diff --git a/composer.json b/composer.json
index c4576275e..4d2f5c231 100644
--- a/composer.json
+++ b/composer.json
@@ -12,8 +12,8 @@
         "drupal/coffee": "^1.4",
         "drupal/config_split": "^1.9",
         "drupal/config_update": "^2@alpha",
-        "drupal/core-composer-scaffold": "^10.2",
-        "drupal/core-recommended": "^10.2",
+        "drupal/core-composer-scaffold": "^10.3",
+        "drupal/core-recommended": "^10.3",
         "drupal/environment_indicator": "^4.0",
         "drupal/pathauto": "^1.12",
         "drupal/redirect": "^1.9",
@@ -33,7 +33,7 @@
         "drevops/behat-format-progress-fail": "^1.2",
         "drevops/behat-screenshot": "^1.5",
         "drevops/behat-steps": "^2.3",
-        "drupal/core-dev": "^10.2",
+        "drupal/core-dev": "^10.3",
         "drupal/drupal-extension": "^5",
         "ergebnis/composer-normalize": "^2.42",
         "mglaman/phpstan-drupal": "^1.2",
@@ -58,7 +58,7 @@
             "url": "https://asset-packagist.org"
         }
     ],
-    "minimum-stability": "stable",
+    "minimum-stability": "beta",
     "prefer-stable": true,
     "autoload": {
         "classmap": [
diff --git a/web/sites/default/default.services.yml b/web/sites/default/default.services.yml
index c4b964fc2..dacb3f7e9 100644
--- a/web/sites/default/default.services.yml
+++ b/web/sites/default/default.services.yml
@@ -1,4 +1,8 @@
 parameters:
+  # Toggles the super user access policy. If your website has at least one user
+  # with the Administrator role, it is advised to set this to false. This allows
+  # you to make user 1 a regular user, strengthening the security of your site.
+  security.enable_super_user: true
   session.storage.options:
     # Default ini options for sessions.
     #
@@ -60,6 +64,11 @@ parameters:
     # \Drupal\Core\Session\SessionConfiguration::__construct()
     # @default 6
     sid_bits_per_character: 6
+    # By default, Drupal generates a session cookie name based on the full
+    # domain name. Set the name_suffix to a short random string to ensure this
+    # session cookie name is unique on different installations on the same
+    # domain and path (for example, when migrating from Drupal 7).
+    name_suffix: ''
   twig.config:
     # Twig debugging:
     #
diff --git a/web/sites/default/default.settings.php b/web/sites/default/default.settings.php
index 8819d6431..264597b16 100644
--- a/web/sites/default/default.settings.php
+++ b/web/sites/default/default.settings.php
@@ -77,7 +77,7 @@
  *
  * @code
  * $databases['default']['default'] = [
- *   'database' => 'databasename',
+ *   'database' => 'database_name',
  *   'username' => 'sql_username',
  *   'password' => 'sql_password',
  *   'host' => 'localhost',
@@ -193,7 +193,7 @@
  * @code
  *   $databases['default']['default'] = [
  *     'driver' => 'pgsql',
- *     'database' => 'databasename',
+ *     'database' => 'database_name',
  *     'username' => 'sql_username',
  *     'password' => 'sql_password',
  *     'host' => 'localhost',
@@ -215,7 +215,7 @@
  *     'driver' => 'my_driver',
  *     'namespace' => 'Drupal\my_module\Driver\Database\my_driver',
  *     'autoload' => 'modules/my_module/src/Driver/Database/my_driver/',
- *     'database' => 'databasename',
+ *     'database' => 'database_name',
  *     'username' => 'sql_username',
  *     'password' => 'sql_password',
  *     'host' => 'localhost',
@@ -230,7 +230,7 @@
  *     'driver' => 'my_driver',
  *     'namespace' => 'Drupal\my_module\Driver\Database\my_driver',
  *     'autoload' => 'modules/my_module/src/Driver/Database/my_driver/',
- *     'database' => 'databasename',
+ *     'database' => 'database_name',
  *     'username' => 'sql_username',
  *     'password' => 'sql_password',
  *     'host' => 'localhost',
@@ -355,14 +355,13 @@
  * security, or encryption benefits. In an environment where Drupal
  * is behind a reverse proxy, the real IP address of the client should
  * be determined such that the correct client IP address is available
- * to Drupal's logging, statistics, and access management systems. In
- * the most simple scenario, the proxy server will add an
- * X-Forwarded-For header to the request that contains the client IP
- * address. However, HTTP headers are vulnerable to spoofing, where a
- * malicious client could bypass restrictions by setting the
- * X-Forwarded-For header directly. Therefore, Drupal's proxy
- * configuration requires the IP addresses of all remote proxies to be
- * specified in $settings['reverse_proxy_addresses'] to work correctly.
+ * to Drupal's logging and access management systems. In the most simple
+ * scenario, the proxy server will add an X-Forwarded-For header to the request
+ * that contains the client IP address. However, HTTP headers are vulnerable to
+ * spoofing, where a malicious client could bypass restrictions by setting the
+ * X-Forwarded-For header directly. Therefore, Drupal's proxy configuration
+ * requires the IP addresses of all remote proxies to be specified in
+ * $settings['reverse_proxy_addresses'] to work correctly.
  *
  * Enable this setting to get Drupal to determine the client IP from the
  * X-Forwarded-For header. If you are unsure about this setting, do not have a
@@ -808,6 +807,16 @@
  */
 $settings['entity_update_backup'] = TRUE;
 
+/**
+ * State caching.
+ *
+ * State caching uses the cache collector pattern to cache all requested keys
+ * from the state API in a single cache entry, which can greatly reduce the
+ * amount of database queries. However, some sites may use state with a
+ * lot of dynamic keys which could result in a very large cache.
+ */
+$settings['state_cache'] = TRUE;
+
 /**
  * Node migration type.
  *