diff --git a/.github/renovate.json b/.github/renovate.json
index 0f901ad49..97873205d 100644
--- a/.github/renovate.json
+++ b/.github/renovate.json
@@ -20,6 +20,10 @@
     {
       "matchPackagePrefixes": ["com.github.Fraunhofer-AISEC"],
       "registryUrls": ["https://jitpack.io/"]
+    },
+    {
+      "groupName": "PMD packages",
+      "matchPackagePrefixes": ["net.sourceforge.pmd:pmd-"]
     }
   ]
 }
diff --git a/codyze-plugins/build.gradle.kts b/codyze-plugins/build.gradle.kts
index c5aa9b7eb..affcd9577 100644
--- a/codyze-plugins/build.gradle.kts
+++ b/codyze-plugins/build.gradle.kts
@@ -19,14 +19,14 @@ dependencies {
      */
     // https://mvnrepository.com/artifact/com.github.spotbugs/spotbugs
     // it is necessary to exclude saxon because of conflicts with same transitive dependency in PMD
-    implementation("com.github.spotbugs:spotbugs:4.8.5") {
+    implementation("com.github.spotbugs:spotbugs:4.8.6") {
         exclude(group = "net.sf.saxon", module = "Saxon-HE")
     }
     implementation("com.h3xstream.findsecbugs:findsecbugs-plugin:1.13.0")
 
     // https://mvnrepository.com/artifact/net.sourceforge.pmd/
-    implementation("net.sourceforge.pmd:pmd-core:7.2.0")
-    implementation("net.sourceforge.pmd:pmd-java:7.2.0")
+    implementation("net.sourceforge.pmd:pmd-core:7.3.0")
+    implementation("net.sourceforge.pmd:pmd-java:7.3.0")
 }
 
 publishing {
diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml
index ae7022522..6a0c60bcc 100644
--- a/gradle/libs.versions.toml
+++ b/gradle/libs.versions.toml
@@ -10,7 +10,7 @@ dokka = "1.9.20"
 
 [libraries]
 sarif4k = { module = "io.github.detekt.sarif4k:sarif4k", version = "0.6.0"}  # The code can be found here: https://github.com/detekt/sarif4k. It was generated using https://app.quicktype.io/
-kotlinx-serialization-json = { module = "org.jetbrains.kotlinx:kotlinx-serialization-json", version = "1.7.0"}
+kotlinx-serialization-json = { module = "org.jetbrains.kotlinx:kotlinx-serialization-json", version = "1.7.1"}
 kotlin-reflect = { module = "org.jetbrains.kotlin:kotlin-reflect", version.ref = "kotlin"}
 
 # CPG official releases
@@ -41,7 +41,7 @@ kotlin-scripting-dependencies = { module = "org.jetbrains.kotlin:kotlin-scriptin
 detekt-formatting = { module = "io.gitlab.arturbosch.detekt:detekt-formatting", version.ref = "detekt"}
 
 # test
-junit-bom = { module = "org.junit:junit-bom", version = "5.10.2" }
+junit-bom = { module = "org.junit:junit-bom", version = "5.10.3" }
 mockk = { module = "io.mockk:mockk", version = "1.13.11"}
 
 # this is necessary for the plugins to be used in the buildSrc folder