diff --git a/.github/workflows/lint.yaml b/.github/workflows/lint.yaml
index f92ec8bf..d0138c1a 100644
--- a/.github/workflows/lint.yaml
+++ b/.github/workflows/lint.yaml
@@ -15,7 +15,7 @@ jobs:
 
     steps:
       - name: Checkout
-        uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
+        uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
         with:
           fetch-depth: 0
 
diff --git a/.github/workflows/scorecard.yaml b/.github/workflows/scorecard.yaml
index b4a568d8..c0bf00c8 100644
--- a/.github/workflows/scorecard.yaml
+++ b/.github/workflows/scorecard.yaml
@@ -22,12 +22,12 @@ jobs:
 
     steps:
       - name: "Checkout code"
-        uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
+        uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
         with:
           persist-credentials: false
 
       - name: "Run analysis"
-        uses: ossf/scorecard-action@0864cf19026789058feabb7e87baa5f140aac736 # v2.3.1
+        uses: ossf/scorecard-action@dc50aa9510b46c811795eb24b2f1ba02a914e534 # v2.3.3
         with:
           results_file: results.sarif
           results_format: sarif
@@ -45,6 +45,6 @@ jobs:
 
       # Upload the results to GitHub's code scanning dashboard.
       - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@d39d31e687223d841ef683f52467bd88e9b21c14 # v3.25.3
+        uses: github/codeql-action/upload-sarif@9fdb3e49720b44c48891d036bb502feb25684276 # v3.25.6
         with:
           sarif_file: results.sarif
diff --git a/.github/workflows/tag-and-release.yaml b/.github/workflows/tag-and-release.yaml
index b57e323c..08627973 100644
--- a/.github/workflows/tag-and-release.yaml
+++ b/.github/workflows/tag-and-release.yaml
@@ -15,7 +15,7 @@ jobs:
     steps:
       - name: Create release tag
         id: tag
-        uses: google-github-actions/release-please-action@a37ac6e4f6449ce8b3f7607e4d97d0146028dc0b # v4.1.0
+        uses: google-github-actions/release-please-action@e4dc86ba9405554aeba3c6bb2d169500e7d3b4ee # v4.1.1
       - id: release-flag
         run: echo "release_created=${{ steps.tag.outputs.release_created || false }}" >> $GITHUB_OUTPUT
 
@@ -33,7 +33,7 @@ jobs:
       packages: write
 
     steps:
-      - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
+      - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
 
       - name: Environment setup
         uses: defenseunicorns/uds-common/.github/actions/setup@b2e8b25930c953ef893e7c787fe350f0d8679ee2 # v0.4.2
diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml
index df3bd13d..7f55a7c2 100644
--- a/.github/workflows/test.yaml
+++ b/.github/workflows/test.yaml
@@ -43,7 +43,7 @@ jobs:
 
     steps:
       - name: Checkout repository
-        uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
+        uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
 
       - name: Environment setup
         uses: defenseunicorns/uds-common/.github/actions/setup@b2e8b25930c953ef893e7c787fe350f0d8679ee2 # v0.4.2
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
index 7b377636..a3fa50a5 100644
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@@ -31,7 +31,7 @@ repos:
     hooks:
       - id: fix-smartquotes
   - repo: https://github.com/python-jsonschema/check-jsonschema
-    rev: 0.28.2
+    rev: 0.28.4
     hooks:
       - id: check-jsonschema
         name: "Validate Zarf Configs Against Schema"
@@ -44,10 +44,10 @@ repos:
             "--no-cache"
           ]
   - repo: https://github.com/golangci/golangci-lint
-    rev: v1.57.2
+    rev: v1.58.2
     hooks:
       - id: golangci-lint
   - repo: https://github.com/renovatebot/pre-commit-hooks
-    rev: 37.338.0
+    rev: 37.374.3
     hooks:
       - id: renovate-config-validator
diff --git a/values/common.yaml b/values/common.yaml
index 0ec1ef84..c5da6e25 100644
--- a/values/common.yaml
+++ b/values/common.yaml
@@ -2,13 +2,13 @@ controller:
   image:
     registry: "registry1.dso.mil"
     repository: "ironbank/opensource/jenkins/jenkins"
-    tag: "2.440.3-lts"
+    tag: "2.452.1-lts"
   sidecars:
     configAutoReload:
       image:
         registry: "registry1.dso.mil"
         repository: "ironbank/kiwigrid/k8s-sidecar"
-        tag: "1.26.1"
+        tag: "1.27.2"
   jenkinsUrl: https://jenkins.###ZARF_VAR_DOMAIN###
   disableRememberMe: true
   resources:
@@ -26,11 +26,11 @@ controller:
       cpu: "2000m"
       memory: "8192Mi"
   installPlugins:
-    - kubernetes:4209.vc646b_71e5269
+    - kubernetes:4231.vb_a_6b_8936497d
     - workflow-aggregator:596.v8c21c963d92d
     - git:5.2.1
-    - configuration-as-code:1775.v810dc950b_514
-    - oic-auth:4.257.v5360e8489e8b_
+    - configuration-as-code:1810.v9b_c30a_249a_4c
+    - oic-auth:4.269.va_7526f34f306
   overwritePlugins: true
   JCasC:
     defaultConfig: true