diff --git a/.github/workflows/build-push-chart.yml b/.github/workflows/build-push-chart.yml
index b9656e3..a1ab1e3 100644
--- a/.github/workflows/build-push-chart.yml
+++ b/.github/workflows/build-push-chart.yml
@@ -15,7 +15,7 @@ name: Build/Push Image and Release Charts
 permissions: read-all
 jobs:
   setenv:
-    uses: ortelius/workflow-toolkit/.github/workflows/env-config-workflow.yml@52316bc78d725e136c44fa02585c3ba59027b2df
+    uses: ortelius/workflow-toolkit/.github/workflows/env-config-workflow.yml@174d28736938eb3215d59243802dd1088256107b
     with:
       gh_head_ref: ${{ github.head_ref }}
       gh_ref_name: ${{ github.ref_name }}
@@ -24,7 +24,7 @@ jobs:
       gh_repo: ${{ github.repository }}
       gh_run_number: ${{ github.run_number }}
   release:
-    uses: ortelius/workflow-toolkit/.github/workflows/container-release-workflow.yml@52316bc78d725e136c44fa02585c3ba59027b2df
+    uses: ortelius/workflow-toolkit/.github/workflows/container-release-workflow.yml@174d28736938eb3215d59243802dd1088256107b
     needs: setenv
     with:
       gh_repository_owner: ${{ github.repository_owner }}
@@ -42,7 +42,7 @@ jobs:
     permissions:
       security-events: write
       statuses: write
-    uses: ortelius/workflow-toolkit/.github/workflows/trivy-scan-workflow.yml@52316bc78d725e136c44fa02585c3ba59027b2df
+    uses: ortelius/workflow-toolkit/.github/workflows/trivy-scan-workflow.yml@174d28736938eb3215d59243802dd1088256107b
     needs:
       - setenv
       - release
@@ -54,7 +54,7 @@ jobs:
   helm:
     permissions:
       contents: write
-    uses: ortelius/workflow-toolkit/.github/workflows/helm-release-workflow.yml@52316bc78d725e136c44fa02585c3ba59027b2df
+    uses: ortelius/workflow-toolkit/.github/workflows/helm-release-workflow.yml@174d28736938eb3215d59243802dd1088256107b
     needs:
       - setenv
       - release
@@ -74,7 +74,7 @@ jobs:
       GPG_KEY: ${{ secrets.GPG_KEY }}
       gh_token: ${{ secrets.HELM_INDEXER_TOKEN }}
   sbom:
-    uses: ortelius/workflow-toolkit/.github/workflows/sbom-generation-workflow.yml@52316bc78d725e136c44fa02585c3ba59027b2df
+    uses: ortelius/workflow-toolkit/.github/workflows/sbom-generation-workflow.yml@174d28736938eb3215d59243802dd1088256107b
     needs:
       - setenv
       - release
diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
index 5070b3a..c2eae03 100644
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -21,7 +21,7 @@ jobs:
 
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@df199fb7be9f65074067a9eb93f12bb4c5547cf2 # v2.13.3
+        uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0
         with:
           egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
 
diff --git a/.github/workflows/mega-linter.yml b/.github/workflows/mega-linter.yml
index d986f69..2039390 100644
--- a/.github/workflows/mega-linter.yml
+++ b/.github/workflows/mega-linter.yml
@@ -57,7 +57,7 @@ jobs:
       - name: Create Pull Request with applied fixes
         id: cpr
         if: steps.ml.outputs.has_updated_sources == 1 && (env.APPLY_FIXES_EVENT == 'all' || env.APPLY_FIXES_EVENT == github.event_name) && env.APPLY_FIXES_MODE == 'pull_request' && (github.event_name == 'push' || github.event.pull_request.head.repo.full_name == github.repository) && !contains(github.event.head_commit.message, 'skip fix')
-        uses: peter-evans/create-pull-request@22a9089034f40e5a961c8808d113e2c98fb63676 # v7
+        uses: peter-evans/create-pull-request@98357b18bf14b5342f975ff684046ec3b2a07725 # v8
         with:
           token: ${{ secrets.PAT || secrets.GITHUB_TOKEN }}
           commit-message: "[MegaLinter] Apply linters automatic fixes"
diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml
index 41e99ee..d9a2b0e 100644
--- a/.github/workflows/scorecard.yml
+++ b/.github/workflows/scorecard.yml
@@ -26,7 +26,7 @@ jobs:
 
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@df199fb7be9f65074067a9eb93f12bb4c5547cf2 # v2.13.3
+        uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0
         with:
           egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
 
diff --git a/requirements.in b/requirements.in
index 4b5c764..c8ca658 100644
--- a/requirements.in
+++ b/requirements.in
@@ -1,7 +1,7 @@
-fastapi==0.124.0
+fastapi==0.124.2
 joblib==1.5.2
 mitreattack-python==5.3.0
 numpy==2.3.5  # This is a common dependency for scikit-learn
-scikit-learn==1.7.2
+scikit-learn==1.8.0
 stanza==1.11.0
 uvicorn==0.38.0