diff --git a/.github/workflows/fossa.yml b/.github/workflows/fossa.yml
index d0af31d300..f55b22f011 100644
--- a/.github/workflows/fossa.yml
+++ b/.github/workflows/fossa.yml
@@ -12,7 +12,7 @@ jobs:
   fossa:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
+      - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
 
       - uses: fossas/fossa-action@3ebcea1862c6ffbd5cf1b4d0bd6b3fe7bd6f2cac # v1.7.0
         with:
diff --git a/.github/workflows/ossf-scorecard.yml b/.github/workflows/ossf-scorecard.yml
index af6cc55618..fbe8ce3195 100644
--- a/.github/workflows/ossf-scorecard.yml
+++ b/.github/workflows/ossf-scorecard.yml
@@ -19,7 +19,7 @@ jobs:
       # Needed for GitHub OIDC token if publish_results is true
       id-token: write
     steps:
-      - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
+      - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
         with:
           persist-credentials: false
 
@@ -42,6 +42,6 @@ jobs:
       # Upload the results to GitHub's code scanning dashboard (optional).
       # Commenting out will disable upload of results to your repo's Code Scanning dashboard
       - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@497990dfed22177a82ba1bbab381bc8f6d27058f # v3.31.6
+        uses: github/codeql-action/upload-sarif@f47c8e6a9bd05ef3ee422fc8d8663be7fe4bdc61 # v3.31.8
         with:
           sarif_file: results.sarif
diff --git a/.github/workflows/release-please.yml b/.github/workflows/release-please.yml
index 3f3c01e018..2481be58d1 100644
--- a/.github/workflows/release-please.yml
+++ b/.github/workflows/release-please.yml
@@ -29,7 +29,7 @@ jobs:
         run: |
           npm ci --ignore-scripts
 
-      - uses: actions/create-github-app-token@7e473efe3cb98aa54f8d4bac15400b15fad77d94 # v2.2.0
+      - uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1
         id: otelbot-token
         with:
           app-id: ${{ vars.OTELBOT_JS_CONTRIB_APP_ID }}
diff --git a/.github/workflows/survey-on-merged-pr.yml b/.github/workflows/survey-on-merged-pr.yml
index bd39580dea..70ad9ae891 100644
--- a/.github/workflows/survey-on-merged-pr.yml
+++ b/.github/workflows/survey-on-merged-pr.yml
@@ -17,7 +17,7 @@ jobs:
     runs-on: ubuntu-latest
     if: github.event.pull_request.merged == true
     steps:
-      - uses: actions/create-github-app-token@7e473efe3cb98aa54f8d4bac15400b15fad77d94 # v2.2.0
+      - uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1
         id: otelbot-token
         with:
           app-id: ${{ vars.OTELBOT_APP_ID }}
diff --git a/.github/workflows/update-otel-deps.yaml b/.github/workflows/update-otel-deps.yaml
index 35d2b793c1..f349c4eb77 100644
--- a/.github/workflows/update-otel-deps.yaml
+++ b/.github/workflows/update-otel-deps.yaml
@@ -10,7 +10,7 @@ jobs:
   create-or-update-deps-pr:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/create-github-app-token@7e473efe3cb98aa54f8d4bac15400b15fad77d94 # v2.2.0
+      - uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1
         id: otelbot-token
         with:
           app-id: ${{ vars.OTELBOT_JS_CONTRIB_APP_ID }}
diff --git a/package-lock.json b/package-lock.json
index 66f96f6285..73e0342e0b 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -27,7 +27,7 @@
         "babel-plugin-istanbul": "7.0.1",
         "cross-env": "10.1.0",
         "eslint": "9.39.1",
-        "eslint-plugin-baseline-js": "0.4.0",
+        "eslint-plugin-baseline-js": "0.4.2",
         "eslint-plugin-import": "2.32.0",
         "eslint-plugin-n": "17.21.3",
         "eslint-plugin-yet-another-license-header": "0.2.0",
@@ -12783,9 +12783,9 @@
       }
     },
     "node_modules/@types/pg-pool": {
-      "version": "2.0.6",
-      "resolved": "https://registry.npmjs.org/@types/pg-pool/-/pg-pool-2.0.6.tgz",
-      "integrity": "sha512-TaAUE5rq2VQYxab5Ts7WZhKNmuN78Q6PiFonTDdpbx8a1H0M1vhy3rhiMjl+e2iHmogyMw7jZF4FrE6eJUy5HQ==",
+      "version": "2.0.7",
+      "resolved": "https://registry.npmjs.org/@types/pg-pool/-/pg-pool-2.0.7.tgz",
+      "integrity": "sha512-U4CwmGVQcbEuqpyju8/ptOKg6gEC+Tqsvj2xS9o1g71bUh8twxnC6ZL5rZKCsGN0iyH0CwgUyc9VR5owNQF9Ng==",
       "license": "MIT",
       "dependencies": {
         "@types/pg": "*"
@@ -18448,13 +18448,13 @@
       }
     },
     "node_modules/eslint-plugin-baseline-js": {
-      "version": "0.4.0",
-      "resolved": "https://registry.npmjs.org/eslint-plugin-baseline-js/-/eslint-plugin-baseline-js-0.4.0.tgz",
-      "integrity": "sha512-tD59KX98c8lAiV/zaPBfGoBklNW3F6UnBnRBdyaEfxPYhLWzlRL3O01/ZZ5QBUtTaomIplzkdDBfWsDaFfxubQ==",
+      "version": "0.4.2",
+      "resolved": "https://registry.npmjs.org/eslint-plugin-baseline-js/-/eslint-plugin-baseline-js-0.4.2.tgz",
+      "integrity": "sha512-SAbSTWrdOSlDhTXh5SYmLGzTajwMk7CtmyF+xI1Ain8DNw+F9Plk/wvqNPoe29DhvE5s9AEvwf/ZTU1I3bvYyw==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
-        "eslint-plugin-es-x": "^9.1.1"
+        "eslint-plugin-es-x": "^9.1.2"
       },
       "engines": {
         "node": ">=20.19.0 <22 || >=22.12.0"
@@ -18464,9 +18464,9 @@
       }
     },
     "node_modules/eslint-plugin-baseline-js/node_modules/eslint-plugin-es-x": {
-      "version": "9.1.2",
-      "resolved": "https://registry.npmjs.org/eslint-plugin-es-x/-/eslint-plugin-es-x-9.1.2.tgz",
-      "integrity": "sha512-v019GsVMydtD8e0QazxOtwQRtmKVZgkpykvUwaKH8otLHaLsnV6txRrQWN4MeGn8W1A00Dh8N0R41uiIyvMsYA==",
+      "version": "9.3.0",
+      "resolved": "https://registry.npmjs.org/eslint-plugin-es-x/-/eslint-plugin-es-x-9.3.0.tgz",
+      "integrity": "sha512-jI+xZmZeyIntW7p5b6FqmbsasXPHgmjChzFCtgUfukKntCT46pjHylhRokw3Ae4M0pIK6QGCGDE3aaayZbifQQ==",
       "dev": true,
       "funding": [
         "https://github.com/sponsors/ota-meshi",
@@ -38567,7 +38567,7 @@
         "@opentelemetry/semantic-conventions": "^1.34.0",
         "@opentelemetry/sql-common": "^0.41.2",
         "@types/pg": "8.15.6",
-        "@types/pg-pool": "2.0.6"
+        "@types/pg-pool": "2.0.7"
       },
       "devDependencies": {
         "@opentelemetry/api": "^1.3.0",
diff --git a/package.json b/package.json
index 461cfd3b88..c32937f63d 100644
--- a/package.json
+++ b/package.json
@@ -61,7 +61,7 @@
     "babel-plugin-istanbul": "7.0.1",
     "cross-env": "10.1.0",
     "eslint": "9.39.1",
-    "eslint-plugin-baseline-js": "0.4.0",
+    "eslint-plugin-baseline-js": "0.4.2",
     "eslint-plugin-import": "2.32.0",
     "eslint-plugin-n": "17.21.3",
     "eslint-plugin-yet-another-license-header": "0.2.0",
diff --git a/packages/instrumentation-pg/package.json b/packages/instrumentation-pg/package.json
index 53d18faa2f..8d6552a3a6 100644
--- a/packages/instrumentation-pg/package.json
+++ b/packages/instrumentation-pg/package.json
@@ -68,7 +68,7 @@
     "@opentelemetry/semantic-conventions": "^1.34.0",
     "@opentelemetry/sql-common": "^0.41.2",
     "@types/pg": "8.15.6",
-    "@types/pg-pool": "2.0.6"
+    "@types/pg-pool": "2.0.7"
   },
   "homepage": "https://github.com/open-telemetry/opentelemetry-js-contrib/tree/main/packages/instrumentation-pg#readme"
 }