diff --git a/builtin/credential/aws/client.go b/builtin/credential/aws/client.go
index d5e2efa5d2..bed15bb6a4 100644
--- a/builtin/credential/aws/client.go
+++ b/builtin/credential/aws/client.go
@@ -219,7 +219,6 @@ func (b *backend) clientEC2(ctx context.Context, s logical.Storage, region, acco
 	// Create an AWS config object using a chain of providers
 	var awsConfig *aws.Config
 	awsConfig, err = b.getClientConfig(ctx, s, region, stsRole, accountID, "ec2")
-
 	if err != nil {
 		return nil, err
 	}
@@ -279,7 +278,6 @@ func (b *backend) clientIAM(ctx context.Context, s logical.Storage, region, acco
 	// Create an AWS config object using a chain of providers
 	var awsConfig *aws.Config
 	awsConfig, err = b.getClientConfig(ctx, s, region, stsRole, accountID, "iam")
-
 	if err != nil {
 		return nil, err
 	}
diff --git a/builtin/credential/aws/path_config_client_test.go b/builtin/credential/aws/path_config_client_test.go
index 9dae9fc3a4..ed9b98ec5d 100644
--- a/builtin/credential/aws/path_config_client_test.go
+++ b/builtin/credential/aws/path_config_client_test.go
@@ -98,7 +98,6 @@ func TestBackend_pathConfigClient(t *testing.T) {
 		Data:      data,
 		Storage:   storage,
 	})
-
 	if err != nil {
 		t.Fatal(err)
 	}
diff --git a/builtin/credential/aws/path_role_test.go b/builtin/credential/aws/path_role_test.go
index 80270f4624..3d3fbc3c6f 100644
--- a/builtin/credential/aws/path_role_test.go
+++ b/builtin/credential/aws/path_role_test.go
@@ -304,7 +304,6 @@ func TestBackend_pathIam(t *testing.T) {
 		Data:      data,
 		Storage:   storage,
 	})
-
 	if err != nil {
 		t.Fatal(err)
 	}
diff --git a/builtin/logical/aws/backend_test.go b/builtin/logical/aws/backend_test.go
index 6aaca8848f..b5376f6468 100644
--- a/builtin/logical/aws/backend_test.go
+++ b/builtin/logical/aws/backend_test.go
@@ -297,7 +297,6 @@ func createRole(t *testing.T, roleName, awsAccountID string, policyARNs []string
 			RoleName:  aws.String(roleName), // Required
 		}
 		_, err = svc.AttachRolePolicy(attachment)
-
 		if err != nil {
 			t.Fatalf("AWS AttachRolePolicy failed: %v", err)
 		}
@@ -465,7 +464,6 @@ func deleteTestRole(roleName string) error {
 
 	log.Printf("[INFO] AWS DeleteRole: %s", roleName)
 	_, err = svc.DeleteRole(params)
-
 	if err != nil {
 		log.Printf("[WARN] AWS DeleteRole failed: %v", err)
 		return err
diff --git a/builtin/logical/aws/secret_access_keys.go b/builtin/logical/aws/secret_access_keys.go
index ed856bbd2f..60fe8015f4 100644
--- a/builtin/logical/aws/secret_access_keys.go
+++ b/builtin/logical/aws/secret_access_keys.go
@@ -453,7 +453,6 @@ func (b *backend) secretAccessKeysCreate(
 			Tags:     tags,
 			UserName: &username,
 		})
-
 		if err != nil {
 			return logical.ErrorResponse("Error adding tags to user: %s", err), awsutil.CheckAWSError(err)
 		}
diff --git a/builtin/plugin/v5/backend.go b/builtin/plugin/v5/backend.go
index e9ed038abe..38433dff71 100644
--- a/builtin/plugin/v5/backend.go
+++ b/builtin/plugin/v5/backend.go
@@ -80,7 +80,6 @@ func (b *backend) reloadBackend(ctx context.Context, storage logical.Storage) er
 	err = b.Backend.Initialize(ctx, &logical.InitializationRequest{
 		Storage: storage,
 	})
-
 	if err != nil {
 		return err
 	}
diff --git a/command/agentproxyshared/auth/oci/oci.go b/command/agentproxyshared/auth/oci/oci.go
index c31cafbb9a..4029406536 100644
--- a/command/agentproxyshared/auth/oci/oci.go
+++ b/command/agentproxyshared/auth/oci/oci.go
@@ -165,7 +165,6 @@ func (a *ociMethod) Authenticate(context.Context, *api.Client) (string, http.Hea
 	signer := common.DefaultRequestSigner(a.configurationProvider)
 
 	err = signer.Sign(request)
-
 	if err != nil {
 		return "", nil, nil, fmt.Errorf("error signing authentication request: %w", err)
 	}
diff --git a/command/kv_metadata_put_test.go b/command/kv_metadata_put_test.go
index edd0b6bf2e..50f815ac48 100644
--- a/command/kv_metadata_put_test.go
+++ b/command/kv_metadata_put_test.go
@@ -145,7 +145,6 @@ func TestKvMetadataPutCommand_CustomMetadata(t *testing.T) {
 	}
 
 	metadata, err = client.Logical().Read(metaFullPath)
-
 	if err != nil {
 		t.Fatalf("Metadata read error: %#v", err)
 	}
diff --git a/helper/pgpkeys/encrypt_decrypt.go b/helper/pgpkeys/encrypt_decrypt.go
index 861ebf619a..44738caa0e 100644
--- a/helper/pgpkeys/encrypt_decrypt.go
+++ b/helper/pgpkeys/encrypt_decrypt.go
@@ -56,7 +56,6 @@ func GetFingerprints(pgpKeys []string, entities []*openpgp.Entity) ([]string, er
 	if entities == nil {
 		var err error
 		entities, err = GetEntities(pgpKeys)
-
 		if err != nil {
 			return nil, err
 		}
diff --git a/physical/dynamodb/dynamodb.go b/physical/dynamodb/dynamodb.go
index d2387c0817..d89594885b 100644
--- a/physical/dynamodb/dynamodb.go
+++ b/physical/dynamodb/dynamodb.go
@@ -529,7 +529,6 @@ func (d *DynamoDBBackend) batchWriteRequests(requests []*dynamodb.WriteRequest)
 			output, err = d.client.BatchWriteItem(&dynamodb.BatchWriteItemInput{
 				RequestItems: batch,
 			})
-
 			if err != nil {
 				break
 			}
diff --git a/physical/foundationdb/foundationdb.go b/physical/foundationdb/foundationdb.go
index 0f18650c1d..b62e89da40 100644
--- a/physical/foundationdb/foundationdb.go
+++ b/physical/foundationdb/foundationdb.go
@@ -451,7 +451,6 @@ func (f *FDBBackend) Put(ctx context.Context, entry *physical.Entry) error {
 
 		return nil, nil
 	})
-
 	if err != nil {
 		return fmt.Errorf("put failed for item %s: %w", entry.Key, err)
 	}
@@ -509,7 +508,6 @@ func (f *FDBBackend) Delete(ctx context.Context, key string) error {
 
 		return nil, nil
 	})
-
 	if err != nil {
 		return fmt.Errorf("delete failed for item %s: %w", key, err)
 	}
diff --git a/physical/raft/raft_test.go b/physical/raft/raft_test.go
index e7532b992a..e8166ad164 100644
--- a/physical/raft/raft_test.go
+++ b/physical/raft/raft_test.go
@@ -143,7 +143,6 @@ func compareDBs(t *testing.T, boltDB1, boltDB2 *bolt.DB, dataOnly bool) error {
 
 		return nil
 	})
-
 	if err != nil {
 		t.Fatal(err)
 	}
diff --git a/physical/zookeeper/zookeeper_test.go b/physical/zookeeper/zookeeper_test.go
index 019044c330..7c9fe70180 100644
--- a/physical/zookeeper/zookeeper_test.go
+++ b/physical/zookeeper/zookeeper_test.go
@@ -29,7 +29,6 @@ func TestZooKeeperBackend(t *testing.T) {
 	randPath := fmt.Sprintf("/vault-%d", time.Now().Unix())
 	acl := zk.WorldACL(zk.PermAll)
 	_, err = client.Create(randPath, []byte("hi"), int32(0), acl)
-
 	if err != nil {
 		t.Fatalf("err: %v", err)
 	}
@@ -73,7 +72,6 @@ func TestZooKeeperHABackend(t *testing.T) {
 	randPath := fmt.Sprintf("/vault-ha-%d", time.Now().Unix())
 	acl := zk.WorldACL(zk.PermAll)
 	_, err = client.Create(randPath, []byte("hi"), int32(0), acl)
-
 	if err != nil {
 		t.Fatalf("err: %v", err)
 	}
diff --git a/sdk/helper/certutil/helpers.go b/sdk/helper/certutil/helpers.go
index 9d7ac540b5..b065e8f092 100644
--- a/sdk/helper/certutil/helpers.go
+++ b/sdk/helper/certutil/helpers.go
@@ -1284,7 +1284,6 @@ func signCertificate(data *CreationBundle, randReader io.Reader) (*ParsedCertBun
 	}
 
 	certBytes, err = x509.CreateCertificate(randReader, certTemplate, caCert, data.CSR.PublicKey, data.SigningBundle.PrivateKey)
-
 	if err != nil {
 		return nil, errutil.InternalError{Err: fmt.Sprintf("unable to create certificate: %s", err)}
 	}
diff --git a/sdk/helper/docker/testhelpers.go b/sdk/helper/docker/testhelpers.go
index f98cd9b6be..40f269665d 100644
--- a/sdk/helper/docker/testhelpers.go
+++ b/sdk/helper/docker/testhelpers.go
@@ -291,7 +291,6 @@ func (d *Runner) StartNewService(ctx context.Context, addSuffix, forceLocalAddr
 		config = c
 		return nil
 	}, bo)
-
 	if err != nil {
 		if !d.RunOptions.DoNotAutoRemove {
 			cleanup()
diff --git a/vault/activity_log.go b/vault/activity_log.go
index ceadca1079..1914e833b5 100644
--- a/vault/activity_log.go
+++ b/vault/activity_log.go
@@ -1387,7 +1387,6 @@ func (a *ActivityLog) HandleEndOfMonth(ctx context.Context, currentTime time.Tim
 	// empty when it returns, but dropping some measurements is acceptable.
 	// We use force=true here in case an entry didn't appear this month
 	err = a.saveCurrentSegmentToStorageLocked(ctx, true)
-
 	// Don't return this error, just log it, we are done with that segment anyway.
 	if err != nil {
 		a.logger.Warn("last save of segment failed", "error", err)
diff --git a/vault/external_tests/kv/kv_patch_test.go b/vault/external_tests/kv/kv_patch_test.go
index 11703e829b..1b4802821e 100644
--- a/vault/external_tests/kv/kv_patch_test.go
+++ b/vault/external_tests/kv/kv_patch_test.go
@@ -149,7 +149,6 @@ func TestKV_Patch_Audit(t *testing.T) {
 	resp, err = kvRequestWithRetry(t, func() (interface{}, error) {
 		return c.Logical().JSONMergePatch(context.Background(), "kv/data/foo", patchData)
 	})
-
 	if err != nil {
 		t.Fatalf("patch request failed, err: %#v, resp: %#v\n", err, resp)
 	}
@@ -210,7 +209,6 @@ func TestKV_Patch_RootToken(t *testing.T) {
 
 		return client.Logical().Write("kv/data/foo", data)
 	})
-
 	if err != nil {
 		t.Fatal(err)
 	}
@@ -224,7 +222,6 @@ func TestKV_Patch_RootToken(t *testing.T) {
 		}
 		return client.Logical().JSONMergePatch(context.Background(), "kv/data/foo", data)
 	})
-
 	if err != nil {
 		t.Fatal(err)
 	}
diff --git a/vault/identity_store_aliases_test.go b/vault/identity_store_aliases_test.go
index c861d05e67..bf54c2db4a 100644
--- a/vault/identity_store_aliases_test.go
+++ b/vault/identity_store_aliases_test.go
@@ -642,7 +642,6 @@ func TestIdentityStore_AliasMove_DuplicateAccessor(t *testing.T) {
 	aliasReq.Data = updateData
 	aliasReq.Path = "entity-alias/id/" + alias2ID
 	resp, err = is.HandleRequest(ctx, aliasReq)
-
 	if err != nil {
 		t.Fatal(err)
 	}
@@ -715,7 +714,6 @@ func TestIdentityStore_AliasUpdate_DuplicateAccessor(t *testing.T) {
 	aliasReq.Data = updateData
 	aliasReq.Path = "entity-alias/id/" + alias2ID
 	resp, err = is.HandleRequest(ctx, aliasReq)
-
 	if err != nil {
 		t.Fatal(err)
 	}
@@ -769,7 +767,6 @@ func TestIdentityStore_AliasCreate_DuplicateAccessor(t *testing.T) {
 
 	// This will try to create a new alias with the same accessor and entity
 	resp, err = is.HandleRequest(ctx, aliasReq)
-
 	if err != nil {
 		t.Fatal(err)
 	}
diff --git a/vault/request_handling.go b/vault/request_handling.go
index 610a778c00..a58210e4f8 100644
--- a/vault/request_handling.go
+++ b/vault/request_handling.go
@@ -702,7 +702,6 @@ func (c *Core) handleCancelableRequest(ctx context.Context, req *logical.Request
 			requestBodyToken = token.(string)
 			if IsSSCToken(token.(string)) {
 				token, err = c.CheckSSCToken(ctx, token.(string), c.isLoginRequest(ctx, req), c.perfStandby)
-
 				// If we receive an error from CheckSSCToken, we can assume the token is bad somehow, and the client
 				// should receive a 403 bad token error like they do for all other invalid tokens, unless the error
 				// specifies that we should forward the request or retry the request.
diff --git a/vault/version_store.go b/vault/version_store.go
index 8aa0a0a3b7..8c50f50647 100644
--- a/vault/version_store.go
+++ b/vault/version_store.go
@@ -45,7 +45,6 @@ func (c *Core) storeVersionEntry(ctx context.Context, vaultVersion *VaultVersion
 	if force {
 		// avoid storage lookup and write immediately
 		err = c.barrier.Put(ctx, newEntry)
-
 		if err != nil {
 			return false, err
 		}
@@ -63,7 +62,6 @@ func (c *Core) storeVersionEntry(ctx context.Context, vaultVersion *VaultVersion
 	}
 
 	err = c.barrier.Put(ctx, newEntry)
-
 	if err != nil {
 		return false, err
 	}