diff --git a/.devcontainer/Dockerfile b/.devcontainer/Dockerfile
index d9224278d..10746fb7b 100644
--- a/.devcontainer/Dockerfile
+++ b/.devcontainer/Dockerfile
@@ -1,4 +1,4 @@
-FROM mcr.microsoft.com/vscode/devcontainers/python:3.11-buster@sha256:e201c10ff82f4ef267a1c8afbd24ece47643c045269d24df6d086a80383867c6
+FROM mcr.microsoft.com/vscode/devcontainers/python:3.11-buster@sha256:2578fb2474b1245a91115030c6b2224aa61c1229426c299793ef321a666d839f
 
 ARG USERNAME=vscode
 
diff --git a/.github/workflows/ossf-scorecard.yml b/.github/workflows/ossf-scorecard.yml
index 3577ccdc9..39bd5ac34 100644
--- a/.github/workflows/ossf-scorecard.yml
+++ b/.github/workflows/ossf-scorecard.yml
@@ -25,7 +25,7 @@ jobs:
           persist-credentials: false
 
       - name: "Run analysis"
-        uses: ossf/scorecard-action@fdeb02dc9c3fb721c82a431b2708514aca13dbeb
+        uses: ossf/scorecard-action@6c4912ed9e5f80cfda40164b92753f21f0892cab
         with:
           results_file: ossf-results.json
           results_format: json
diff --git a/aws/common/budget.tf b/aws/common/budget.tf
index 0672f47bd..9373c7a27 100644
--- a/aws/common/budget.tf
+++ b/aws/common/budget.tf
@@ -24,7 +24,7 @@ resource "aws_budgets_budget" "notify_global" {
 }
 
 module "budget_notifier" {
-  source                     = "github.com/cds-snc/terraform-modules//spend_notifier?ref=v9.2.6"
+  source                     = "github.com/cds-snc/terraform-modules//spend_notifier?ref=v9.6.4"
   daily_spend_notifier_hook  = var.budget_sre_bot_webhook
   weekly_spend_notifier_hook = var.budget_sre_bot_webhook
   billing_tag_value          = "notification-canada-ca-${var.env}"
diff --git a/aws/common/s3.tf b/aws/common/s3.tf
index 0823c8130..7323c1201 100644
--- a/aws/common/s3.tf
+++ b/aws/common/s3.tf
@@ -44,11 +44,12 @@ resource "aws_s3_bucket_public_access_block" "csv_bucket" {
 }
 
 module "csv_bucket_logs" {
-  source = "github.com/cds-snc/terraform-modules//S3_log_bucket?ref=v6.0.3"
+  source = "github.com/cds-snc/terraform-modules//S3_log_bucket?ref=v6.1.5"
 
   bucket_name       = "notification-canada-ca-${var.env}-csv-upload-logs"
   force_destroy     = var.force_destroy_s3
   billing_tag_value = "notification-canada-ca-${var.env}"
+  versioning_status = "Enabled"
 
   lifecycle_rule = { "lifecycle_rule" : { "enabled" : "true", "expiration" : { "days" : "90" } } }
 
@@ -218,11 +219,12 @@ resource "aws_s3_bucket_public_access_block" "scan_files_document_bucket" {
 }
 
 module "document_download_logs" {
-  source = "github.com/cds-snc/terraform-modules//S3_log_bucket?ref=v6.0.3"
+  source = "github.com/cds-snc/terraform-modules//S3_log_bucket?ref=v6.1.5"
 
   bucket_name       = "notification-canada-ca-${var.env}-document-download-logs"
   force_destroy     = var.force_destroy_s3
   billing_tag_value = "notification-canada-ca-${var.env}"
+  versioning_status = "Enabled"
 
   lifecycle_rule = { "lifecycle_rule" : { "enabled" : "true", "expiration" : { "days" : "90" } } }
 
@@ -351,11 +353,12 @@ resource "aws_s3_bucket_public_access_block" "athena_bucket" {
 }
 
 module "athena_logs_bucket" {
-  source = "github.com/cds-snc/terraform-modules//S3_log_bucket?ref=v6.0.3"
+  source = "github.com/cds-snc/terraform-modules//S3_log_bucket?ref=v6.1.5"
 
   bucket_name       = "notification-canada-ca-${var.env}-athena-logs"
   force_destroy     = var.force_destroy_s3
   billing_tag_value = "notification-canada-ca-${var.env}"
+  versioning_status = "Enabled"
 
   lifecycle_rule = { "lifecycle_rule" : { "enabled" : "true", "expiration" : { "days" : "90" } } }
 
@@ -365,7 +368,7 @@ module "athena_logs_bucket" {
 }
 
 module "cbs_logs_bucket" {
-  source = "github.com/cds-snc/terraform-modules//S3_log_bucket?ref=v6.0.3"
+  source = "github.com/cds-snc/terraform-modules//S3_log_bucket?ref=v6.1.5"
   count  = var.create_cbs_bucket ? 1 : 0
 
   bucket_name                    = var.cbs_satellite_bucket_name
@@ -373,6 +376,7 @@ module "cbs_logs_bucket" {
   billing_tag_value              = "notification-canada-ca-${var.env}"
   attach_lb_log_delivery_policy  = true
   attach_elb_log_delivery_policy = true
+  versioning_status              = "Enabled"
 
   lifecycle_rule = { "lifecycle_rule" : { "enabled" : "true", "expiration" : { "days" : "90" } } }
 
@@ -382,7 +386,7 @@ module "cbs_logs_bucket" {
 }
 
 module "sns_sms_usage_report_bucket" {
-  source = "github.com/cds-snc/terraform-modules//S3?ref=v9.2.3"
+  source = "github.com/cds-snc/terraform-modules//S3?ref=v9.6.4"
 
   bucket_name       = "notification-canada-ca-${var.env}-sms-usage-logs"
   force_destroy     = var.force_destroy_s3
@@ -462,7 +466,7 @@ module "sns_sms_usage_report_bucket_us_west_2" {
     aws = aws.us-west-2
   }
 
-  source = "github.com/cds-snc/terraform-modules//S3?ref=v9.2.3"
+  source = "github.com/cds-snc/terraform-modules//S3?ref=v9.6.4"
 
   bucket_name       = "notification-canada-ca-${var.env}-sms-usage-west-2-logs"
   force_destroy     = var.force_destroy_s3
@@ -540,7 +544,7 @@ POLICY
 }
 
 module "sns_sms_usage_report_sanitized_bucket" {
-  source = "github.com/cds-snc/terraform-modules//S3?ref=v9.2.3"
+  source = "github.com/cds-snc/terraform-modules//S3?ref=v9.6.4"
 
   bucket_name       = "notification-canada-ca-${var.env}-sms-usage-logs-san"
   force_destroy     = var.force_destroy_s3
@@ -557,7 +561,7 @@ module "sns_sms_usage_report_sanitized_bucket_us_west_2" {
     aws = aws.us-west-2
   }
 
-  source = "github.com/cds-snc/terraform-modules//S3?ref=v9.2.3"
+  source = "github.com/cds-snc/terraform-modules//S3?ref=v9.6.4"
 
   bucket_name       = "notification-canada-ca-${var.env}-sms-usage-west-2-logs-san"
   force_destroy     = var.force_destroy_s3
diff --git a/aws/common/slack.tf b/aws/common/slack.tf
index c7c409610..27d3a11d0 100644
--- a/aws/common/slack.tf
+++ b/aws/common/slack.tf
@@ -1,7 +1,7 @@
 # Doc: https://registry.terraform.io/modules/terraform-aws-modules/notify-slack/aws/
 module "notify_slack_warning" {
   source  = "terraform-aws-modules/notify-slack/aws"
-  version = "6.0.0"
+  version = "6.4.1"
 
   create_sns_topic = false
   sns_topic_name   = aws_sns_topic.notification-canada-ca-alert-warning.name
@@ -19,7 +19,7 @@ module "notify_slack_warning" {
 
 module "notify_slack_ok" {
   source  = "terraform-aws-modules/notify-slack/aws"
-  version = "6.0.0"
+  version = "6.4.1"
 
   create_sns_topic = false
   sns_topic_name   = aws_sns_topic.notification-canada-ca-alert-ok.name
@@ -37,7 +37,7 @@ module "notify_slack_ok" {
 
 module "notify_slack_critical" {
   source  = "terraform-aws-modules/notify-slack/aws"
-  version = "6.0.0"
+  version = "6.4.1"
 
   create_sns_topic = false
   sns_topic_name   = aws_sns_topic.notification-canada-ca-alert-critical.name
@@ -56,7 +56,7 @@ module "notify_slack_critical" {
 # Shared generic slack webhook & topic.
 module "notify_slack_general" {
   source  = "terraform-aws-modules/notify-slack/aws"
-  version = "6.0.0"
+  version = "6.4.1"
 
   create_sns_topic = false
   sns_topic_name   = aws_sns_topic.notification-canada-ca-alert-general.name