diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS
index 7174391..cf51b0e 100644
--- a/.github/CODEOWNERS
+++ b/.github/CODEOWNERS
@@ -1,2 +1 @@
-* @profianinc/steward @bstrie @haraldh
-*.rs @profianinc/steward @bstrie
+* @enarx/codeowners @rjzak
diff --git a/.github/workflows/cargo.yml b/.github/workflows/cargo.yml
index 935ec0d..e43cb8d 100644
--- a/.github/workflows/cargo.yml
+++ b/.github/workflows/cargo.yml
@@ -6,11 +6,8 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v4
-      - uses: actions-rs/toolchain@v1
-        with:
-          toolchain: stable
-          profile: minimal
-          override: true
+      - name: Setup Rust toolchain
+        run: rustup show && rustup update
       - run: cargo install cargo-readme
       - run: cargo readme > README.md && git diff --exit-code
 
diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml
index b40a9e1..87143a9 100644
--- a/.github/workflows/lint.yml
+++ b/.github/workflows/lint.yml
@@ -8,15 +8,9 @@ jobs:
     - name: Setup Rust toolchain
       run: rustup show
     - name: cargo fmt
-      uses: actions-rs/cargo@v1
-      with:
-        command: fmt
-        args: -- --check
+      run: cargo fmt --all -- --check
     - name: cargo clippy
-      uses: actions-rs/cargo@v1
-      with:
-        command: clippy
-        args: --workspace --all-features -- -D warnings
+      run: cargo clippy --workspace --all-features --tests -- -D warnings
 
   nix-fmt:
     name: nix fmt
diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
index 89d5865..5a6e189 100644
--- a/.github/workflows/test.yml
+++ b/.github/workflows/test.yml
@@ -8,10 +8,7 @@ jobs:
     - name: Setup Rust toolchain
       run: rustup show
     - name: cargo test
-      uses: actions-rs/cargo@v1
-      with:
-        command: test
-        args: --workspace --all-features
+      run: cargo test --workspace --all-features
 
   wasi:
     runs-on: ubuntu-latest
@@ -29,7 +26,4 @@ jobs:
       - name: Check wasmtime version
         run: wasmtime --version
       - name: cargo test
-        uses: actions-rs/cargo@v1
-        with:
-          command: test
-          args: --workspace --all-features --target=wasm32-wasi
+        run: cargo test --workspace --all-features --target=wasm32-wasi
diff --git a/crates/attestation/src/crypto/crl.rs b/crates/attestation/src/crypto/crl.rs
index c9241cc..fc9c19f 100644
--- a/crates/attestation/src/crypto/crl.rs
+++ b/crates/attestation/src/crypto/crl.rs
@@ -156,7 +156,7 @@ mod tests {
         let rdns = RdnSequence::from_der(&rdns).unwrap();
 
         // Create the extensions.
-        let ku = KeyUsage((KeyUsages::KeyCertSign | KeyUsages::CRLSign).into())
+        let ku = KeyUsage(KeyUsages::KeyCertSign | KeyUsages::CRLSign)
             .to_vec()
             .unwrap();
         let bc = BasicConstraints {
@@ -267,7 +267,7 @@ mod tests {
         // Create the certificate body.
         let tbs = TbsCertificate {
             version: x509::Version::V3,
-            serial_number: cert_serial.clone(),
+            serial_number: *cert_serial,
             signature: pki.signs_with().unwrap(),
             issuer: rdns_issuer,
             validity,
@@ -315,19 +315,17 @@ mod tests {
         let rdns = RdnSequence::encode_from_string(TEST_ISSUER).unwrap();
         let rdns = RdnSequence::from_der(&rdns).unwrap();
 
-        let revoked = if let Some(serial) = cert_serial {
-            Some(vec![RevokedCert {
-                serial_number: serial,
+        let revoked = cert_serial.map(|s| {
+            vec![RevokedCert {
+                serial_number: s,
                 revocation_date: yesterday,
                 crl_entry_extensions: None,
-            }])
-        } else {
-            None
-        };
+            }]
+        });
 
         let tbs_cert = TbsCertList {
             version: Default::default(),
-            signature: ca_cert.signature_algorithm.clone(),
+            signature: ca_cert.signature_algorithm,
             issuer: rdns,
             this_update: yesterday,
             next_update: None,
@@ -336,15 +334,12 @@ mod tests {
         };
 
         let signature = ca_pki
-            .sign(
-                &tbs_cert.to_vec().unwrap(),
-                ca_cert.signature_algorithm.clone(),
-            )
+            .sign(&tbs_cert.to_vec().unwrap(), ca_cert.signature_algorithm)
             .unwrap();
 
         let crl = CertificateList {
             tbs_cert_list: tbs_cert,
-            signature_algorithm: ca_cert.signature_algorithm.clone(),
+            signature_algorithm: ca_cert.signature_algorithm,
             signature: BitStringRef::from_bytes(&signature).unwrap(),
         };
 
diff --git a/crates/server/src/lib.rs b/crates/server/src/lib.rs
index 7a4f005..e03ab0e 100644
--- a/crates/server/src/lib.rs
+++ b/crates/server/src/lib.rs
@@ -909,7 +909,7 @@ mod tests {
         #[test]
         fn test_sgx_signed_csr_bad_config_enclave_version() {
             let csr = CertReq::from_der(ICELAKE_I5_CSR).unwrap();
-            let config: Config = toml::from_str(&*format!(
+            let config: Config = toml::from_str(&format!(
                 r#"
             [sgx]
             signer = ["{SIGNER}"]
@@ -925,7 +925,7 @@ mod tests {
         #[test]
         fn test_sgx_signed_csr_extra_tcb_advisories() {
             let csr = CertReq::from_der(ICELAKE_I5_CSR).unwrap();
-            let config: Config = toml::from_str(&*format!(
+            let config: Config = toml::from_str(&format!(
                 r#"
             [sgx]
             signer = ["{SIGNER}"]