diff --git a/requirements/ci.txt b/requirements/ci.txt
index 7f0837e9..deec6529 100644
--- a/requirements/ci.txt
+++ b/requirements/ci.txt
@@ -28,7 +28,7 @@ pluggy==1.5.0
     # via tox
 pyproject-api==1.8.0
     # via tox
-tox==4.23.0
+tox==4.23.2
     # via -r requirements/ci.in
 virtualenv==20.27.0
     # via tox
diff --git a/requirements/dev.txt b/requirements/dev.txt
index c3c9f629..79fe3f8a 100644
--- a/requirements/dev.txt
+++ b/requirements/dev.txt
@@ -90,7 +90,7 @@ docutils==0.21.2
     # via
     #   -r requirements/quality.txt
     #   readme-renderer
-edx-lint==5.4.0
+edx-lint==5.4.1
     # via -r requirements/quality.txt
 filelock==3.16.1
     # via
@@ -136,7 +136,7 @@ jinja2==3.1.4
     #   -r requirements/quality.txt
     #   code-annotations
     #   diff-cover
-keyring==25.4.1
+keyring==25.5.0
     # via
     #   -r requirements/quality.txt
     #   twine
@@ -275,7 +275,7 @@ rfc3986==2.0.0
     # via
     #   -r requirements/quality.txt
     #   twine
-rich==13.9.2
+rich==13.9.3
     # via
     #   -r requirements/quality.txt
     #   twine
@@ -307,7 +307,7 @@ tomlkit==0.13.2
     # via
     #   -r requirements/quality.txt
     #   pylint
-tox==4.23.0
+tox==4.23.2
     # via -r requirements/ci.txt
 twine==5.1.1
     # via -r requirements/quality.txt
diff --git a/requirements/doc.txt b/requirements/doc.txt
index 85308270..fab8c109 100644
--- a/requirements/doc.txt
+++ b/requirements/doc.txt
@@ -93,7 +93,7 @@ jinja2==3.1.4
     #   -r requirements/test.txt
     #   code-annotations
     #   sphinx
-keyring==25.4.1
+keyring==25.5.0
     # via twine
 markdown-it-py==3.0.0
     # via rich
@@ -113,7 +113,6 @@ packaging==24.1
     # via
     #   -r requirements/test.txt
     #   build
-    #   pydata-sphinx-theme
     #   pytest
     #   sphinx
 pbr==6.1.0
@@ -128,7 +127,7 @@ pluggy==1.5.0
     #   pytest
 pycparser==2.22
     # via cffi
-pydata-sphinx-theme==0.15.4
+pydata-sphinx-theme==0.16.0
     # via sphinx-book-theme
 pygments==2.18.0
     # via
@@ -171,7 +170,7 @@ restructuredtext-lint==1.4.0
     # via doc8
 rfc3986==2.0.0
     # via twine
-rich==13.9.2
+rich==13.9.3
     # via twine
 secretstorage==3.3.3
     # via keyring
@@ -216,7 +215,7 @@ sqlparse==0.5.1
     # via
     #   -r requirements/test.txt
     #   django
-starlette==0.41.0
+starlette==0.41.2
     # via sphinx-autobuild
 stevedore==5.3.0
     # via
diff --git a/requirements/pip.txt b/requirements/pip.txt
index 346a0611..b9f562fb 100644
--- a/requirements/pip.txt
+++ b/requirements/pip.txt
@@ -9,6 +9,8 @@ wheel==0.44.0
 
 # The following packages are considered to be unsafe in a requirements file:
 pip==24.2
-    # via -r requirements/pip.in
+    # via
+    #   -c https://raw.githubusercontent.com/edx/edx-lint/master/edx_lint/files/common_constraints.txt
+    #   -r requirements/pip.in
 setuptools==75.2.0
     # via -r requirements/pip.in
diff --git a/requirements/quality.txt b/requirements/quality.txt
index 41d49af2..1fb65aaf 100644
--- a/requirements/quality.txt
+++ b/requirements/quality.txt
@@ -48,7 +48,7 @@ django==4.2.16
     #   -r requirements/test.txt
 docutils==0.21.2
     # via readme-renderer
-edx-lint==5.4.0
+edx-lint==5.4.1
     # via -r requirements/quality.in
 idna==3.10
     # via requests
@@ -78,7 +78,7 @@ jinja2==3.1.4
     # via
     #   -r requirements/test.txt
     #   code-annotations
-keyring==25.4.1
+keyring==25.5.0
     # via twine
 markdown-it-py==3.0.0
     # via rich
@@ -163,7 +163,7 @@ requests-toolbelt==1.0.0
     # via twine
 rfc3986==2.0.0
     # via twine
-rich==13.9.2
+rich==13.9.3
     # via twine
 secretstorage==3.3.3
     # via keyring