diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
index 3b845ff193..f15c8963f8 100644
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -50,7 +50,7 @@ jobs:
         uses: gradle/actions/setup-gradle@4d9f0ba0025fe599b4ebab900eb7f3a1d93ef4c2 # v5.0.0
 
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@a8d1ac45b9a34d11fe398d5503176af0d06b303e # v3.30.7
+        uses: github/codeql-action/init@16140ae1a102900babc80a33c44059580f687047 # v4.30.9
         with:
           languages: ${{ matrix.language }}
           # using "linked" helps to keep up with the latest Kotlin support
@@ -65,6 +65,6 @@ jobs:
         run: ./gradlew assemble --no-build-cache --no-daemon
 
       - name: Perform CodeQL analysis
-        uses: github/codeql-action/analyze@a8d1ac45b9a34d11fe398d5503176af0d06b303e # v3.30.7
+        uses: github/codeql-action/analyze@16140ae1a102900babc80a33c44059580f687047 # v4.30.9
         with:
           category: "/language:${{matrix.language}}"
diff --git a/.github/workflows/ossf-scorecard.yml b/.github/workflows/ossf-scorecard.yml
index c7fc5ab9dc..ab2a2e1fa5 100644
--- a/.github/workflows/ossf-scorecard.yml
+++ b/.github/workflows/ossf-scorecard.yml
@@ -52,6 +52,6 @@ jobs:
       # Upload the results to GitHub's code scanning dashboard (optional).
       # Commenting out will disable upload of results to your repo's Code Scanning dashboard
       - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@a8d1ac45b9a34d11fe398d5503176af0d06b303e # v3.30.7
+        uses: github/codeql-action/upload-sarif@16140ae1a102900babc80a33c44059580f687047 # v4.30.9
         with:
           sarif_file: results.sarif
diff --git a/buildSrc/build.gradle.kts b/buildSrc/build.gradle.kts
index e963b8e8e4..28fb6a7b74 100644
--- a/buildSrc/build.gradle.kts
+++ b/buildSrc/build.gradle.kts
@@ -15,7 +15,7 @@ dependencies {
   implementation("com.diffplug.spotless:com.diffplug.spotless.gradle.plugin:8.0.0")
   implementation("net.ltgt.errorprone:net.ltgt.errorprone.gradle.plugin:4.3.0")
   implementation("net.ltgt.nullaway:net.ltgt.nullaway.gradle.plugin:2.3.0")
-  implementation("org.owasp.dependencycheck:org.owasp.dependencycheck.gradle.plugin:12.1.6")
+  implementation("org.owasp.dependencycheck:org.owasp.dependencycheck.gradle.plugin:12.1.8")
   implementation("ru.vyarus.animalsniffer:ru.vyarus.animalsniffer.gradle.plugin:2.0.1")
   implementation("com.gradle.develocity:com.gradle.develocity.gradle.plugin:4.2.1")
   implementation("me.champeau.gradle.japicmp:me.champeau.gradle.japicmp.gradle.plugin:0.4.6")
diff --git a/buildSrc/src/main/kotlin/otel.java-conventions.gradle.kts b/buildSrc/src/main/kotlin/otel.java-conventions.gradle.kts
index ffd6f2bf02..6c8a4f0be1 100644
--- a/buildSrc/src/main/kotlin/otel.java-conventions.gradle.kts
+++ b/buildSrc/src/main/kotlin/otel.java-conventions.gradle.kts
@@ -65,7 +65,7 @@ tasks {
   }
 
   withType<Test>().configureEach {
-    useJUnitPlatform()
+    useJUnitPlatform("5.13.4")
 
     val maxTestRetries = gradle.startParameter.projectProperties["maxTestRetries"]?.toInt() ?: 0
     develocity.testRetry {
@@ -147,10 +147,11 @@ dependencies {
 
 testing {
   suites.withType(JvmTestSuite::class).configureEach {
+    useJUnitJupiter("5.13.4")
+
     dependencies {
       implementation(project(project.path))
 
-      implementation(enforcedPlatform("org.junit:junit-bom:5.14.0"))
       implementation(enforcedPlatform("org.testcontainers:testcontainers-bom:1.21.3"))
       implementation(enforcedPlatform("com.google.guava:guava-bom:33.5.0-jre"))
       implementation(enforcedPlatform("com.linecorp.armeria:armeria-bom:1.33.4"))
@@ -159,16 +160,11 @@ testing {
       compileOnly("com.google.errorprone:error_prone_annotations")
       compileOnly("com.google.code.findbugs:jsr305")
 
-      implementation("org.junit.jupiter:junit-jupiter-api")
-      implementation("org.junit.jupiter:junit-jupiter-params")
       implementation("org.mockito:mockito-core")
       implementation("org.mockito:mockito-junit-jupiter")
       implementation("org.assertj:assertj-core")
       implementation("org.awaitility:awaitility")
       implementation("io.github.netmikey.logunit:logunit-jul")
-
-      runtimeOnly("org.junit.jupiter:junit-jupiter-engine")
-      runtimeOnly("org.junit.platform:junit-platform-launcher")
     }
   }
 }
diff --git a/ibm-mq-metrics/build.gradle.kts b/ibm-mq-metrics/build.gradle.kts
index 31e1918417..be30a21b76 100644
--- a/ibm-mq-metrics/build.gradle.kts
+++ b/ibm-mq-metrics/build.gradle.kts
@@ -18,7 +18,7 @@ dependencies {
   api("com.google.code.findbugs:jsr305:3.0.2")
   api("io.swagger:swagger-annotations:1.6.16")
   api("org.jetbrains:annotations:26.0.2-1")
-  api("com.ibm.mq:com.ibm.mq.allclient:9.4.3.1")
+  api("com.ibm.mq:com.ibm.mq.allclient:9.4.4.0")
   api("org.yaml:snakeyaml:2.5")
   api("com.fasterxml.jackson.core:jackson-databind:2.20.0")
   api("io.opentelemetry:opentelemetry-sdk")
@@ -28,7 +28,7 @@ dependencies {
   implementation("org.slf4j:slf4j-simple:2.0.17")
   testImplementation("com.google.guava:guava")
   testImplementation("io.opentelemetry:opentelemetry-sdk-testing")
-  ibmClientJar("com.ibm.mq:com.ibm.mq.allclient:9.4.3.1") {
+  ibmClientJar("com.ibm.mq:com.ibm.mq.allclient:9.4.4.0") {
     artifact {
       name = "com.ibm.mq.allclient"
       extension = "jar"
@@ -43,7 +43,7 @@ testing {
       dependencies {
         implementation("org.assertj:assertj-core:3.27.6")
         implementation("io.opentelemetry:opentelemetry-sdk-testing")
-        implementation("com.ibm.mq:com.ibm.mq.jakarta.client:9.4.3.1")
+        implementation("com.ibm.mq:com.ibm.mq.jakarta.client:9.4.4.0")
         implementation("jakarta.jms:jakarta.jms-api:3.1.0")
       }
 
diff --git a/micrometer-meter-provider/build.gradle.kts b/micrometer-meter-provider/build.gradle.kts
index 27e61bf1f1..2de81eba63 100644
--- a/micrometer-meter-provider/build.gradle.kts
+++ b/micrometer-meter-provider/build.gradle.kts
@@ -20,14 +20,14 @@ dependencies {
   annotationProcessor("com.google.auto.value:auto-value")
   compileOnly("com.google.auto.value:auto-value-annotations")
 
-  testImplementation("io.micrometer:micrometer-core:1.15.4")
+  testImplementation("io.micrometer:micrometer-core:1.15.5")
 }
 
 testing {
   suites {
     val integrationTest by registering(JvmTestSuite::class) {
       dependencies {
-        implementation("io.micrometer:micrometer-registry-prometheus:1.15.4")
+        implementation("io.micrometer:micrometer-registry-prometheus:1.15.5")
       }
     }
   }
diff --git a/runtime-attach/runtime-attach-core/build.gradle.kts b/runtime-attach/runtime-attach-core/build.gradle.kts
index b5ade38c48..0e06aaf52c 100644
--- a/runtime-attach/runtime-attach-core/build.gradle.kts
+++ b/runtime-attach/runtime-attach-core/build.gradle.kts
@@ -7,7 +7,7 @@ description = "To help in create an OpenTelemetry distro able to runtime attach
 otelJava.moduleName.set("io.opentelemetry.contrib.attach.core")
 
 dependencies {
-  implementation("net.bytebuddy:byte-buddy-agent:1.17.7")
+  implementation("net.bytebuddy:byte-buddy-agent:1.17.8")
 
   // Used by byte-buddy but not brought in as a transitive dependency.
   compileOnly("com.google.code.findbugs:annotations")