diff --git a/.licenserc.yaml b/.licenserc.yaml
index fde4db8..41e0864 100644
--- a/.licenserc.yaml
+++ b/.licenserc.yaml
@@ -8,6 +8,7 @@ header:
   paths:
     - '**'
   paths-ignore:
+    - '.trivyignore'
     - '.github/**'
     - '**/*.json'
     - '**/*.md'
diff --git a/.trivyignore b/.trivyignore
new file mode 100644
index 0000000..9f085f1
--- /dev/null
+++ b/.trivyignore
@@ -0,0 +1,2 @@
+# pebble, false positive https://github.com/canonical/pebble/issues/498
+CVE-2024-34156
diff --git a/requirements.txt b/requirements.txt
index dc2189f..9a7d518 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -1,4 +1,4 @@
-Flask==3.0.3
+Flask==3.1.0
 pydantic==2.9.2
 kombu==5.4.2
 pymongo==4.10.1
diff --git a/rockcraft.yaml b/rockcraft.yaml
index 875e6a2..536a80b 100644
--- a/rockcraft.yaml
+++ b/rockcraft.yaml
@@ -2,7 +2,7 @@
 # See LICENSE file for licensing details.
 
 name: github-runner-webhook-router
-base: ubuntu@22.04
+base: ubuntu@24.04
 version: '0.1'
 summary: Forwards webhooks to a message queue to be consumed to spawn runners.  # 79 char long summary
 description: |
diff --git a/tests/integration/conftest.py b/tests/integration/conftest.py
index c350a89..4a2dfa1 100644
--- a/tests/integration/conftest.py
+++ b/tests/integration/conftest.py
@@ -62,7 +62,10 @@ async def mongodb_fixture(model: Model, use_existing_app: bool) -> Application:
         application = model.applications["mongodb"]
     else:
         application = await model.deploy(
-            "mongodb-k8s", channel="6/edge", application_name="mongodb"
+            "mongodb-k8s",
+            channel="6/edge",
+            application_name="mongodb",
+            trust=True,
         )
 
     await model.wait_for_idle(apps=[application.name], status="active")
diff --git a/tests/integration/test_app.py b/tests/integration/test_app.py
index 5587f9c..f78fdb8 100644
--- a/tests/integration/test_app.py
+++ b/tests/integration/test_app.py
@@ -7,6 +7,7 @@
 import itertools
 import json
 import random
+import re
 import secrets
 from typing import Optional
 
@@ -397,7 +398,7 @@ async def _get_mongodb_uri_from_secrets(ops_test, model: Model) -> str | None:
 
     juju_secrets = await model.list_secrets()
     for secret in juju_secrets["results"]:
-        if secret.label == "database.2.user.secret":
+        if re.match(r"database\.(\d+)\.user\.secret", secret.label):
             _, show_secret, _ = await ops_test.juju(
                 "show-secret", secret.uri, "--reveal", "--format", "json"
             )
diff --git a/tox.ini b/tox.ini
index f9687e2..a82d880 100644
--- a/tox.ini
+++ b/tox.ini
@@ -106,6 +106,7 @@ deps =
     pytest-operator
     requests
     gunicorn
+    websockets<14.0 # https://github.com/juju/python-libjuju/issues/1184
     -r{toxinidir}/requirements.txt
 commands =
     pytest -v --tb native --ignore={[vars]tst_path}unit --log-cli-level=INFO -s {posargs}