diff --git a/.circleci/config.yml b/.circleci/config.yml
index 8e192d101..58cf55ae5 100644
--- a/.circleci/config.yml
+++ b/.circleci/config.yml
@@ -159,7 +159,7 @@ jobs:
           name: Scan dependencies for vulnerabilities
           working_directory: ~/data-browser/public-api
           command: |
-            ./project.rb gradle dependencyCheckAnalyze --info
+            ./gradlew dependencyCheckAnalyze --info
 
   public-ui-build-test:
     <<: *defaults
diff --git a/public-api/build.gradle b/public-api/build.gradle
index 5cc2b1356..fc68d4260 100644
--- a/public-api/build.gradle
+++ b/public-api/build.gradle
@@ -8,7 +8,7 @@ buildscript {
         SPRING_FRAMEWORK_VERSION = '6.1.5'
         SPRING_SECURITY_VERSION = '6.2.3'
         LOGBACK_VERSION = '1.5.5'
-        JACKSON_VERSION = '2.16.1'
+        JACKSON_VERSION = '2.18.2'
         SPRING_DEPENDENCY_MANAGEMENT_VERSION = '1.0.13.RELEASE'
         OKHTTP_VERSION = '4.12.0'
         LIQUIBASE_VERSION = '4.27.0'
@@ -37,7 +37,7 @@ plugins {
     id 'idea'
     id 'war'
     id 'org.springframework.boot' version '3.2.0'
-    id 'org.owasp.dependencycheck' version '7.4.4'
+    id 'org.owasp.dependencycheck' version '12.1.0'
     id 'io.spring.dependency-management' version '1.0.13.RELEASE'
     id 'org.hidetake.swagger.generator' version '2.19.2'
     id 'com.google.cloud.tools.appengine-appenginewebxml' version '2.8.0'
@@ -237,7 +237,7 @@ dependencies {
     implementation 'com.google.guava:guava:32.0.1-jre'
     implementation 'com.google.oauth-client:google-oauth-client-jetty:1.34.1'
     implementation 'com.google.protobuf:protobuf-java:3.25.3'
-    implementation 'com.googlecode.owasp-java-html-sanitizer:owasp-java-html-sanitizer:20211018.2'
+    implementation 'com.googlecode.owasp-java-html-sanitizer:owasp-java-html-sanitizer:20240325.1'
     implementation "org.hibernate.orm:hibernate-core:$project.ext.HIBERNATE_VERSION"
     implementation "org.hibernate.orm:hibernate-community-dialects:$project.ext.HIBERNATE_VERSION"
     implementation('org.apache.tomcat:tomcat-jdbc:10.0.23')
@@ -452,6 +452,12 @@ dependencies {
     }
 }
 
+dependencyCheck {
+    nvd {
+        apiKey = System.getenv('NVD_API_KEY')
+    }
+}
+
 
 group = 'org.pmiops.allofus.workbench'
 version = '0.1.0'
diff --git a/public-api/libproject/devstart.rb b/public-api/libproject/devstart.rb
index 902f0cc1d..58ff9f4db 100644
--- a/public-api/libproject/devstart.rb
+++ b/public-api/libproject/devstart.rb
@@ -169,7 +169,10 @@ def run_local_migrations()
   Dir.chdir('db-cdr/generate-cdr') do
     common.run_inline %W{./init-new-cdr-db.sh --cdr-db-name public}
   end
-  common.run_inline %W{./gradlew :loadConfig -Pconfig_key=main -Pconfig_file=config/config_local.json}
+  common.run_inline %W{rm -rf /home/circleci/.gradle/caches/jars-9/}
+  common.run_inline %W{./gradlew :loadConfig -Pconfig_key=main -Pconfig_file=config/config_local.json --refresh-dependencies}
+
+  common.run_inline %W{rm -rf /home/circleci/.gradle/caches/jars-9/}
   common.run_inline %W{./gradlew :loadConfig -Pconfig_key=cdrBigQuerySchema -Pconfig_file=config/cdm/cdm_5_2.json}
   common.run_inline %W{./gradlew :updateCdrConfig -PappArgs=['config/cdr_config_local.json',false]}
 end
@@ -855,7 +858,7 @@ def update_cdr_config_options(cmd_name, args)
 def update_cdr_config_for_project(cdr_config_file, dry_run)
   common = Common.new
   common.run_inline %W{
-    gradle updateCdrConfig
+    ./gradlew updateCdrConfig
    -PappArgs=['#{cdr_config_file}',#{dry_run}]}
 end
 
@@ -1006,7 +1009,7 @@ def migrate_database(dry_run = false)
   common = Common.new
   common.status "Migrating main database..."
   Dir.chdir("db") do
-    run_inline_or_log(dry_run, %W{gradle --info update -PrunList=main})
+    run_inline_or_log(dry_run, %W{./gradlew update -PrunList=main})
   end
 end
 
@@ -1026,8 +1029,8 @@ def load_config(project, dry_run = false)
 
   common = Common.new
   common.status "Loading #{config_json} into database..."
-  run_inline_or_log(dry_run, %W{gradle --info loadConfig -Pconfig_key=main -Pconfig_file=config/#{config_json}})
-  run_inline_or_log(dry_run, %W{gradle --info loadConfig -Pconfig_key=cdrBigQuerySchema -Pconfig_file=config/cdm/cdm_5_2.json})
+  run_inline_or_log(dry_run, %W{./gradlew loadConfig -Pconfig_key=main -Pconfig_file=config/#{config_json}})
+  run_inline_or_log(dry_run, %W{./gradlew loadConfig -Pconfig_key=cdrBigQuerySchema -Pconfig_file=config/cdm/cdm_5_2.json})
 end
 
 def with_cloud_proxy_and_db(gcc, service_account = nil, key_file = nil)