diff --git a/.github/trivy-to-console.yaml b/.github/trivy-to-console.yaml
index 0ba596d5b..8d250e6dc 100644
--- a/.github/trivy-to-console.yaml
+++ b/.github/trivy-to-console.yaml
@@ -11,6 +11,7 @@ severity:
 vulnerability:
   ignore-unfixed: true
 
+list-all-pkgs: false
 exit-code: 1
 timeout: 10m
 debug: false
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index b3be3c58e..0285f6189 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -91,9 +91,6 @@ jobs:
     needs: [prerequisites]
     if: needs.prerequisites.outputs.runjobs
     uses: ./.github/workflows/trivy-scan.yml
-    with:
-      config-path: .github/trivy-to-sarif.yaml
-      upload-results: true
   deploy_artifacts:
     name: Deploy Artifacts (1.0.x)
     needs: [build_jdk_17, check_samples, scan]
diff --git a/.github/workflows/trivy-scan.yml b/.github/workflows/trivy-scan.yml
index 7172aacfb..7981d2c21 100644
--- a/.github/workflows/trivy-scan.yml
+++ b/.github/workflows/trivy-scan.yml
@@ -44,6 +44,7 @@ jobs:
           scan-type: 'fs'
           scan-ref: '${{ env.LOCAL_REPOSITORY_PATH }}/org/springframework/pulsar'
           trivy-config: ${{ inputs.config-path }}
+          github-pat: ${{ secrets.GH_ACTIONS_REPO_TOKEN }}
       - name: Upload Trivy scan results to GitHub Security tab
         if: inputs.upload-results
         uses: github/codeql-action/upload-sarif@v3
diff --git a/gradle.properties b/gradle.properties
index 26e7a90f4..7f105b4e1 100644
--- a/gradle.properties
+++ b/gradle.properties
@@ -1,5 +1,5 @@
-version=1.0.10
-version.samples=1.0.10-SNAPSHOT
+version=1.0.11
+version.samples=1.0.11-SNAPSHOT
 
 org.gradle.caching=true
 org.gradle.parallel=true
diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml
index 9bdc721bb..25b540cb3 100644
--- a/gradle/libs.versions.toml
+++ b/gradle/libs.versions.toml
@@ -5,27 +5,27 @@ caffeine = "3.1.8"
 jackson = "2.15.4"
 jsr305 = "3.0.2"
 logback = "1.4.14"
-micrometer = "1.12.10"
+micrometer = "1.12.11"
 micrometer-docs-gen = "1.0.4"
-micrometer-tracing = "1.2.10"
+micrometer-tracing = "1.2.11"
 protobuf = "3.21.12"
 pulsar = "3.1.3"
-pulsar-reactive = "0.5.7"
-reactor = "2023.0.10"
-spring = "6.1.13"
+pulsar-reactive = "0.5.8"
+reactor = "2023.0.11"
+spring = "6.1.14"
 # tests
 assertj = "3.25.3"
 awaitility = "4.2.2"
 jacoco = "0.8.9"
 json-path = "2.9.0"
-junit = "5.10.3"
+junit = "5.10.5"
 hamcrest = "2.2"
 mockito = "5.12.0"
 spring-dep-mgmt = "1.1.6"
-spring-boot = "3.2.10-SNAPSHOT"
-spring-boot-for-docs = "3.2.10"
+spring-boot = "3.2.11-SNAPSHOT"
+spring-boot-for-docs = "3.2.11"
 spring-cloud-stream = "4.1.0"
-spring-retry = "2.0.9"
+spring-retry = "2.0.10"
 system-lambda = "1.2.1"
 testcontainers = "1.19.8"
 # plugins
diff --git a/spring-pulsar/src/main/java/org/springframework/pulsar/function/PulsarFunctionAdministration.java b/spring-pulsar/src/main/java/org/springframework/pulsar/function/PulsarFunctionAdministration.java
index de038d61d..9dac885da 100644
--- a/spring-pulsar/src/main/java/org/springframework/pulsar/function/PulsarFunctionAdministration.java
+++ b/spring-pulsar/src/main/java/org/springframework/pulsar/function/PulsarFunctionAdministration.java
@@ -20,6 +20,7 @@
 import java.util.Collections;
 import java.util.LinkedHashMap;
 import java.util.List;
+import java.util.Locale;
 import java.util.Map;
 import java.util.Optional;
 import java.util.stream.Stream;
@@ -314,7 +315,7 @@ private Optional<Exception> safeInvoke(Runnable invocation) {
 	}
 
 	private String functionDesc(PulsarFunctionOperations<?> function) {
-		return "'%s' %s".formatted(function.name(), function.type().toString().toLowerCase());
+		return "'%s' %s".formatted(function.name(), function.type().toString().toLowerCase(Locale.ROOT));
 	}
 
 	/**
diff --git a/spring-pulsar/src/main/java/org/springframework/pulsar/support/header/PulsarHeaderMatcher.java b/spring-pulsar/src/main/java/org/springframework/pulsar/support/header/PulsarHeaderMatcher.java
index 95ee67ba3..629acc1af 100644
--- a/spring-pulsar/src/main/java/org/springframework/pulsar/support/header/PulsarHeaderMatcher.java
+++ b/spring-pulsar/src/main/java/org/springframework/pulsar/support/header/PulsarHeaderMatcher.java
@@ -16,6 +16,7 @@
 
 package org.springframework.pulsar.support.header;
 
+import java.util.Locale;
 import java.util.Set;
 
 import org.springframework.core.log.LogAccessor;
@@ -92,13 +93,13 @@ public static PatternMatch fromPatternString(String pattern) {
 
 		public PatternMatch(String pattern, boolean negate) {
 			Assert.notNull(pattern, "Pattern must not be null");
-			this.pattern = pattern.toLowerCase();
+			this.pattern = pattern.toLowerCase(Locale.ROOT);
 			this.negate = negate;
 		}
 
 		@Override
 		public boolean matchHeader(String headerName) {
-			if (!PatternMatchUtils.simpleMatch(this.pattern, headerName.toLowerCase())) {
+			if (!PatternMatchUtils.simpleMatch(this.pattern, headerName.toLowerCase(Locale.ROOT))) {
 				return false;
 			}
 			LOGGER.debug(() -> "headerName=[%s] WILL %s be mapped, matched pattern=%s".formatted(headerName,
diff --git a/src/checkstyle/checkstyle-suppressions.xml b/src/checkstyle/checkstyle-suppressions.xml
index 50d983a2d..1b43d8fb2 100644
--- a/src/checkstyle/checkstyle-suppressions.xml
+++ b/src/checkstyle/checkstyle-suppressions.xml
@@ -8,8 +8,10 @@
 	<suppress files="DefaultSchemaResolverTests" checks="MethodParamPad" />
 	<suppress files="PulsarFunctionAdministrationIntegrationTests" checks="Regexp" />
 	<suppress files="Proto" checks=".*"/>
+	<suppress files=".*Tests" checks="HideUtilityClassConstructor" />
+	<suppress files=".*Tests" checks="RegexpSinglelineJava" id="toLowerCaseWithoutLocale"/>
+	<suppress files=".*Tests" checks="RegexpSinglelineJava" id="toUpperCaseWithoutLocale"/>
 	<suppress files="ReactiveSpringPulsarBootApp" checks="HideUtilityClassConstructor"/>
-	<suppress files="SamplePulsarApplicationTests" checks="HideUtilityClassConstructor" />
 	<suppress files="[\\/]spring-pulsar-docs[\\/]" checks="JavadocPackage|JavadocType|JavadocVariable|SpringDeprecatedCheck" />
 	<suppress files="[\\/]spring-pulsar-docs[\\/]" checks="SpringJavadoc" message="\@since" />
 	<suppress files="[\\/]spring-pulsar-docs[\\/].*jooq" checks="AvoidStaticImport" />
diff --git a/src/checkstyle/checkstyle.xml b/src/checkstyle/checkstyle.xml
index 06f99f55f..d10e07be1 100644
--- a/src/checkstyle/checkstyle.xml
+++ b/src/checkstyle/checkstyle.xml
@@ -169,6 +169,22 @@
 					  value="Please use AssertJ imports."/>
 			<property name="ignoreComments" value="true"/>
 		</module>
+		<module name="com.puppycrawl.tools.checkstyle.checks.regexp.RegexpSinglelineJavaCheck">
+			<property name="id" value="toLowerCaseWithoutLocale"/>
+			<property name="format" value="\.toLowerCase\(\)"/>
+			<property name="maximum" value="0"/>
+			<property name="message"
+					  value="String.toLowerCase() should be String.toLowerCase(Locale.ROOT)"/>
+			<property name="ignoreComments" value="true"/>
+		</module>
+		<module name="com.puppycrawl.tools.checkstyle.checks.regexp.RegexpSinglelineJavaCheck">
+			<property name="id" value="toUpperCaseWithoutLocale"/>
+			<property name="format" value="\.toUpperCase\(\)"/>
+			<property name="maximum" value="0"/>
+			<property name="message"
+					  value="String.toUpperCase() should be String.toUpperCase(Locale.ROOT)"/>
+			<property name="ignoreComments" value="true"/>
+		</module>
 		<module name="Regexp">
 			<property name="format" value="[ \t]+$"/>
 			<property name="illegalPattern" value="true"/>