diff --git a/.github/banner.png b/.github/banner.png
index 96e325a0..db6c1464 100644
Binary files a/.github/banner.png and b/.github/banner.png differ
diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml
index eb9cb55c..a9970acb 100644
--- a/.github/workflows/docker.yml
+++ b/.github/workflows/docker.yml
@@ -25,9 +25,13 @@ on:
 jobs:
   build-and-push:
     runs-on: ubuntu-latest
+    concurrency:
+      group: ${{ github.workflow }} @ ${{ github.event.pull_request.head.label || github.head_ref || github.ref }}
+      cancel-in-progress: true
+
     steps:
     - name: "Checkout source code at current commit"
-      uses: actions/checkout@v3
+      uses: actions/checkout@v4
     - name: Prepare tags for Docker image
       if: (github.event_name == 'release' && github.event.action == 'published') || github.event.pull_request.head.repo.full_name == github.repository || github.event_name == 'schedule' || github.event_name == 'workflow_dispatch'
       id: prepare
@@ -59,23 +63,25 @@ jobs:
         echo "slim-tags=${SLIM_TAGS}" >> "$GITHUB_OUTPUT"
         printf "SLIM_TAGS are %s\n" "${SLIM_TAGS}"
     - name: Set up Docker Buildx
-      uses: docker/setup-buildx-action@v2
+      uses: docker/setup-buildx-action@v3
     - name: Login to DockerHub
       if: (github.event_name == 'release' && github.event.action == 'published') || github.event.pull_request.head.repo.full_name == github.repository || github.event_name == 'schedule' || github.event_name == 'workflow_dispatch'
-      uses: docker/login-action@v2
+      uses: docker/login-action@v3
       with:
         username: ${{ secrets.DOCKERHUB_USERNAME }}
         password: ${{ secrets.DOCKERHUB_PASSWORD }}
     - name: "Build and push full docker image to DockerHub"
       id: docker_full_build
-      uses: docker/build-push-action@v3
+      uses: docker/build-push-action@v5
       with:
         push: ${{ (github.event_name == 'release' && github.event.action == 'published') || github.event.pull_request.head.repo.full_name == github.repository || github.event_name == 'schedule' || github.event_name == 'workflow_dispatch' }}
         tags: ${{ steps.prepare.outputs.tags }}
+        platforms: linux/amd64
     - name: "Build and push slim docker image to DockerHub"
       id: docker_slim_build
-      uses: docker/build-push-action@v3
+      uses: docker/build-push-action@v5
       with:
         file: ./Dockerfile.slim
         push: ${{ (github.event_name == 'release' && github.event.action == 'published') || github.event.pull_request.head.repo.full_name == github.repository || github.event_name == 'schedule' || github.event_name == 'workflow_dispatch' }}
         tags: ${{ steps.prepare.outputs.slim-tags }}
+        platforms: linux/amd64
diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml
index d5e74adf..17c157c8 100644
--- a/.github/workflows/lint.yml
+++ b/.github/workflows/lint.yml
@@ -25,7 +25,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout Code
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
       - name: Lint Code Base
         uses: github/super-linter/slim@v5
         env:
diff --git a/.github/workflows/vhs.yaml b/.github/workflows/vhs.yaml
index c0ed41e6..a20729d5 100644
--- a/.github/workflows/vhs.yaml
+++ b/.github/workflows/vhs.yaml
@@ -17,11 +17,11 @@ jobs:
       cancel-in-progress: true
 
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
 
       - name: Set up Docker Buildx (for demo tape)
         id: buildx
-        uses: docker/setup-buildx-action@v2
+        uses: docker/setup-buildx-action@v3
 
       - name: Tune vim settings
         run: |
@@ -34,7 +34,7 @@ jobs:
           path: demo.tape
           install-fonts: true
 
-      - uses: stefanzweifel/git-auto-commit-action@v4
+      - uses: stefanzweifel/git-auto-commit-action@v5
         id: auto-commit
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
diff --git a/Dockerfile b/Dockerfile
index 0cba7ee1..ca7aaf1e 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,4 +1,4 @@
-FROM golang:1.20.7-alpine3.18
+FROM golang:1.20.13-alpine3.18
 LABEL maintainer="Cloud Posse <hello@cloudposse.com>"
 
 LABEL "com.github.actions.name"="Build Harness"
@@ -8,6 +8,7 @@ LABEL "com.github.actions.color"="blue"
 
 RUN apk --update --no-cache add \
       bash \
+      build-base \
       ca-certificates \
       coreutils \
       curl \
@@ -27,12 +28,12 @@ RUN apk --update --no-cache add \
       py3-cffi && \
     python3 -m pip install --upgrade pip setuptools wheel && \
     pip3 install --no-cache-dir \
-      cryptography==41.0.3 \
+      cryptography==41.0.7 \
       PyYAML==6.0.1 \
-      awscli==1.29.25 \
+      awscli==1.32.23 \
       boto==2.49.0 \
-      boto3==1.28.25 \
-      iteration-utilities==0.11.0 \
+      boto3==1.34.23 \
+      iteration-utilities==0.12.0 \
       PyGithub==1.59.1 && \
     git config --global advice.detachedHead false
 
diff --git a/Makefile b/Makefile
index 99fe330d..19c62284 100644
--- a/Makefile
+++ b/Makefile
@@ -12,7 +12,8 @@ export BUILD_HARNESS_OS ?= $(OS)
 export BUILD_HARNESS_ARCH ?= $(shell uname -m | sed 's/x86_64/amd64/g')
 export SELF ?= $(MAKE)
 export PATH := $(BUILD_HARNESS_PATH)/vendor:$(PATH)
-export DOCKER_BUILD_FLAGS ?=
+# We do not have Alpine packages for arm64, so we need to force amd64 until we switch to Debian
+export DOCKER_BUILD_FLAGS ?= --platform linux/amd64
 
 # Forces auto-init off to avoid invoking the macro on recursive $(MAKE)
 export BUILD_HARNESS_AUTO_INIT := false