diff --git a/.circleci/config.yml b/.circleci/config.yml
index f99546f7f90..6b129479b87 100644
--- a/.circleci/config.yml
+++ b/.circleci/config.yml
@@ -163,7 +163,7 @@ jobs:
   # and to make more clear when the job fails
   check-golangci-lint:
     docker:
-      - image: golangci/golangci-lint:v1.33.2
+      - image: golangci/golangci-lint:v1.38.0
     steps:
       - checkout
       - run:
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 06353eff000..540f1284c03 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -22,7 +22,7 @@ empty:
     - echo "empty"
 
 #lint:
-#  image: $CI_REGISTRY/mattermost/ci/images/golangci-lint:v1.33.2-1
+#  image: $CI_REGISTRY/mattermost/ci/images/golangci-lint:v1.38.0
 #  stage: .pre
 #  script:
 #    - GO111MODULE=off GOBIN=$PWD/bin go get -u github.com/mattermost/mattermost-govet
diff --git a/.golangci.yml b/.golangci.yml
index 5de536c0a13..16d1c896b1a 100644
--- a/.golangci.yml
+++ b/.golangci.yml
@@ -10,6 +10,8 @@ linters-settings:
   govet:
     check-shadowing: true
     enable-all: true
+    disable:
+      - fieldalignment
 
 linters:
   disable-all: true
@@ -20,7 +22,7 @@ linters:
     - gosimple
     - govet
     - ineffassign
-    - scopelint
+    - exportloopref
     - structcheck
     - staticcheck
     - unconvert
@@ -39,11 +41,6 @@ issues:
       - unused
       text: "SetupEnterprise"
 
-    - linters:
-      - scopelint
-      # ignore warnings from table tests. https://github.com/kyoh86/scopelint/issues/4
-      path: ".*_test.go|store/storetest"
-
     - linters:
       - staticcheck
       path: ".*_test.go|store/storetest"
diff --git a/api4/bot_test.go b/api4/bot_test.go
index d322e351b2d..9849ee9be17 100644
--- a/api4/bot_test.go
+++ b/api4/bot_test.go
@@ -1439,6 +1439,7 @@ func TestConvertBotToUser(t *testing.T) {
 
 		user, resp := client.ConvertBotToUser(bot.UserId, &model.UserPatch{}, false)
 		CheckBadRequestStatus(t, resp)
+		require.Nil(t, user)
 
 		user, resp = client.ConvertBotToUser(bot.UserId, &model.UserPatch{Password: model.NewString("password")}, false)
 		CheckNoError(t, resp)
diff --git a/api4/config_test.go b/api4/config_test.go
index 6c21cd0f052..31f2a1d3795 100644
--- a/api4/config_test.go
+++ b/api4/config_test.go
@@ -101,7 +101,7 @@ func TestGetConfigAnyFlagsAccess(t *testing.T) {
 	defer th.TearDown()
 
 	th.Client.Login(th.BasicUser.Username, th.BasicUser.Password)
-	cfg, resp := th.Client.GetConfig()
+	_, resp := th.Client.GetConfig()
 
 	t.Run("Check permissions error with no sysconsole read permission", func(t *testing.T) {
 		CheckForbiddenStatus(t, resp)
@@ -111,7 +111,7 @@ func TestGetConfigAnyFlagsAccess(t *testing.T) {
 	th.AddPermissionToRole(model.PERMISSION_SYSCONSOLE_READ_ENVIRONMENT_RATE_LIMITING.Id, model.SYSTEM_USER_ROLE_ID)
 	defer th.RemovePermissionFromRole(model.PERMISSION_SYSCONSOLE_READ_ENVIRONMENT_RATE_LIMITING.Id, model.SYSTEM_USER_ROLE_ID)
 
-	cfg, resp = th.Client.GetConfig()
+	cfg, resp := th.Client.GetConfig()
 	CheckNoError(t, resp)
 	t.Run("Can read value with permission", func(t *testing.T) {
 		assert.NotNil(t, cfg.FeatureFlags)
diff --git a/api4/post_test.go b/api4/post_test.go
index 3d2769f293e..57df5bc417b 100644
--- a/api4/post_test.go
+++ b/api4/post_test.go
@@ -1726,6 +1726,7 @@ func TestGetPostsForChannelAroundLastUnread(t *testing.T) {
 	require.NotNil(t, resp.Error)
 	require.Equal(t, "api.context.invalid_url_param.app_error", resp.Error.Id)
 	require.Equal(t, http.StatusBadRequest, resp.StatusCode)
+	require.Nil(t, posts)
 
 	// All returned posts are all read by the user, since it's created by the user itself.
 	posts, resp = Client.GetPostsAroundLastUnread(userId, channelId, 20, 20, false)
diff --git a/api4/terms_of_service_test.go b/api4/terms_of_service_test.go
index 8b27dcb94e2..fdca2c8e7be 100644
--- a/api4/terms_of_service_test.go
+++ b/api4/terms_of_service_test.go
@@ -45,6 +45,7 @@ func TestCreateTermsOfServiceAdminUser(t *testing.T) {
 
 	termsOfService, resp := Client.CreateTermsOfService("terms of service new", th.SystemAdminUser.Id)
 	CheckErrorMessage(t, resp, "api.create_terms_of_service.custom_terms_of_service_disabled.app_error")
+	assert.Nil(t, termsOfService)
 
 	th.App.Srv().SetLicense(model.NewTestLicense("EnableCustomTermsOfService"))
 
diff --git a/app/file_test.go b/app/file_test.go
index 3fc5f5d89f7..4938ac5354f 100644
--- a/app/file_test.go
+++ b/app/file_test.go
@@ -105,6 +105,7 @@ func TestUploadFile(t *testing.T) {
 
 	info1, err = th.App.UploadFile(data, "", filename)
 	require.Nil(t, err, "empty channel IDs should be valid")
+	require.NotNil(t, info1)
 
 	info1, err = th.App.UploadFile(data, channelID, filename)
 	require.Nil(t, err, "UploadFile should succeed with valid data")
diff --git a/app/group_test.go b/app/group_test.go
index 8e55166d7fa..8e4478939d7 100644
--- a/app/group_test.go
+++ b/app/group_test.go
@@ -171,6 +171,7 @@ func TestUpsertGroupSyncableTeamGroupConstrained(t *testing.T) {
 	team, err := th.App.UpdateTeam(team)
 	require.Nil(t, err)
 	_, err = th.App.UpsertGroupSyncable(model.NewGroupTeam(group1.Id, team.Id, false))
+	require.Nil(t, err)
 
 	channel := th.CreateChannel(team)
 
diff --git a/app/import_functions_test.go b/app/import_functions_test.go
index 85681e36888..3d988ff608d 100644
--- a/app/import_functions_test.go
+++ b/app/import_functions_test.go
@@ -3936,6 +3936,7 @@ func TestImportPostAndRepliesWithAttachments(t *testing.T) {
 	}, false)
 	user3, appErr := th.App.GetUserByUsername(username)
 	require.Nil(t, appErr, "Failed to get user3 from database.")
+	require.NotNil(t, user3)
 
 	username2 := model.NewId()
 	th.App.importUser(&UserImportData{
diff --git a/app/post.go b/app/post.go
index 4136e24bfa6..600319ea539 100644
--- a/app/post.go
+++ b/app/post.go
@@ -585,8 +585,7 @@ func (a *App) UpdatePost(post *model.Post, safeUpdate bool) (*model.Post, *model
 		return nil, model.NewAppError("UpdatePost", "api.post.update_post.can_not_update_post_in_deleted.error", nil, "", http.StatusBadRequest)
 	}
 
-	newPost := &model.Post{}
-	newPost = oldPost.Clone()
+	newPost := oldPost.Clone()
 
 	if newPost.Message != post.Message {
 		newPost.Message = post.Message
diff --git a/app/post_test.go b/app/post_test.go
index 1e01825dcd5..ae08441f92e 100644
--- a/app/post_test.go
+++ b/app/post_test.go
@@ -260,8 +260,7 @@ func TestUpdatePostEditAt(t *testing.T) {
 	th := Setup(t).InitBasic()
 	defer th.TearDown()
 
-	post := &model.Post{}
-	post = th.BasicPost.Clone()
+	post := th.BasicPost.Clone()
 
 	post.IsPinned = true
 	saved, err := th.App.UpdatePost(post, true)
@@ -283,8 +282,7 @@ func TestUpdatePostTimeLimit(t *testing.T) {
 	th := Setup(t).InitBasic()
 	defer th.TearDown()
 
-	post := &model.Post{}
-	post = th.BasicPost.Clone()
+	post := th.BasicPost.Clone()
 
 	th.App.Srv().SetLicense(model.NewTestLicense())
 
diff --git a/app/slashcommands/command_test.go b/app/slashcommands/command_test.go
index 3ed6ac79ed8..b6080efe889 100644
--- a/app/slashcommands/command_test.go
+++ b/app/slashcommands/command_test.go
@@ -173,6 +173,7 @@ func TestHandleCommandResponsePost(t *testing.T) {
 	// Command is not built in, so it is a bot command.
 	builtIn = false
 	post, err = th.App.HandleCommandResponsePost(command, args, resp, builtIn)
+	assert.Nil(t, err)
 	assert.Equal(t, "true", post.GetProp("from_webhook"))
 
 	builtIn = true
diff --git a/model/integration_action_test.go b/model/integration_action_test.go
index 1e4a32d047e..21f08b3de3f 100644
--- a/model/integration_action_test.go
+++ b/model/integration_action_test.go
@@ -76,6 +76,7 @@ func TestTriggerIdDecodeAndVerification(t *testing.T) {
 
 	t.Run("should fail on bad key", func(t *testing.T) {
 		_, triggerId, err := GenerateTriggerId(NewId(), key)
+		require.Nil(t, err)
 		newKey, keyErr := ecdsa.GenerateKey(elliptic.P256(), rand.Reader)
 		require.NoError(t, keyErr)
 		_, _, err = DecodeAndVerifyTriggerId(triggerId, newKey)
diff --git a/model/post_test.go b/model/post_test.go
index 9eff8115ec4..12f049b2887 100644
--- a/model/post_test.go
+++ b/model/post_test.go
@@ -838,7 +838,8 @@ func TestPostPatchDisableMentionHighlights(t *testing.T) {
 	}
 	for _, tc := range testCases {
 		t.Run(tc.Name, func(t *testing.T) {
-			patch.Message = &tc.Message
+			message := tc.Message
+			patch.Message = &message
 			patch.DisableMentionHighlights()
 			if tc.ExpectedProps == nil {
 				assert.Nil(t, patch.Props)
diff --git a/store/storetest/channel_store.go b/store/storetest/channel_store.go
index e97fe9fdb10..cd6657eea4e 100644
--- a/store/storetest/channel_store.go
+++ b/store/storetest/channel_store.go
@@ -376,7 +376,6 @@ func testChannelStoreGet(t *testing.T, ss store.Store, s SqlStore) {
 	_, nErr := ss.Channel().Save(&o1, -1)
 	require.NoError(t, nErr)
 
-	c1 := &model.Channel{}
 	c1, err := ss.Channel().Get(o1.Id, false)
 	require.NoError(t, err, err)
 	require.Equal(t, o1.ToJson(), c1.ToJson(), "invalid returned channel")
diff --git a/store/storetest/compliance_store.go b/store/storetest/compliance_store.go
index 0a397ed8e8f..6ee57b26e7d 100644
--- a/store/storetest/compliance_store.go
+++ b/store/storetest/compliance_store.go
@@ -830,8 +830,7 @@ func testEditExportMessage(t *testing.T, ss store.Store) {
 	require.NoError(t, err)
 
 	//user 1 edits the previous post
-	post1e := &model.Post{}
-	post1e = post1.Clone()
+	post1e := post1.Clone()
 	post1e.Message = "edit " + post1.Message
 
 	post1e, err = ss.Post().Update(post1e, post1)
@@ -942,8 +941,7 @@ func testEditAfterExportMessage(t *testing.T, ss store.Store) {
 
 	postEditTime := post1.UpdateAt + 1
 	//user 1 edits the previous post
-	post1e := &model.Post{}
-	post1e = post1.Clone()
+	post1e := post1.Clone()
 	post1e.EditAt = postEditTime
 	post1e.Message = "edit " + post1.Message
 	post1e, err = ss.Post().Update(post1e, post1)
diff --git a/store/storetest/team_store.go b/store/storetest/team_store.go
index 2971c4d87ee..23a245e91d8 100644
--- a/store/storetest/team_store.go
+++ b/store/storetest/team_store.go
@@ -1358,6 +1358,7 @@ func testTeamSaveMember(t *testing.T, ss store.Store) {
 
 		m1 := &model.TeamMember{TeamId: teamID, UserId: u1.Id}
 		_, nErr := ss.Team().SaveMember(m1, 1)
+		require.NoError(t, nErr)
 		m2 := &model.TeamMember{TeamId: teamID, UserId: u2.Id}
 		_, nErr = ss.Team().SaveMember(m2, 1)
 		require.Error(t, nErr)
diff --git a/vendor/modules.txt b/vendor/modules.txt
index a0f0e9d254b..21296c64a5d 100644
--- a/vendor/modules.txt
+++ b/vendor/modules.txt
@@ -197,6 +197,8 @@ github.com/francoispqt/gojay
 # github.com/fsnotify/fsnotify v1.4.9
 ## explicit
 github.com/fsnotify/fsnotify
+# github.com/getkin/kin-openapi v0.49.0
+## explicit
 # github.com/getsentry/sentry-go v0.10.0
 ## explicit
 github.com/getsentry/sentry-go
@@ -399,6 +401,8 @@ github.com/mattermost/ldap
 github.com/mattermost/logr
 github.com/mattermost/logr/format
 github.com/mattermost/logr/target
+# github.com/mattermost/mattermost-govet v0.0.0-20210226164958-a9556728767b
+## explicit
 # github.com/mattermost/rsc v0.0.0-20160330161541-bbaefb05eaa0
 ## explicit
 github.com/mattermost/rsc/gf256
diff --git a/web/handlers.go b/web/handlers.go
index 8324bbfd487..0489f6e601b 100644
--- a/web/handlers.go
+++ b/web/handlers.go
@@ -140,8 +140,7 @@ func (h Handler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 		}()
 		c.App.SetContext(ctx)
 
-		tmpSrv := app.Server{}
-		tmpSrv = *c.App.Srv()
+		tmpSrv := *c.App.Srv()
 		tmpSrv.Store = opentracinglayer.New(c.App.Srv().Store, ctx)
 		c.App.SetServer(&tmpSrv)
 		c.App = app_opentracing.NewOpenTracingAppLayer(c.App, ctx)