diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml
index e60b41352b0..a29f86d4019 100644
--- a/.github/workflows/scorecard.yml
+++ b/.github/workflows/scorecard.yml
@@ -32,12 +32,12 @@ jobs:
 
     steps:
       - name: "Checkout code"
-        uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0
+        uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0
         with:
           persist-credentials: false
 
       - name: "Run analysis"
-        uses: ossf/scorecard-action@08b4669551908b1024bb425080c797723083c031 # v2.2.0
+        uses: ossf/scorecard-action@483ef80eb98fb506c348f7d62e28055e49fe2398 # v2.3.0
         with:
           results_file: results.sarif
           results_format: sarif
@@ -67,6 +67,6 @@ jobs:
 
       # Upload the results to GitHub's code scanning dashboard.
       - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@701f152f28d4350ad289a5e31435e9ab6169a7ca # v2.21.6
+        uses: github/codeql-action/upload-sarif@0116bc2df50751f9724a2e35ef1f24d22f90e4e1 # v2.22.3
         with:
           sarif_file: results.sarif
diff --git a/commercetools/commercetools-monitoring-opentelemetry/build.gradle b/commercetools/commercetools-monitoring-opentelemetry/build.gradle
index 4eb87130944..6584b5808f3 100644
--- a/commercetools/commercetools-monitoring-opentelemetry/build.gradle
+++ b/commercetools/commercetools-monitoring-opentelemetry/build.gradle
@@ -1,7 +1,7 @@
 
 dependencies {
     api project(":rmf:rmf-java-base")
-    implementation 'io.opentelemetry:opentelemetry-api:1.28.0'
+    implementation 'io.opentelemetry:opentelemetry-api:1.31.0'
 
     testImplementation project(":commercetools:commercetools-sdk-java-api")
 }
diff --git a/commercetools/commercetools-okhttp-client4/build.gradle b/commercetools/commercetools-okhttp-client4/build.gradle
index 4f1569b4c3a..6683d064dfd 100644
--- a/commercetools/commercetools-okhttp-client4/build.gradle
+++ b/commercetools/commercetools-okhttp-client4/build.gradle
@@ -5,7 +5,7 @@ dependencies {
         strictly '[4.0,5.0['
         prefer "4.10.0"
     }
-    implementation "com.squareup.okio:okio:3.5.0"
+    implementation "com.squareup.okio:okio:3.6.0"
 
     implementation javax.validation
 }
diff --git a/commercetools/commercetools-reactornetty-client/build.gradle b/commercetools/commercetools-reactornetty-client/build.gradle
index 1f6adede6da..59044c5d61f 100644
--- a/commercetools/commercetools-reactornetty-client/build.gradle
+++ b/commercetools/commercetools-reactornetty-client/build.gradle
@@ -2,8 +2,8 @@
 dependencies {
     api project(":rmf:rmf-java-base")
 
-    api "io.projectreactor.netty:reactor-netty-http:1.1.11"
-    api "io.projectreactor.netty:reactor-netty-core:1.1.11"
+    api "io.projectreactor.netty:reactor-netty-http:1.1.12"
+    api "io.projectreactor.netty:reactor-netty-core:1.1.12"
 
     implementation javax.validation
 }
diff --git a/gradle-scripts/extensions.gradle b/gradle-scripts/extensions.gradle
index 7ad965f9373..8d76898618f 100644
--- a/gradle-scripts/extensions.gradle
+++ b/gradle-scripts/extensions.gradle
@@ -15,7 +15,7 @@ ext {
 
     commons = [
             lang3: 'org.apache.commons:commons-lang3:3.13.0',
-            io: 'commons-io:commons-io:2.13.0',
+            io: 'commons-io:commons-io:2.14.0',
             io_version: {
                     strictly '[2.8.0,)'
                     prefer '2.11.0'
@@ -31,10 +31,10 @@ ext {
     ]
 
     jackson_core = [
-            annotations: 'com.fasterxml.jackson.core:jackson-annotations:2.15.2',
-            databind: 'com.fasterxml.jackson.core:jackson-databind:2.15.2',
-            core: 'com.fasterxml.jackson.core:jackson-core:2.15.2',
-            datatype: 'com.fasterxml.jackson.datatype:jackson-datatype-jsr310:2.15.2',
+            annotations: 'com.fasterxml.jackson.core:jackson-annotations:2.15.3',
+            databind: 'com.fasterxml.jackson.core:jackson-databind:2.15.3',
+            core: 'com.fasterxml.jackson.core:jackson-core:2.15.3',
+            datatype: 'com.fasterxml.jackson.datatype:jackson-datatype-jsr310:2.15.3',
     ]
 
     google = [
diff --git a/gradle/wrapper/gradle-wrapper.properties b/gradle/wrapper/gradle-wrapper.properties
index 03bc515044f..309b4e18dbc 100644
--- a/gradle/wrapper/gradle-wrapper.properties
+++ b/gradle/wrapper/gradle-wrapper.properties
@@ -1,6 +1,6 @@
 distributionBase=GRADLE_USER_HOME
 distributionPath=wrapper/dists
-distributionUrl=https\://services.gradle.org/distributions/gradle-8.3-all.zip
+distributionUrl=https\://services.gradle.org/distributions/gradle-8.4-all.zip
 networkTimeout=10000
 zipStoreBase=GRADLE_USER_HOME
 zipStorePath=wrapper/dists
diff --git a/package.json b/package.json
index c338801028d..0af547e1deb 100644
--- a/package.json
+++ b/package.json
@@ -9,7 +9,7 @@
         "node": ">=14.15",
         "npm": ">=5"
     },
-    "packageManager": "yarn@3.6.3",
+    "packageManager": "yarn@3.6.4",
     "dependencies": {
         "husky": "8.0.3",
         "lint-staged": "13.3.0"