diff --git a/.github/workflows/brakeman.yml b/.github/workflows/brakeman.yml
index 05f1b879..ae9368dc 100644
--- a/.github/workflows/brakeman.yml
+++ b/.github/workflows/brakeman.yml
@@ -15,7 +15,7 @@ permissions:
 
 jobs:
   brakeman:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-24.04
 
     steps:
       - name: Harden Runner
diff --git a/.github/workflows/bundler-audit.yml b/.github/workflows/bundler-audit.yml
index 9fc4adbd..769d68f8 100644
--- a/.github/workflows/bundler-audit.yml
+++ b/.github/workflows/bundler-audit.yml
@@ -15,7 +15,7 @@ permissions:
 
 jobs:
   bundler-audit:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-24.04
 
     steps:
       - name: Harden Runner
diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
index 8a679687..0aa7a486 100644
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -27,7 +27,7 @@ permissions:
 jobs:
   analyze:
     name: Analyze
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-24.04
     permissions:
       actions: read
       contents: read
diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml
index a8d12d2b..1334897d 100644
--- a/.github/workflows/dependency-review.yml
+++ b/.github/workflows/dependency-review.yml
@@ -10,7 +10,7 @@ permissions:
 
 jobs:
   dependency-review:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-24.04
     steps:
       - name: Harden Runner
         uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml
index eab74f4d..c86219b1 100644
--- a/.github/workflows/docker.yml
+++ b/.github/workflows/docker.yml
@@ -14,7 +14,7 @@ permissions:
 
 jobs:
   build:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-24.04
 
     steps:
       - name: Harden Runner
diff --git a/.github/workflows/fasterer.yml b/.github/workflows/fasterer.yml
index 99f8f4ad..44c117b4 100644
--- a/.github/workflows/fasterer.yml
+++ b/.github/workflows/fasterer.yml
@@ -15,7 +15,7 @@ permissions:
 
 jobs:
   fasterer:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-24.04
 
     steps:
       - name: Harden Runner
diff --git a/.github/workflows/hadolint.yml b/.github/workflows/hadolint.yml
index 838cb0df..d9ef7722 100644
--- a/.github/workflows/hadolint.yml
+++ b/.github/workflows/hadolint.yml
@@ -15,7 +15,7 @@ permissions:
 
 jobs:
   hadolint:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-24.04
 
     steps:
       - name: Harden Runner
diff --git a/.github/workflows/license_finder.yml b/.github/workflows/license_finder.yml
index ada65792..72815c2b 100644
--- a/.github/workflows/license_finder.yml
+++ b/.github/workflows/license_finder.yml
@@ -15,7 +15,7 @@ permissions:
 
 jobs:
   license_finder:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-24.04
 
     steps:
       - name: Harden Runner
diff --git a/.github/workflows/mdl.yml b/.github/workflows/mdl.yml
index 0d0b65a1..a772bf4b 100644
--- a/.github/workflows/mdl.yml
+++ b/.github/workflows/mdl.yml
@@ -15,7 +15,7 @@ permissions:
 
 jobs:
   mdl:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-24.04
 
     steps:
       - name: Harden Runner
diff --git a/.github/workflows/rspec.yml b/.github/workflows/rspec.yml
index b76c76a5..17594b9b 100644
--- a/.github/workflows/rspec.yml
+++ b/.github/workflows/rspec.yml
@@ -24,11 +24,11 @@ env:
 
 jobs:
   rspec:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-24.04
 
     services:
       postgres:
-        image: "postgres:17.0"
+        image: "postgres:17.2"
         env:
           POSTGRES_HOST_AUTH_METHOD: "trust"
           POSTGRES_USER: "runner"
diff --git a/.github/workflows/rubocop.yml b/.github/workflows/rubocop.yml
index b2fbdab4..f910c651 100644
--- a/.github/workflows/rubocop.yml
+++ b/.github/workflows/rubocop.yml
@@ -15,7 +15,7 @@ permissions:
 
 jobs:
   rubocop:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-24.04
 
     steps:
       - name: Harden Runner
diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml
index cde91a16..4c15d6e1 100644
--- a/.github/workflows/scorecards.yml
+++ b/.github/workflows/scorecards.yml
@@ -21,7 +21,7 @@ permissions: read-all
 jobs:
   analysis:
     name: Scorecard analysis
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-24.04
     permissions:
       # Needed to upload the results to code-scanning dashboard.
       security-events: write
diff --git a/.github/workflows/standard.yml b/.github/workflows/standard.yml
index 2049088b..cd49b7f2 100644
--- a/.github/workflows/standard.yml
+++ b/.github/workflows/standard.yml
@@ -15,7 +15,7 @@ permissions:
 
 jobs:
   standard:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-24.04
 
     steps:
       - name: Harden Runner
diff --git a/Dockerfile b/Dockerfile
index c8d3ed04..2aad1534 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -27,8 +27,8 @@ ENV RAILS_ENV="production" \
     BOOTSNAP_READONLY="true"
 
 RUN set -eux; \
-    gem update --system "3.5.23" ; \
-    gem install bundler --version "2.5.23" --force
+    gem update --system "3.6.2" ; \
+    gem install bundler --version "2.6.2" --force
 
 # Throw-away build stage to reduce size of final image
 FROM base AS build
diff --git a/Gemfile.lock b/Gemfile.lock
index bb24e0fd..08437644 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -503,4 +503,4 @@ RUBY VERSION
    ruby 3.3.6p108
 
 BUNDLED WITH
-   2.5.23
+   2.6.2