diff --git a/.github/workflows/commitlint.yaml b/.github/workflows/commitlint.yaml
index 519ffa3..a52a792 100644
--- a/.github/workflows/commitlint.yaml
+++ b/.github/workflows/commitlint.yaml
@@ -8,4 +8,4 @@ on:
 jobs:
   validate:
     name: Validate
-    uses: defenseunicorns/uds-common/.github/workflows/commitlint.yaml@0a1622c9ff2298722b9e47563236ac56d1a93a56 # v0.3.11
+    uses: defenseunicorns/uds-common/.github/workflows/commitlint.yaml@a6fba9c0084319325d70816a3481aec0979649fa # v0.4.0
diff --git a/.github/workflows/lint.yaml b/.github/workflows/lint.yaml
index 78c2a73..8134c7e 100644
--- a/.github/workflows/lint.yaml
+++ b/.github/workflows/lint.yaml
@@ -15,12 +15,12 @@ jobs:
 
     steps:
       - name: Checkout
-        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
+        uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
         with:
           fetch-depth: 0
 
       - name: Environment setup
-        uses: defenseunicorns/uds-common/.github/actions/setup@0a1622c9ff2298722b9e47563236ac56d1a93a56 # v0.3.11
+        uses: defenseunicorns/uds-common/.github/actions/setup@a6fba9c0084319325d70816a3481aec0979649fa # v0.4.0
         with:
           registry1Username: ${{ secrets.IRON_BANK_ROBOT_USERNAME }}
           registry1Password: ${{ secrets.IRON_BANK_ROBOT_PASSWORD }}
diff --git a/.github/workflows/scorecard.yaml b/.github/workflows/scorecard.yaml
index e0419f0..b4a568d 100644
--- a/.github/workflows/scorecard.yaml
+++ b/.github/workflows/scorecard.yaml
@@ -22,7 +22,7 @@ jobs:
 
     steps:
       - name: "Checkout code"
-        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
+        uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
         with:
           persist-credentials: false
 
@@ -37,7 +37,7 @@ jobs:
       # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
       # format to the repository Actions tab.
       - name: "Upload artifact"
-        uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
+        uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
         with:
           name: SARIF file
           path: results.sarif
@@ -45,6 +45,6 @@ jobs:
 
       # Upload the results to GitHub's code scanning dashboard.
       - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@df5a14dc28094dc936e103b37d749c6628682b60 # v3.25.0
+        uses: github/codeql-action/upload-sarif@d39d31e687223d841ef683f52467bd88e9b21c14 # v3.25.3
         with:
           sarif_file: results.sarif
diff --git a/.github/workflows/tag-and-release.yaml b/.github/workflows/tag-and-release.yaml
index bfad04f..e296254 100644
--- a/.github/workflows/tag-and-release.yaml
+++ b/.github/workflows/tag-and-release.yaml
@@ -33,10 +33,10 @@ jobs:
       packages: write
 
     steps:
-      - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
+      - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
 
       - name: Environment setup
-        uses: defenseunicorns/uds-common/.github/actions/setup@0a1622c9ff2298722b9e47563236ac56d1a93a56 # v0.3.11
+        uses: defenseunicorns/uds-common/.github/actions/setup@a6fba9c0084319325d70816a3481aec0979649fa # v0.4.0
         with:
           registry1Username: ${{ secrets.IRON_BANK_ROBOT_USERNAME }}
           registry1Password: ${{ secrets.IRON_BANK_ROBOT_PASSWORD }}
@@ -47,6 +47,6 @@ jobs:
 
       - name: Save logs
         if: always()
-        uses: defenseunicorns/uds-common/.github/actions/save-logs@0a1622c9ff2298722b9e47563236ac56d1a93a56 # v0.3.11
+        uses: defenseunicorns/uds-common/.github/actions/save-logs@a6fba9c0084319325d70816a3481aec0979649fa # v0.4.0
         with:
           suffix: ${{ matrix.flavor }}-${{ github.run_id }}-${{ github.run_attempt }}
diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml
index e62cb5e..35b7307 100644
--- a/.github/workflows/test.yaml
+++ b/.github/workflows/test.yaml
@@ -42,23 +42,23 @@ jobs:
 
     steps:
       - name: Checkout repository
-        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
+        uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
 
       - name: Environment setup
-        uses: defenseunicorns/uds-common/.github/actions/setup@0a1622c9ff2298722b9e47563236ac56d1a93a56 # v0.3.11
+        uses: defenseunicorns/uds-common/.github/actions/setup@a6fba9c0084319325d70816a3481aec0979649fa # v0.4.0
         with:
           registry1Username: ${{ secrets.IRON_BANK_ROBOT_USERNAME }}
           registry1Password: ${{ secrets.IRON_BANK_ROBOT_PASSWORD }}
           ghToken: ${{ secrets.GITHUB_TOKEN }}
 
       - name: Test
-        uses: defenseunicorns/uds-common/.github/actions/test@0a1622c9ff2298722b9e47563236ac56d1a93a56 # v0.3.11
+        uses: defenseunicorns/uds-common/.github/actions/test@a6fba9c0084319325d70816a3481aec0979649fa # v0.4.0
         with:
           flavor: ${{ matrix.flavor }}
           type: ${{ matrix.type }}
 
       - name: Save logs
         if: always()
-        uses: defenseunicorns/uds-common/.github/actions/save-logs@0a1622c9ff2298722b9e47563236ac56d1a93a56 # v0.3.11
+        uses: defenseunicorns/uds-common/.github/actions/save-logs@a6fba9c0084319325d70816a3481aec0979649fa # v0.4.0
         with:
           suffix: ${{ matrix.type }}-${{ matrix.flavor }}-${{ github.run_id }}-${{ github.run_attempt }}
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
index 96f6254..1d8effa 100644
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@@ -40,7 +40,7 @@ repos:
         args:
           [
             "--schemafile",
-            "https://raw.githubusercontent.com/defenseunicorns/zarf/v0.33.0/zarf.schema.json",
+            "https://raw.githubusercontent.com/defenseunicorns/zarf/v0.33.1/zarf.schema.json",
             "--no-cache"
           ]
   - repo: https://github.com/golangci/golangci-lint
@@ -48,6 +48,6 @@ repos:
     hooks:
       - id: golangci-lint
   - repo: https://github.com/renovatebot/pre-commit-hooks
-    rev: 37.301.6
+    rev: 37.329.0
     hooks:
       - id: renovate-config-validator
diff --git a/tasks.yaml b/tasks.yaml
index 240bbe6..684b092 100644
--- a/tasks.yaml
+++ b/tasks.yaml
@@ -2,11 +2,11 @@ includes:
   - cleanup: ./tasks/cleanup.yaml
   - dependencies: ./tasks/dependencies.yaml
   - test: ./tasks/test.yaml
-  - create: https://raw.githubusercontent.com/defenseunicorns/uds-common/v0.3.11/tasks/create.yaml
-  - lint: https://raw.githubusercontent.com/defenseunicorns/uds-common/v0.3.11/tasks/lint.yaml
-  - pull: https://raw.githubusercontent.com/defenseunicorns/uds-common/v0.3.11/tasks/pull.yaml
-  - deploy: https://raw.githubusercontent.com/defenseunicorns/uds-common/v0.3.11/tasks/deploy.yaml
-  - setup: https://raw.githubusercontent.com/defenseunicorns/uds-common/v0.3.11/tasks/setup.yaml
+  - create: https://raw.githubusercontent.com/defenseunicorns/uds-common/v0.4.0/tasks/create.yaml
+  - lint: https://raw.githubusercontent.com/defenseunicorns/uds-common/v0.4.0/tasks/lint.yaml
+  - pull: https://raw.githubusercontent.com/defenseunicorns/uds-common/v0.4.0/tasks/pull.yaml
+  - deploy: https://raw.githubusercontent.com/defenseunicorns/uds-common/v0.4.0/tasks/deploy.yaml
+  - setup: https://raw.githubusercontent.com/defenseunicorns/uds-common/v0.4.0/tasks/setup.yaml
 
 tasks:
   - name: default
diff --git a/tasks/publish.yaml b/tasks/publish.yaml
index ef8ebe9..0438f9a 100644
--- a/tasks/publish.yaml
+++ b/tasks/publish.yaml
@@ -1,5 +1,5 @@
 includes:
-  - publish: https://raw.githubusercontent.com/defenseunicorns/uds-common/v0.3.11/tasks/publish.yaml
+  - publish: https://raw.githubusercontent.com/defenseunicorns/uds-common/v0.4.0/tasks/publish.yaml
 
 tasks:
   - name: package