diff --git a/package.json b/package.json
index 1a139c6d..819f6ca3 100644
--- a/package.json
+++ b/package.json
@@ -64,8 +64,8 @@
     "update": "node scripts/update.mjs"
   },
   "dependencies": {
-    "@socketregistry/packageurl-js": "1.3.5",
-    "@socketsecurity/lib": "5.11.3",
+    "@socketregistry/packageurl-js": "1.4.0",
+    "@socketsecurity/lib": "5.11.4",
     "form-data": "4.0.5"
   },
   "devDependencies": {
diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml
index f9dc5870..f114a2d2 100644
--- a/pnpm-lock.yaml
+++ b/pnpm-lock.yaml
@@ -12,11 +12,11 @@ importers:
   .:
     dependencies:
       '@socketregistry/packageurl-js':
-        specifier: 1.3.5
-        version: 1.3.5
+        specifier: 1.4.0
+        version: 1.4.0
       '@socketsecurity/lib':
-        specifier: 5.11.3
-        version: 5.11.3(typescript@5.9.3)
+        specifier: 5.11.4
+        version: 5.11.4(typescript@5.9.3)
       form-data:
         specifier: 4.0.5
         version: 4.0.5
@@ -915,12 +915,12 @@ packages:
     resolution: {integrity: sha512-LtoMMhxAlorcGhmFYI+LhPgbPZCkgP6ra1YL604EeF6U98pLlQ3iWIGMdWSC+vWmPBWBNgmDBAhnAobLROJmwg==}
     engines: {node: '>=18'}
 
-  '@socketregistry/packageurl-js@1.3.5':
-    resolution: {integrity: sha512-Fl4GNUJ/z3IBJBGj4IsJfuRGUBCRMgX0df0mb5x5buaCPDKC+NhMhAFuxpc3viLSHV12CO2rGaNCf4fBYWI0FA==}
-    engines: {node: '>=18', pnpm: '>=10.16.0'}
+  '@socketregistry/packageurl-js@1.4.0':
+    resolution: {integrity: sha512-FkZLsxg01R/V83ojvhRmMB6mMMx44tEzABtxdViZqL3dRW7wtG/cYXgks3xQmRITjnmGXUy4UtXpw/FmoQM1XQ==}
+    engines: {node: '>=18.20.4', pnpm: '>=10.25.0'}
 
-  '@socketsecurity/lib@5.11.3':
-    resolution: {integrity: sha512-Jp6TSn8ATHrTtw/kTFXmVr+cZwZVuX9wqym/FQ3n8GSAgByUPJJdzWMLzHVFK1HaQRK4kVdB5Db3IKXdFkpQ2Q==}
+  '@socketsecurity/lib@5.11.4':
+    resolution: {integrity: sha512-3/stIFexg45DNhGvpw/U49UFuHYe0ZLS45scuYw83HfWrHmL7h9Mi4m27C3/ihAF6O9uOJSKBsWBIHlTM8Wikg==}
     engines: {node: '>=22', pnpm: '>=10.25.0'}
     peerDependencies:
       typescript: '>=5.0.0'
@@ -2456,9 +2456,11 @@ snapshots:
 
   '@sindresorhus/merge-streams@2.3.0': {}
 
-  '@socketregistry/packageurl-js@1.3.5': {}
+  '@socketregistry/packageurl-js@1.4.0':
+    dependencies:
+      picomatch: 4.0.3
 
-  '@socketsecurity/lib@5.11.3(typescript@5.9.3)':
+  '@socketsecurity/lib@5.11.4(typescript@5.9.3)':
     optionalDependencies:
       typescript: 5.9.3