServer.URL),
 		})
 
 		t.Run("should deny login redirecting on the alternative domains", func(t *testing.T) {
-			req := httptest.NewRequest(http.MethodGet, "https://not-argocd.example.com/auth/login", nil)
+			req := httptest.NewRequest(http.MethodGet, "https://not-argocd.example.com/auth/login", http.NoBody)
 
 			req.URL.RawQuery = url.Values{
 				"return_url": []string{"https://not-argocd.example.com/applications"},
@@ -428,7 +428,7 @@ requestedScopes: ["oidc"]`, oidcTestServer.URL),
 
 	w := httptest.NewRecorder()
 
-	req := httptest.NewRequest(http.MethodGet, "https://argocd.example.com/auth/login", nil)
+	req := httptest.NewRequest(http.MethodGet, "https://argocd.example.com/auth/login", http.NoBody)
 
 	app.HandleLogin(w, req)
 
@@ -437,7 +437,7 @@ requestedScopes: ["oidc"]`, oidcTestServer.URL),
 
 	state := redirectURL.Query()["state"]
 
-	req = httptest.NewRequest(http.MethodGet, fmt.Sprintf("https://argocd.example.com/auth/callback?state=%s&code=abc", state), nil)
+	req = httptest.NewRequest(http.MethodGet, fmt.Sprintf("https://argocd.example.com/auth/callback?state=%s&code=abc", state), http.NoBody)
 	for _, cookie := range w.Result().Cookies() {
 		req.AddCookie(cookie)
 	}
@@ -469,7 +469,7 @@ requestedScopes: ["oidc"]`, oidcTestServer.URL),
 		app, err := NewClientApp(cdSettings, dexTestServer.URL, nil, "https://argocd.example.com", cache.NewInMemoryCache(24*time.Hour))
 		require.NoError(t, err)
 
-		req := httptest.NewRequest(http.MethodGet, "https://argocd.example.com/auth/callback", nil)
+		req := httptest.NewRequest(http.MethodGet, "https://argocd.example.com/auth/callback", http.NoBody)
 
 		w := httptest.NewRecorder()
 
@@ -508,7 +508,7 @@ requestedScopes: ["oidc"]`, oidcTestServer.URL),
 		app, err := NewClientApp(cdSettings, dexTestServer.URL, nil, "https://argocd.example.com", cache.NewInMemoryCache(24*time.Hour))
 		require.NoError(t, err)
 
-		req := httptest.NewRequest(http.MethodGet, "https://argocd.example.com/auth/callback", nil)
+		req := httptest.NewRequest(http.MethodGet, "https://argocd.example.com/auth/callback", http.NoBody)
 
 		w := httptest.NewRecorder()
 
@@ -636,7 +636,7 @@ requestedScopes: ["oidc"]`, oidcTestServer.URL),
 		app, err := NewClientApp(cdSettings, dexTestServer.URL, nil, "https://argocd.example.com", cache.NewInMemoryCache(24*time.Hour))
 		require.NoError(t, err)
 
-		req := httptest.NewRequest(http.MethodGet, "https://argocd.example.com/auth/callback", nil)
+		req := httptest.NewRequest(http.MethodGet, "https://argocd.example.com/auth/callback", http.NoBody)
 		req.Form = url.Values{
 			"code":  {"abc"},
 			"state": {"123"},
@@ -762,7 +762,7 @@ func TestGenerateAppState(t *testing.T) {
 	require.NoError(t, err)
 
 	t.Run("VerifyAppState_Successful", func(t *testing.T) {
-		req := httptest.NewRequest(http.MethodGet, "/", nil)
+		req := httptest.NewRequest(http.MethodGet, "/", http.NoBody)
 		for _, cookie := range generateResponse.Result().Cookies() {
 			req.AddCookie(cookie)
 		}
@@ -773,7 +773,7 @@ func TestGenerateAppState(t *testing.T) {
 	})
 
 	t.Run("VerifyAppState_Failed", func(t *testing.T) {
-		req := httptest.NewRequest(http.MethodGet, "/", nil)
+		req := httptest.NewRequest(http.MethodGet, "/", http.NoBody)
 		for _, cookie := range generateResponse.Result().Cookies() {
 			req.AddCookie(cookie)
 		}
@@ -806,7 +806,7 @@ func TestGenerateAppState_XSS(t *testing.T) {
 		state, err := app.generateAppState(expectedReturnURL, generateResponse)
 		require.NoError(t, err)
 
-		req := httptest.NewRequest(http.MethodGet, "/", nil)
+		req := httptest.NewRequest(http.MethodGet, "/", http.NoBody)
 		for _, cookie := range generateResponse.Result().Cookies() {
 			req.AddCookie(cookie)
 		}
@@ -822,7 +822,7 @@ func TestGenerateAppState_XSS(t *testing.T) {
 		state, err := app.generateAppState(expectedReturnURL, generateResponse)
 		require.NoError(t, err)
 
-		req := httptest.NewRequest(http.MethodGet, "/", nil)
+		req := httptest.NewRequest(http.MethodGet, "/", http.NoBody)
 		for _, cookie := range generateResponse.Result().Cookies() {
 			req.AddCookie(cookie)
 		}
@@ -840,7 +840,7 @@ func TestGenerateAppState_NoReturnURL(t *testing.T) {
 	key, err := cdSettings.GetServerEncryptionKey()
 	require.NoError(t, err)
 
-	req := httptest.NewRequest(http.MethodGet, "/", nil)
+	req := httptest.NewRequest(http.MethodGet, "/", http.NoBody)
 	encrypted, err := crypto.Encrypt([]byte("123"), key)
 	require.NoError(t, err)
 	app, err := NewClientApp(cdSettings, "", nil, "/argo-cd", cache.NewInMemoryCache(24*time.Hour))
diff --git a/util/proxy/proxy_test.go b/util/proxy/proxy_test.go
index 657b83efe6..d4b824c1b4 100644
--- a/util/proxy/proxy_test.go
+++ b/util/proxy/proxy_test.go
@@ -47,7 +47,7 @@ func TestGetCallBack(t *testing.T) {
 	t.Run("custom proxy absent", func(t *testing.T) {
 		proxyEnv := "http://proxy:8888"
 		t.Setenv("http_proxy", "http://proxy:8888")
-		url, err := GetCallback("", "")(httptest.NewRequest(http.MethodGet, proxyEnv, nil))
+		url, err := GetCallback("", "")(httptest.NewRequest(http.MethodGet, proxyEnv, http.NoBody))
 		require.NoError(t, err)
 		assert.Equal(t, proxyEnv, url.String())
 	})
diff --git a/util/session/sessionmanager_test.go b/util/session/sessionmanager_test.go
index 9c38000753..bfb220fc58 100644
--- a/util/session/sessionmanager_test.go
+++ b/util/session/sessionmanager_test.go
@@ -313,7 +313,7 @@ func TestSessionManager_WithAuthMiddleware(t *testing.T) {
 			}
 			ts := httptest.NewServer(WithAuthMiddleware(tc.authDisabled, tm, mux))
 			defer ts.Close()
-			req, err := http.NewRequest(http.MethodGet, ts.URL, nil)
+			req, err := http.NewRequest(http.MethodGet, ts.URL, http.NoBody)
 			require.NoErrorf(t, err, "error creating request: %s", err)
 			if tc.cookieHeader {
 				req.Header.Add("Cookie", "argocd.token=123456")
diff --git a/util/settings/settings_test.go b/util/settings/settings_test.go
index 2784c59b6a..9b6e3fe232 100644
--- a/util/settings/settings_test.go
+++ b/util/settings/settings_test.go
@@ -1661,7 +1661,7 @@ func TestReplaceStringSecret(t *testing.T) {
 
 func TestRedirectURLForRequest(t *testing.T) {
 	generateRequest := func(url string) *http.Request {
-		r, err := http.NewRequest(http.MethodPost, url, nil)
+		r, err := http.NewRequest(http.MethodPost, url, http.NoBody)
 		require.NoError(t, err)
 		return r
 	}
diff --git a/util/webhook/webhook_test.go b/util/webhook/webhook_test.go
index 0476153225..20a37efec6 100644
--- a/util/webhook/webhook_test.go
+++ b/util/webhook/webhook_test.go
@@ -121,7 +121,7 @@ func newMockHandler(reactor *reactorDef, applicationNamespaces []string, maxPayl
 func TestGitHubCommitEvent(t *testing.T) {
 	hook := test.NewGlobal()
 	h := NewMockHandler(nil, []string{})
-	req := httptest.NewRequest(http.MethodPost, "/api/webhook", nil)
+	req := httptest.NewRequest(http.MethodPost, "/api/webhook", http.NoBody)
 	req.Header.Set("X-GitHub-Event", "push")
 	eventJSON, err := os.ReadFile("testdata/github-commit-event.json")
 	require.NoError(t, err)
@@ -139,7 +139,7 @@ func TestGitHubCommitEvent(t *testing.T) {
 func TestAzureDevOpsCommitEvent(t *testing.T) {
 	hook := test.NewGlobal()
 	h := NewMockHandler(nil, []string{})
-	req := httptest.NewRequest(http.MethodPost, "/api/webhook", nil)
+	req := httptest.NewRequest(http.MethodPost, "/api/webhook", http.NoBody)
 	req.Header.Set("X-Vss-Activityid", "abc")
 	eventJSON, err := os.ReadFile("testdata/azuredevops-git-push-event.json")
 	require.NoError(t, err)
@@ -196,7 +196,7 @@ func TestGitHubCommitEvent_MultiSource_Refresh(t *testing.T) {
 		},
 	},
 	)
-	req := httptest.NewRequest(http.MethodPost, "/api/webhook", nil)
+	req := httptest.NewRequest(http.MethodPost, "/api/webhook", http.NoBody)
 	req.Header.Set("X-GitHub-Event", "push")
 	eventJSON, err := os.ReadFile("testdata/github-commit-event.json")
 	require.NoError(t, err)
@@ -279,7 +279,7 @@ func TestGitHubCommitEvent_AppsInOtherNamespaces(t *testing.T) {
 			},
 		},
 	)
-	req := httptest.NewRequest(http.MethodPost, "/api/webhook", nil)
+	req := httptest.NewRequest(http.MethodPost, "/api/webhook", http.NoBody)
 	req.Header.Set("X-GitHub-Event", "push")
 	eventJSON, err := os.ReadFile("testdata/github-commit-event.json")
 	require.NoError(t, err)
@@ -353,7 +353,7 @@ func TestGitHubCommitEvent_Hydrate(t *testing.T) {
 		},
 	},
 	)
-	req := httptest.NewRequest(http.MethodPost, "/api/webhook", nil)
+	req := httptest.NewRequest(http.MethodPost, "/api/webhook", http.NoBody)
 	req.Header.Set("X-GitHub-Event", "push")
 	eventJSON, err := os.ReadFile("testdata/github-commit-event.json")
 	require.NoError(t, err)
@@ -379,7 +379,7 @@ func TestGitHubCommitEvent_Hydrate(t *testing.T) {
 func TestGitHubTagEvent(t *testing.T) {
 	hook := test.NewGlobal()
 	h := NewMockHandler(nil, []string{})
-	req := httptest.NewRequest(http.MethodPost, "/api/webhook", nil)
+	req := httptest.NewRequest(http.MethodPost, "/api/webhook", http.NoBody)
 	req.Header.Set("X-GitHub-Event", "push")
 	eventJSON, err := os.ReadFile("testdata/github-tag-event.json")
 	require.NoError(t, err)
@@ -397,7 +397,7 @@ func TestGitHubTagEvent(t *testing.T) {
 func TestGitHubPingEvent(t *testing.T) {
 	hook := test.NewGlobal()
 	h := NewMockHandler(nil, []string{})
-	req := httptest.NewRequest(http.MethodPost, "/api/webhook", nil)
+	req := httptest.NewRequest(http.MethodPost, "/api/webhook", http.NoBody)
 	req.Header.Set("X-GitHub-Event", "ping")
 	eventJSON, err := os.ReadFile("testdata/github-ping-event.json")
 	require.NoError(t, err)
@@ -415,7 +415,7 @@ func TestGitHubPingEvent(t *testing.T) {
 func TestBitbucketServerRepositoryReferenceChangedEvent(t *testing.T) {
 	hook := test.NewGlobal()
 	h := NewMockHandler(nil, []string{})
-	req := httptest.NewRequest(http.MethodPost, "/api/webhook", nil)
+	req := httptest.NewRequest(http.MethodPost, "/api/webhook", http.NoBody)
 	req.Header.Set("X-Event-Key", "repo:refs_changed")
 	eventJSON, err := os.ReadFile("testdata/bitbucket-server-event.json")
 	require.NoError(t, err)
@@ -451,7 +451,7 @@ func TestBitbucketServerRepositoryDiagnosticPingEvent(t *testing.T) {
 func TestGogsPushEvent(t *testing.T) {
 	hook := test.NewGlobal()
 	h := NewMockHandler(nil, []string{})
-	req := httptest.NewRequest(http.MethodPost, "/api/webhook", nil)
+	req := httptest.NewRequest(http.MethodPost, "/api/webhook", http.NoBody)
 	req.Header.Set("X-Gogs-Event", "push")
 	eventJSON, err := os.ReadFile("testdata/gogs-event.json")
 	require.NoError(t, err)
@@ -469,7 +469,7 @@ func TestGogsPushEvent(t *testing.T) {
 func TestGitLabPushEvent(t *testing.T) {
 	hook := test.NewGlobal()
 	h := NewMockHandler(nil, []string{})
-	req := httptest.NewRequest(http.MethodPost, "/api/webhook", nil)
+	req := httptest.NewRequest(http.MethodPost, "/api/webhook", http.NoBody)
 	req.Header.Set("X-Gitlab-Event", "Push Hook")
 	eventJSON, err := os.ReadFile("testdata/gitlab-event.json")
 	require.NoError(t, err)
@@ -487,7 +487,7 @@ func TestGitLabPushEvent(t *testing.T) {
 func TestGitLabSystemEvent(t *testing.T) {
 	hook := test.NewGlobal()
 	h := NewMockHandler(nil, []string{})
-	req := httptest.NewRequest(http.MethodPost, "/api/webhook", nil)
+	req := httptest.NewRequest(http.MethodPost, "/api/webhook", http.NoBody)
 	req.Header.Set("X-Gitlab-Event", "System Hook")
 	eventJSON, err := os.ReadFile("testdata/gitlab-event.json")
 	require.NoError(t, err)
@@ -505,7 +505,7 @@ func TestGitLabSystemEvent(t *testing.T) {
 func TestInvalidMethod(t *testing.T) {
 	hook := test.NewGlobal()
 	h := NewMockHandler(nil, []string{})
-	req := httptest.NewRequest(http.MethodGet, "/api/webhook", nil)
+	req := httptest.NewRequest(http.MethodGet, "/api/webhook", http.NoBody)
 	req.Header.Set("X-GitHub-Event", "push")
 	w := httptest.NewRecorder()
 	h.Handler(w, req)
@@ -521,7 +521,7 @@ func TestInvalidMethod(t *testing.T) {
 func TestInvalidEvent(t *testing.T) {
 	hook := test.NewGlobal()
 	h := NewMockHandler(nil, []string{})
-	req := httptest.NewRequest(http.MethodPost, "/api/webhook", nil)
+	req := httptest.NewRequest(http.MethodPost, "/api/webhook", http.NoBody)
 	req.Header.Set("X-GitHub-Event", "push")
 	w := httptest.NewRecorder()
 	h.Handler(w, req)
@@ -537,7 +537,7 @@ func TestInvalidEvent(t *testing.T) {
 func TestUnknownEvent(t *testing.T) {
 	hook := test.NewGlobal()
 	h := NewMockHandler(nil, []string{})
-	req := httptest.NewRequest(http.MethodPost, "/api/webhook", nil)
+	req := httptest.NewRequest(http.MethodPost, "/api/webhook", http.NoBody)
 	req.Header.Set("X-Unknown-Event", "push")
 	w := httptest.NewRecorder()
 	h.Handler(w, req)
@@ -815,7 +815,7 @@ func TestGitHubCommitEventMaxPayloadSize(t *testing.T) {
 	hook := test.NewGlobal()
 	maxPayloadSize := int64(100)
 	h := NewMockHandlerWithPayloadLimit(nil, []string{}, maxPayloadSize)
-	req := httptest.NewRequest(http.MethodPost, "/api/webhook", nil)
+	req := httptest.NewRequest(http.MethodPost, "/api/webhook", http.NoBody)
 	req.Header.Set("X-GitHub-Event", "push")
 	eventJSON, err := os.ReadFile("testdata/github-commit-event.json")
 	require.NoError(t, err)