diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 926861f..1ad1218 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -15,10 +15,10 @@ jobs:
     - name: Set up Go
       uses: actions/setup-go@v4
       with:
-        go-version: '1.25'
+        go-version: '1.23'
 
     - name: Cache Go modules
-      uses: actions/cache@v3
+      uses: actions/cache@v4
       with:
         path: ~/go/pkg/mod
         key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
@@ -32,7 +32,7 @@ jobs:
       run: go test -v -race -coverprofile=coverage.out ./...
 
     - name: Upload coverage to Codecov
-      uses: codecov/codecov-action@v3
+      uses: codecov/codecov-action@v4
       with:
         file: ./coverage.out
         flags: unittests
@@ -42,7 +42,7 @@ jobs:
       run: go vet ./...
 
     - name: Run golangci-lint
-      uses: golangci/golangci-lint-action@v3
+      uses: golangci/golangci-lint-action@v6
       with:
         version: latest
         args: --timeout=5m
diff --git a/.github/workflows/integration.yml b/.github/workflows/integration.yml
index 9b5f6a8..ddeb18c 100644
--- a/.github/workflows/integration.yml
+++ b/.github/workflows/integration.yml
@@ -26,10 +26,10 @@ jobs:
     - name: Set up Go
       uses: actions/setup-go@v4
       with:
-        go-version: '1.25'
+        go-version: '1.23'
 
     - name: Cache Go modules
-      uses: actions/cache@v3
+      uses: actions/cache@v4
       with:
         path: ~/go/pkg/mod
         key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
@@ -47,7 +47,7 @@ jobs:
 
     - name: Start bore server
       run: |
-        ./bin/server &
+        ./bin/server --health-port 8080 --port 8443 &
         SERVER_PID=$!
         echo "SERVER_PID=$SERVER_PID" >> $GITHUB_ENV
         sleep 2
@@ -60,7 +60,7 @@ jobs:
 
         # Test client connection (if server is running)
         echo "Testing client connection..."
-        timeout 10s ./bin/client -local-port 3001 -server localhost:8080 -api-key test-key || echo "Client test completed"
+        timeout 10s ./bin/client -local-port 3001 -server localhost:8443 -api-key test-key || echo "Client test completed"
 
     - name: Stop server
       run: |
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index d760e3c..463422f 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -19,7 +19,7 @@ jobs:
     - name: Set up Go
       uses: actions/setup-go@v4
       with:
-        go-version: '1.25'
+        go-version: '1.23'
 
     - name: Run tests
       run: go test ./...
diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml
index 5532a63..3bfc77f 100644
--- a/.github/workflows/security.yml
+++ b/.github/workflows/security.yml
@@ -17,12 +17,12 @@ jobs:
     - name: Set up Go
       uses: actions/setup-go@v4
       with:
-        go-version: '1.25'
+        go-version: '1.23'
 
     - name: Run Gosec Security Scanner
-      uses: securecodewarrior/github-action-gosec@master
-      with:
-        args: './...'
+      run: |
+        go install github.com/securecodewarrior/gosec/v2/cmd/gosec@latest
+        gosec ./...
 
     - name: Run Trivy vulnerability scanner
       uses: aquasecurity/trivy-action@master
@@ -33,11 +33,11 @@ jobs:
         output: 'trivy-results.sarif'
 
     - name: Upload Trivy scan results to GitHub Security tab
-      uses: github/codeql-action/upload-sarif@v2
+      uses: github/codeql-action/upload-sarif@v3
       if: always()
       with:
         sarif_file: 'trivy-results.sarif'
 
     - name: Dependency Review
-      uses: actions/dependency-review-action@v3
+      uses: actions/dependency-review-action@v4
       if: github.event_name == 'pull_request'
diff --git a/.releaserc.json b/.releaserc.json
new file mode 100644
index 0000000..bdedf29
--- /dev/null
+++ b/.releaserc.json
@@ -0,0 +1,16 @@
+{
+  "branches": ["main"],
+  "plugins": [
+    "@semantic-release/commit-analyzer",
+    "@semantic-release/release-notes-generator",
+    "@semantic-release/changelog",
+    [
+      "@semantic-release/git",
+      {
+        "assets": ["CHANGELOG.md"],
+        "message": "chore(release): ${nextRelease.version} [skip ci]\n\n${nextRelease.notes}"
+      }
+    ],
+    "@semantic-release/github"
+  ]
+}
\ No newline at end of file
diff --git a/Dockerfile b/Dockerfile
index 973806f..ee3d8c6 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,12 +1,12 @@
 # Multi-stage Dockerfile for bore (client and server)
 
 # Build stage
-FROM golang:1.25-alpine AS builder
+FROM golang:1.23-alpine AS builder
 
 WORKDIR /app
 
 # Copy go mod and sum files
-COPY go.mod ./
+COPY go.mod go.sum* ./
 
 # Download dependencies
 RUN go mod download
diff --git a/go.mod b/go.mod
index c9c0195..c677277 100644
--- a/go.mod
+++ b/go.mod
@@ -1,3 +1,3 @@
 module github.com/4cecoder/bore
 
-go 1.25.0
+go 1.23