diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 1d3602c..9dab7c2 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -22,7 +22,7 @@ jobs:
       security-events: write
     steps:
       - name: Checkout ${{ github.repository }}
-        uses: actions/checkout@v4.3.1
+        uses: actions/checkout@v6.0.0
         with:
           persist-credentials: false
       - name: Install uv
@@ -41,7 +41,7 @@ jobs:
         if: '!cancelled()'
         env:
           # renovate: datasource=docker depName=davidanson/markdownlint-cli2-rules versioning=semver
-          MARKDOWNLINT_CLI2_VERSION: v0.18.1
+          MARKDOWNLINT_CLI2_VERSION: v0.19.1
         uses: YannickTeKulve/docker-run-action@37eb44806428df732c5cc168b96f2b6be8153632
         with:
           image: davidanson/markdownlint-cli2-rules:${{ env.MARKDOWNLINT_CLI2_VERSION }}
@@ -66,7 +66,7 @@ jobs:
       contents: read
       packages: write
     steps:
-      - uses: actions/checkout@v4.3.1
+      - uses: actions/checkout@v6.0.0
         with:
           persist-credentials: false
           lfs: true
@@ -89,7 +89,7 @@ jobs:
           call: check
       - name: Extract metadata (tags, labels) for Docker
         id: meta
-        uses: docker/metadata-action@v5.9.0
+        uses: docker/metadata-action@v5.10.0
         with:
           images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
       - name: Build Docker image
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
index 3e4e215..85562ba 100644
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@@ -1,6 +1,6 @@
 repos:
   - repo: https://github.com/pre-commit/pre-commit-hooks
-    rev: v5.0.0
+    rev: v6.0.0
     hooks:
       - id: trailing-whitespace
       - id: end-of-file-fixer
@@ -41,7 +41,7 @@ repos:
       - id: typos
 
   - repo: https://github.com/python-jsonschema/check-jsonschema
-    rev: 0.33.3
+    rev: 0.35.0
     hooks:
       - id: check-github-workflows
         args: ["--verbose"]
@@ -64,19 +64,19 @@ repos:
           - mdformat-gfm-alerts==2.0.0
 
   - repo: https://github.com/DavidAnson/markdownlint-cli2
-    rev: v0.18.1
+    rev: v0.19.1
     hooks:
       - id: markdownlint-cli2
 
   # zizmor detects security vulnerabilities in GitHub Actions workflows.
   - repo: https://github.com/woodruffw/zizmor-pre-commit
-    rev: v1.11.0
+    rev: v1.17.0
     hooks:
       - id: zizmor
 
   # actionlint for verifying correct syntax in GitHub Actions workflows.
   - repo: https://github.com/rhysd/actionlint
-    rev: v1.7.7
+    rev: v1.7.9
     hooks:
       - id: actionlint
         language: golang
diff --git a/Dockerfile b/Dockerfile
index 6ff6857..378c9c8 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -32,7 +32,7 @@ RUN python -m mkdocs build --strict --site-dir /site
 
 
 # production
-FROM joseluisq/static-web-server:2.36.1
+FROM joseluisq/static-web-server:2.39.0
 
 COPY deploy/sws.toml /config.toml