diff --git a/.ci/Dockerfile b/.ci/Dockerfile
index d93bf0a8d..c35988ede 100644
--- a/.ci/Dockerfile
+++ b/.ci/Dockerfile
@@ -12,7 +12,7 @@
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 # See the License for the specific language governing permissions and
 # limitations under the License.
-FROM golang:1.21-alpine@sha256:2a1959ca3c229c72fbbee9643b88ef23d7859a7d18b60a0d94ee3d2923b49316 AS builder
+FROM golang:1.24-alpine@sha256:daae04ebad0c21149979cd8e9db38f565ecefd8547cf4a591240dc1972cf1399 AS builder
 
 # Allows for the proper yq to be downloaded
 # This arg is automatically set if the dockerfile is built with --platform flag
diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
index 6a73a6bbb..f4ce3342b 100644
--- a/.github/workflows/ci.yaml
+++ b/.github/workflows/ci.yaml
@@ -21,7 +21,7 @@ on:
     branches: [main]
 
 env:
-  GO_VERSION: 1.21
+  GO_VERSION: 1.24
   OAPI_CODEGEN_VERSION: v1.12.4
 
 jobs:
@@ -62,7 +62,7 @@ jobs:
       - name: Run Gosec Security Scanner
         run: |
           export PATH=$PATH:$(go env GOPATH)/bin
-          go install github.com/securego/gosec/v2/cmd/gosec@v2.14.0
+          go install github.com/securego/gosec/v2/cmd/gosec@v2.22.7
           bash ./run_gosec.sh
           if [[ $? != 0 ]]
           then
diff --git a/.github/workflows/codecov.yaml b/.github/workflows/codecov.yaml
index c0a0c509c..411220415 100644
--- a/.github/workflows/codecov.yaml
+++ b/.github/workflows/codecov.yaml
@@ -28,7 +28,7 @@ jobs:
       - name: Set up Go 1.x
         uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0
         with:
-          go-version: 1.21
+          go-version: 1.24
       - name: Run tests
         run: cd index/server && go test ./... -coverprofile cover.out
       - name: Codecov
diff --git a/.github/workflows/pushimage-next.yaml b/.github/workflows/pushimage-next.yaml
index 29fda072e..c6b1ee9dc 100644
--- a/.github/workflows/pushimage-next.yaml
+++ b/.github/workflows/pushimage-next.yaml
@@ -30,7 +30,7 @@ jobs:
       - name: Setup Go environment
         uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0
         with:
-          go-version: 1.21
+          go-version: 1.24
       - name: Set up QEMU # Enables arm64 image building
         uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 #v3.0.0
       - name: Login to Quay
diff --git a/.github/workflows/scorecard.yaml b/.github/workflows/scorecard.yaml
index f38d2c106..1b0db6c53 100644
--- a/.github/workflows/scorecard.yaml
+++ b/.github/workflows/scorecard.yaml
@@ -45,7 +45,7 @@ jobs:
       # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
       # format to the repository Actions tab.
       - name: "Upload artifact"
-        uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0
+        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
         with:
           name: SARIF file
           path: results.sarif
diff --git a/README.md b/README.md
index c55d7a04f..49a035660 100644
--- a/README.md
+++ b/README.md
@@ -2,7 +2,7 @@
 
 <div id="header">
 
-![Go](https://img.shields.io/badge/Go-1.21-blue)
+![Go](https://img.shields.io/badge/Go-1.24-blue)
 [![Apache2.0 License](https://img.shields.io/badge/license-Apache2.0-brightgreen.svg)](LICENSE)
 [![OpenSSF Best Practices](https://www.bestpractices.dev/projects/8257/badge)](https://www.bestpractices.dev/projects/8257)
 [![OpenSSF Scorecard](https://api.securityscorecards.dev/projects/github.com/devfile/registry-support/badge)](https://securityscorecards.dev/viewer/?uri=github.com/devfile/registry-support)
diff --git a/index/generator/go.mod b/index/generator/go.mod
index 848437e14..73032c711 100644
--- a/index/generator/go.mod
+++ b/index/generator/go.mod
@@ -1,6 +1,6 @@
 module github.com/devfile/registry-support/index/generator
 
-go 1.21
+go 1.24
 
 require (
 	github.com/devfile/api/v2 v2.3.0
diff --git a/index/server/Dockerfile b/index/server/Dockerfile
index 380dd0ba8..3eca7851e 100644
--- a/index/server/Dockerfile
+++ b/index/server/Dockerfile
@@ -14,7 +14,7 @@
 # limitations under the License.
 
 # Index Server build stage
-FROM registry.access.redhat.com/ubi8/go-toolset:1.21.13-1.1727869850 AS index-builder
+FROM registry.access.redhat.com/ubi8/go-toolset:1.24.4-1754273152@sha256:ddad134f9fe193a6b3c7a87fa73b17e80212cdb0aa10dbd5a7581df96c998f1b AS index-builder
 USER root
 WORKDIR /tools
 COPY . .
diff --git a/index/server/go.mod b/index/server/go.mod
index 7188c0266..231234d4e 100644
--- a/index/server/go.mod
+++ b/index/server/go.mod
@@ -1,6 +1,6 @@
 module github.com/devfile/registry-support/index/server
 
-go 1.21
+go 1.24
 
 require (
 	github.com/deepmap/oapi-codegen v1.12.4
diff --git a/oci-registry/Dockerfile b/oci-registry/Dockerfile
index 71bfeebda..bf7870d61 100644
--- a/oci-registry/Dockerfile
+++ b/oci-registry/Dockerfile
@@ -12,7 +12,7 @@
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 # See the License for the specific language governing permissions and
 # limitations under the License.
-FROM registry.access.redhat.com/ubi8/go-toolset:1.23.6-1.1744600118 as registry
+FROM registry.access.redhat.com/ubi8/go-toolset:1.24.4-1754273152@sha256:ddad134f9fe193a6b3c7a87fa73b17e80212cdb0aa10dbd5a7581df96c998f1b as registry
 ARG PKG="github.com/docker/distribution"
 ARG PKG_VERSION="v2.8.3"
 ENV GOPATH=/go
diff --git a/registry-library/go.mod b/registry-library/go.mod
index f76c85bc4..f4a1839a6 100644
--- a/registry-library/go.mod
+++ b/registry-library/go.mod
@@ -1,6 +1,6 @@
 module github.com/devfile/registry-support/registry-library
 
-go 1.21
+go 1.24
 
 require (
 	github.com/containerd/containerd v1.7.13
diff --git a/registry-library/vendor/github.com/hashicorp/hcl/.gitignore b/registry-library/vendor/github.com/hashicorp/hcl/.gitignore
index 15586a2b5..822fa09f5 100644
--- a/registry-library/vendor/github.com/hashicorp/hcl/.gitignore
+++ b/registry-library/vendor/github.com/hashicorp/hcl/.gitignore
@@ -1,9 +1,9 @@
-y.output
-
-# ignore intellij files
-.idea
-*.iml
-*.ipr
-*.iws
-
-*.test
+y.output
+
+# ignore intellij files
+.idea
+*.iml
+*.ipr
+*.iws
+
+*.test
diff --git a/tests/integration/Dockerfile b/tests/integration/Dockerfile
index 44f3f7c74..98cfe96f3 100644
--- a/tests/integration/Dockerfile
+++ b/tests/integration/Dockerfile
@@ -12,7 +12,7 @@
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 # See the License for the specific language governing permissions and
 # limitations under the License.
-FROM registry.access.redhat.com/ubi8/go-toolset:1.21.13-1.1727869850 AS builder
+FROM registry.access.redhat.com/ubi8/go-toolset:1.24.4-1754273152@sha256:ddad134f9fe193a6b3c7a87fa73b17e80212cdb0aa10dbd5a7581df96c998f1b AS builder
 ARG LIBRARY_REPO="https://github.com/devfile/registry-support"
 ARG LIBRARY_REF="main"
 USER root
diff --git a/tests/integration/go.mod b/tests/integration/go.mod
index dc6d88b17..62a2ace9a 100644
--- a/tests/integration/go.mod
+++ b/tests/integration/go.mod
@@ -1,6 +1,6 @@
 module github.com/devfile/registry-support/tests/integration
 
-go 1.21
+go 1.24
 
 require (
 	github.com/devfile/library/v2 v2.2.2