diff --git a/.github/workflows/test_frameworks.yml b/.github/workflows/test_frameworks.yml
index 809dee38234..2e1502b4d3d 100644
--- a/.github/workflows/test_frameworks.yml
+++ b/.github/workflows/test_frameworks.yml
@@ -111,68 +111,6 @@ jobs:
         if: needs.needs-run.outputs.outcome == 'success'
         run: cat debugger-expl.txt
 
-  sanic-testsuite:
-    strategy:
-      matrix:
-        include:
-          # TODO: profiling fails with a timeout error
-          #- suffix: Profiling
-          #  profiling: 1
-          #  iast: 0
-          #  appsec: 0
-          - suffix: IAST
-            profiling: 0
-            iast: 1
-            appsec: 0
-          - suffix: APPSEC
-            profiling: 0
-            iast: 0
-            appsec: 1
-          - suffix: Tracer only
-            profiling: 0
-            iast: 0
-            appsec: 0
-    name: Sanic 24.6 (with ${{ matrix.suffix }})
-    runs-on: ubuntu-20.04
-    needs: needs-run
-    timeout-minutes: 15
-    env:
-      DD_PROFILING_ENABLED: ${{ matrix.profiling }}
-      DD_IAST_ENABLED: ${{ matrix.iast }}
-      DD_APPSEC_ENABLED: ${{ matrix.appsec }}
-      DD_TESTING_RAISE: true
-      CMAKE_BUILD_PARALLEL_LEVEL: 12
-      DD_DEBUGGER_EXPL_OUTPUT_FILE: debugger-expl.txt
-    defaults:
-      run:
-        working-directory: sanic
-    steps:
-      - uses: actions/checkout@v4
-        if: needs.needs-run.outputs.outcome == 'success'
-        with:
-          persist-credentials: false
-          path: ddtrace
-      - uses: actions/checkout@v4
-        if: needs.needs-run.outputs.outcome == 'success'
-        with:
-          persist-credentials: false
-          repository: sanic-org/sanic
-          ref: v24.6.0
-          path: sanic
-      - uses: actions/setup-python@v5
-        if: needs.needs-run.outputs.outcome == 'success'
-        with:
-          python-version: "3.11"
-      - name: Install sanic and dependencies required to run tests
-        if: needs.needs-run.outputs.outcome == 'success'
-        run: pip3 install '.[test]' aioquic
-      - name: Install ddtrace
-        if: needs.needs-run.outputs.outcome == 'success'
-        run: pip3 install ../ddtrace
-      - name: Run tests
-        if: needs.needs-run.outputs.outcome == 'success'
-        run: ddtrace-run pytest -k "not test_reloader and not test_reload_listeners and not test_no_exceptions_when_cancel_pending_request and not test_add_signal and not test_ode_removes and not test_skip_touchup and not test_dispatch_signal_triggers and not test_keep_alive_connection_context and not test_redirect_with_params and not test_keep_alive_client_timeout and not test_logger_vhosts and not test_ssl_in_multiprocess_mode"
-
   django-testsuite:
     strategy:
       matrix:
@@ -963,58 +901,3 @@ jobs:
       - name: Debugger exploration results
         if: needs.needs-run.outputs.outcome == 'success'
         run: cat debugger-expl.txt
-
-  beautifulsoup-testsuite-4_12_3:
-    strategy:
-      matrix:
-        include:
-          # TODO: profiling is disabled due to a bug in the profiler paths
-          # - suffix: Profiling
-          #   profiling: 1
-          #   iast: 0
-          #   appsec: 0
-          - suffix: IAST
-            profiling: 0
-            iast: 1
-            appsec: 0
-          - suffix: APPSEC
-            profiling: 0
-            iast: 0
-            appsec: 1
-          - suffix: Tracer only
-            profiling: 0
-            iast: 0
-            appsec: 0
-    name: Beautifulsoup 4.12.3 (with ${{ matrix.suffix }})
-    runs-on: "ubuntu-latest"
-    needs: needs-run
-    env:
-      DD_TESTING_RAISE: true
-      DD_PROFILING_ENABLED: ${{ matrix.profiling }}
-      DD_IAST_ENABLED: ${{ matrix.iast }}
-      DD_APPSEC_ENABLED: ${{ matrix.appsec }}
-      CMAKE_BUILD_PARALLEL_LEVEL: 12
-      DD_DEBUGGER_EXPL_OUTPUT_FILE: debugger-expl.txt
-    steps:
-      - uses: actions/setup-python@v5
-        if: needs.needs-run.outputs.outcome == 'success'
-        with:
-          python-version: '3.9'
-      - uses: actions/checkout@v4
-        if: needs.needs-run.outputs.outcome == 'success'
-        with:
-          persist-credentials: false
-          path: ddtrace
-      - name: Checkout beautifulsoup
-        if: needs.needs-run.outputs.outcome == 'success'
-        run:  |
-          git clone -b 4.12.3 https://git.launchpad.net/beautifulsoup
-      - name: Install ddtrace
-        if: needs.needs-run.outputs.outcome == 'success'
-        run: pip3 install ./ddtrace
-      - name: Pytest fix
-        if: needs.needs-run.outputs.outcome == 'success'
-        run: pip install pytest==8.2.1
-      - name: Run tests
-        if: needs.needs-run.outputs.outcome == 'success'
-        run: cd beautifulsoup && ddtrace-run pytest
diff --git a/.riot/requirements/1053dce.txt b/.riot/requirements/1053dce.txt
index 5b1c1d31dbe..fe54a35c1c4 100644
--- a/.riot/requirements/1053dce.txt
+++ b/.riot/requirements/1053dce.txt
@@ -4,23 +4,23 @@
 #
 #    pip-compile --allow-unsafe --no-annotate .riot/requirements/1053dce.in
 #
-attrs==24.2.0
-coverage[toml]==7.6.1
-gevent==24.2.1
+attrs==24.3.0
+coverage[toml]==7.6.10
+gevent==24.11.1
 greenlet==3.1.1
 hypothesis==6.45.0
 iniconfig==2.0.0
 mock==5.1.0
 opentracing==2.4.0
-packaging==24.1
+packaging==24.2
 pluggy==1.5.0
-pytest==8.3.3
-pytest-cov==5.0.0
+pytest==8.3.4
+pytest-cov==6.0.0
 pytest-mock==3.14.0
-pytest-randomly==3.15.0
+pytest-randomly==3.16.0
 sortedcontainers==2.4.0
 zope-event==5.0
-zope-interface==7.0.3
+zope-interface==7.2
 
 # The following packages are considered to be unsafe in a requirements file:
-setuptools==75.1.0
+setuptools==75.7.0
diff --git a/.riot/requirements/1092157.txt b/.riot/requirements/1092157.txt
index 5dca0051a12..3d01104cb32 100644
--- a/.riot/requirements/1092157.txt
+++ b/.riot/requirements/1092157.txt
@@ -4,27 +4,27 @@
 #
 #    pip-compile --allow-unsafe --no-annotate .riot/requirements/1092157.in
 #
-attrs==23.2.0
-coverage[toml]==7.6.0
-gevent==24.2.1
-greenlet==3.0.3
+attrs==24.3.0
+coverage[toml]==7.6.10
+gevent==24.11.1
+greenlet==3.1.1
 httpretty==1.1.4
 hypothesis==6.45.0
 iniconfig==2.0.0
 mock==5.1.0
 opentracing==2.4.0
-packaging==24.1
+packaging==24.2
 pluggy==1.5.0
-pyfakefs==5.6.0
-pytest==8.3.1
+pyfakefs==5.7.3
+pytest==8.3.4
 pytest-asyncio==0.23.8
-pytest-cov==5.0.0
+pytest-cov==6.0.0
 pytest-mock==3.14.0
-pytest-randomly==3.15.0
+pytest-randomly==3.16.0
 python-json-logger==2.0.7
 sortedcontainers==2.4.0
 zope-event==5.0
-zope-interface==6.4.post2
+zope-interface==7.2
 
 # The following packages are considered to be unsafe in a requirements file:
-setuptools==71.1.0
+setuptools==75.7.0
diff --git a/.riot/requirements/d57247c.txt b/.riot/requirements/10f3c55.txt
similarity index 59%
rename from .riot/requirements/d57247c.txt
rename to .riot/requirements/10f3c55.txt
index ca0162432b9..34a8e65f917 100644
--- a/.riot/requirements/d57247c.txt
+++ b/.riot/requirements/10f3c55.txt
@@ -2,23 +2,24 @@
 # This file is autogenerated by pip-compile with Python 3.9
 # by the following command:
 #
-#    pip-compile --allow-unsafe --no-annotate .riot/requirements/d57247c.in
+#    pip-compile --allow-unsafe --no-annotate .riot/requirements/10f3c55.in
 #
 arrow==1.3.0
 asgiref==3.8.1
-attrs==24.2.0
+attrs==24.3.0
 autobahn==24.4.2
 automat==24.8.1
+bcrypt==4.2.1
 blessed==1.20.0
-certifi==2024.8.30
-cffi==1.17.0
-channels==4.1.0
-charset-normalizer==3.3.2
+certifi==2024.12.14
+cffi==1.17.1
+channels==4.2.0
+charset-normalizer==3.4.0
 constantly==23.10.4
-coverage[toml]==7.6.1
-cryptography==43.0.0
+coverage[toml]==7.6.9
+cryptography==43.0.3
 daphne==4.1.2
-django==4.2.15
+django==4.2.17
 django-configurations==2.5.1
 django-picklefield==3.2
 django-pylibmc==0.6.1
@@ -27,50 +28,51 @@ django-redis==4.5.0
 exceptiongroup==1.2.2
 hyperlink==21.0.0
 hypothesis==6.45.0
-idna==3.8
-importlib-metadata==8.4.0
+idna==3.10
+importlib-metadata==8.5.0
 incremental==24.7.2
 iniconfig==2.0.0
-isodate==0.6.1
+isodate==0.7.2
 lxml==5.3.0
 mock==5.1.0
 opentracing==2.4.0
-packaging==24.1
-platformdirs==4.2.2
+packaging==24.2
+platformdirs==4.3.6
 pluggy==1.5.0
-psycopg2-binary==2.9.9
-pyasn1==0.6.0
-pyasn1-modules==0.4.0
+psycopg==3.2.3
+psycopg2-binary==2.9.10
+pyasn1==0.6.1
+pyasn1-modules==0.4.1
 pycparser==2.22
 pylibmc==1.6.3
-pyopenssl==24.2.1
-pytest==8.3.2
-pytest-cov==5.0.0
+pyopenssl==24.3.0
+pytest==8.3.4
+pytest-cov==6.0.0
 pytest-django[testing]==3.10.0
 pytest-mock==3.14.0
-pytest-randomly==3.15.0
+pytest-randomly==3.16.0
 python-dateutil==2.9.0.post0
 python-memcached==1.62
-pytz==2024.1
+pytz==2024.2
 redis==2.10.6
 requests==2.32.3
 requests-file==2.1.0
 requests-toolbelt==1.0.0
-service-identity==24.1.0
-six==1.16.0
+service-identity==24.2.0
+six==1.17.0
 sortedcontainers==2.4.0
 spyne==2.14.0
-sqlparse==0.5.1
-tomli==2.0.1
-twisted[tls]==24.7.0
+sqlparse==0.5.3
+tomli==2.2.1
+twisted[tls]==24.11.0
 txaio==23.1.1
-types-python-dateutil==2.9.0.20240821
+types-python-dateutil==2.9.0.20241206
 typing-extensions==4.12.2
-urllib3==2.2.2
+urllib3==2.2.3
 wcwidth==0.2.13
-zeep==4.2.1
-zipp==3.20.1
-zope-interface==7.0.3
+zeep==4.3.1
+zipp==3.21.0
+zope-interface==7.2
 
 # The following packages are considered to be unsafe in a requirements file:
-setuptools==74.0.0
+setuptools==75.6.0
diff --git a/.riot/requirements/125c1e6.txt b/.riot/requirements/125c1e6.txt
index 77714a4a160..f59c7be042a 100644
--- a/.riot/requirements/125c1e6.txt
+++ b/.riot/requirements/125c1e6.txt
@@ -4,8 +4,8 @@
 #
 #    pip-compile --allow-unsafe --no-annotate .riot/requirements/125c1e6.in
 #
-attrs==24.2.0
-coverage[toml]==7.6.4
+attrs==24.3.0
+coverage[toml]==7.6.10
 exceptiongroup==1.2.2
 gevent==24.11.1
 greenlet==3.1.1
@@ -17,17 +17,17 @@ opentracing==2.4.0
 packaging==24.2
 pluggy==1.5.0
 py-cpuinfo==8.0.0
-pytest==8.3.3
+pytest==8.3.4
 pytest-asyncio==0.21.1
 pytest-benchmark==5.1.0
 pytest-cov==6.0.0
 pytest-mock==3.14.0
 pytest-randomly==3.16.0
 sortedcontainers==2.4.0
-tomli==2.0.2
+tomli==2.2.1
 uwsgi==2.0.28
 zope-event==5.0
-zope-interface==7.1.1
+zope-interface==7.2
 
 # The following packages are considered to be unsafe in a requirements file:
-setuptools==75.3.0
+setuptools==75.7.0
diff --git a/.riot/requirements/12a25de.txt b/.riot/requirements/12a25de.txt
index f7626378e7a..309a1ea970c 100644
--- a/.riot/requirements/12a25de.txt
+++ b/.riot/requirements/12a25de.txt
@@ -4,31 +4,31 @@
 #
 #    pip-compile --allow-unsafe --no-annotate .riot/requirements/12a25de.in
 #
-attrs==23.2.0
-certifi==2024.7.4
-charset-normalizer==3.3.2
-coverage[toml]==7.6.0
+attrs==24.3.0
+certifi==2024.12.14
+charset-normalizer==3.4.1
+coverage[toml]==7.6.10
 exceptiongroup==1.2.2
-gevent==24.2.1
-greenlet==3.0.3
-gunicorn==22.0.0
+gevent==24.11.1
+greenlet==3.1.1
+gunicorn==23.0.0
 hypothesis==6.45.0
-idna==3.7
+idna==3.10
 iniconfig==2.0.0
 mock==5.1.0
 opentracing==2.4.0
-packaging==24.1
+packaging==24.2
 pluggy==1.5.0
-pytest==8.3.1
-pytest-cov==5.0.0
+pytest==8.3.4
+pytest-cov==6.0.0
 pytest-mock==3.14.0
-pytest-randomly==3.15.0
+pytest-randomly==3.16.0
 requests==2.32.3
 sortedcontainers==2.4.0
-tomli==2.0.1
-urllib3==2.2.2
+tomli==2.2.1
+urllib3==2.3.0
 zope-event==5.0
-zope-interface==6.4.post2
+zope-interface==7.2
 
 # The following packages are considered to be unsafe in a requirements file:
-setuptools==71.1.0
+setuptools==75.7.0
diff --git a/.riot/requirements/12a4316.txt b/.riot/requirements/12a4316.txt
index de9c85604c9..f1c216b8f13 100644
--- a/.riot/requirements/12a4316.txt
+++ b/.riot/requirements/12a4316.txt
@@ -4,8 +4,8 @@
 #
 #    pip-compile --allow-unsafe --no-annotate .riot/requirements/12a4316.in
 #
-attrs==24.2.0
-coverage[toml]==7.6.4
+attrs==24.3.0
+coverage[toml]==7.6.10
 gevent==24.11.1
 greenlet==3.1.1
 hypothesis==6.45.0
@@ -14,13 +14,13 @@ mock==5.1.0
 opentracing==2.4.0
 packaging==24.2
 pluggy==1.5.0
-pytest==8.3.3
+pytest==8.3.4
 pytest-cov==6.0.0
 pytest-mock==3.14.0
 pytest-randomly==3.16.0
 sortedcontainers==2.4.0
 zope-event==5.0
-zope-interface==7.1.1
+zope-interface==7.2
 
 # The following packages are considered to be unsafe in a requirements file:
-setuptools==75.3.0
+setuptools==75.7.0
diff --git a/.riot/requirements/1359ebb.txt b/.riot/requirements/1359ebb.txt
index 75c10c261a8..371e017287d 100644
--- a/.riot/requirements/1359ebb.txt
+++ b/.riot/requirements/1359ebb.txt
@@ -4,8 +4,8 @@
 #
 #    pip-compile --allow-unsafe --no-annotate .riot/requirements/1359ebb.in
 #
-attrs==24.2.0
-coverage[toml]==7.6.4
+attrs==24.3.0
+coverage[toml]==7.6.10
 exceptiongroup==1.2.2
 gevent==24.11.1
 greenlet==3.1.1
@@ -18,7 +18,7 @@ opentracing==2.4.0
 packaging==24.2
 pluggy==1.5.0
 py-cpuinfo==8.0.0
-pytest==8.3.3
+pytest==8.3.4
 pytest-asyncio==0.21.1
 pytest-benchmark==5.1.0
 pytest-cov==6.0.0
@@ -26,10 +26,10 @@ pytest-cpp==2.6.0
 pytest-mock==3.14.0
 pytest-randomly==3.16.0
 sortedcontainers==2.4.0
-tomli==2.1.0
+tomli==2.2.1
 uwsgi==2.0.28
 zope-event==5.0
-zope-interface==7.1.1
+zope-interface==7.2
 
 # The following packages are considered to be unsafe in a requirements file:
-setuptools==75.4.0
+setuptools==75.7.0
diff --git a/.riot/requirements/137098c.txt b/.riot/requirements/137098c.txt
index 5822ccd7949..24a61c00a85 100644
--- a/.riot/requirements/137098c.txt
+++ b/.riot/requirements/137098c.txt
@@ -4,11 +4,11 @@
 #
 #    pip-compile --allow-unsafe --config=pyproject.toml --no-annotate --resolver=backtracking .riot/requirements/137098c.in
 #
-attrs==23.2.0
+attrs==24.2.0
 coverage[toml]==7.2.7
 exceptiongroup==1.2.2
 gevent==22.10.2
-greenlet==3.0.3
+greenlet==3.1.1
 httpretty==1.1.4
 hypothesis==6.45.0
 importlib-metadata==6.7.0
@@ -17,7 +17,7 @@ mock==5.1.0
 opentracing==2.4.0
 packaging==24.0
 pluggy==1.2.0
-pyfakefs==5.6.0
+pyfakefs==5.7.3
 pytest==7.4.4
 pytest-asyncio==0.21.2
 pytest-cov==4.1.0
diff --git a/.riot/requirements/1413039.txt b/.riot/requirements/1413039.txt
index e05e2893ae6..82340d380e3 100644
--- a/.riot/requirements/1413039.txt
+++ b/.riot/requirements/1413039.txt
@@ -4,7 +4,7 @@
 #
 #    pip-compile --allow-unsafe --no-annotate .riot/requirements/1413039.in
 #
-attrs==24.2.0
+attrs==24.3.0
 coverage[toml]==7.6.1
 exceptiongroup==1.2.2
 gevent==24.2.1
@@ -16,15 +16,15 @@ mock==5.1.0
 opentracing==2.4.0
 packaging==24.2
 pluggy==1.5.0
-pytest==8.3.3
+pytest==8.3.4
 pytest-cov==5.0.0
 pytest-mock==3.14.0
 pytest-randomly==3.15.0
 sortedcontainers==2.4.0
-tomli==2.0.2
+tomli==2.2.1
 zipp==3.20.2
 zope-event==5.0
-zope-interface==7.1.1
+zope-interface==7.2
 
 # The following packages are considered to be unsafe in a requirements file:
 setuptools==75.3.0
diff --git a/.riot/requirements/1438a95.txt b/.riot/requirements/1438a95.txt
index 4b43f393d29..7ccc7f8efac 100644
--- a/.riot/requirements/1438a95.txt
+++ b/.riot/requirements/1438a95.txt
@@ -4,47 +4,47 @@
 #
 #    pip-compile --allow-unsafe --no-annotate .riot/requirements/1438a95.in
 #
-attrs==23.2.0
-certifi==2024.7.4
+attrs==24.3.0
+certifi==2024.12.14
 charset-normalizer==2.1.1
-click==8.1.7
-coverage[toml]==7.6.0
-deprecated==1.2.14
+click==8.1.8
+coverage[toml]==7.6.10
+deprecated==1.2.15
 exceptiongroup==1.2.2
 flask==2.1.3
-gevent==24.2.1
-greenlet==3.0.3
+gevent==24.11.1
+greenlet==3.1.1
 hypothesis==6.45.0
-idna==3.7
-importlib-metadata==8.0.0
+idna==3.10
+importlib-metadata==8.5.0
 iniconfig==2.0.0
 itsdangerous==2.2.0
-jinja2==3.1.4
+jinja2==3.1.5
 markupsafe==2.0.1
 mock==5.1.0
-opentelemetry-api==1.26.0
-opentelemetry-instrumentation==0.47b0
-opentelemetry-instrumentation-flask==0.47b0
-opentelemetry-instrumentation-wsgi==0.47b0
-opentelemetry-semantic-conventions==0.47b0
-opentelemetry-util-http==0.47b0
+opentelemetry-api==1.29.0
+opentelemetry-instrumentation==0.50b0
+opentelemetry-instrumentation-flask==0.50b0
+opentelemetry-instrumentation-wsgi==0.50b0
+opentelemetry-semantic-conventions==0.50b0
+opentelemetry-util-http==0.50b0
 opentracing==2.4.0
-packaging==24.1
+packaging==24.2
 pluggy==1.5.0
-pytest==8.3.2
+pytest==8.3.4
 pytest-asyncio==0.21.1
-pytest-cov==5.0.0
+pytest-cov==6.0.0
 pytest-mock==3.14.0
-pytest-randomly==3.15.0
+pytest-randomly==3.16.0
 requests==2.28.1
 sortedcontainers==2.4.0
-tomli==2.0.1
-urllib3==1.26.19
+tomli==2.2.1
+urllib3==1.26.20
 werkzeug==2.1.2
-wrapt==1.16.0
-zipp==3.19.2
+wrapt==1.17.0
+zipp==3.21.0
 zope-event==5.0
-zope-interface==6.4.post2
+zope-interface==7.2
 
 # The following packages are considered to be unsafe in a requirements file:
-setuptools==71.1.0
+setuptools==75.7.0
diff --git a/.riot/requirements/148bd89.txt b/.riot/requirements/148bd89.txt
index 6857a6638b8..8e4eb9be55e 100644
--- a/.riot/requirements/148bd89.txt
+++ b/.riot/requirements/148bd89.txt
@@ -4,27 +4,27 @@
 #
 #    pip-compile --allow-unsafe --no-annotate .riot/requirements/148bd89.in
 #
-attrs==23.2.0
-coverage[toml]==7.6.0
+attrs==24.3.0
+coverage[toml]==7.6.10
 exceptiongroup==1.2.2
-gevent==24.2.1
-greenlet==3.0.3
+gevent==24.11.1
+greenlet==3.1.1
 hypothesis==6.45.0
-importlib-metadata==8.2.0
+importlib-metadata==8.5.0
 iniconfig==2.0.0
 mock==5.1.0
 opentracing==2.4.0
-packaging==24.1
+packaging==24.2
 pluggy==1.5.0
-pytest==8.3.1
-pytest-cov==5.0.0
+pytest==8.3.4
+pytest-cov==6.0.0
 pytest-mock==3.14.0
-pytest-randomly==3.15.0
+pytest-randomly==3.16.0
 sortedcontainers==2.4.0
-tomli==2.0.1
-zipp==3.19.2
+tomli==2.2.1
+zipp==3.21.0
 zope-event==5.0
-zope-interface==6.4.post2
+zope-interface==7.2
 
 # The following packages are considered to be unsafe in a requirements file:
-setuptools==71.1.0
+setuptools==75.7.0
diff --git a/.riot/requirements/14f0b34.txt b/.riot/requirements/14f0b34.txt
index 21c21483d41..88bc844d6d3 100644
--- a/.riot/requirements/14f0b34.txt
+++ b/.riot/requirements/14f0b34.txt
@@ -2,23 +2,23 @@
 # This file is autogenerated by pip-compile with Python 3.11
 # by the following command:
 #
-#    pip-compile --no-annotate .riot/requirements/14f0b34.in
+#    pip-compile --allow-unsafe --no-annotate .riot/requirements/14f0b34.in
 #
-attrs==23.2.0
-certifi==2024.7.4
+attrs==24.3.0
+certifi==2024.12.14
 charset-normalizer==2.1.1
-click==8.1.7
-coverage[toml]==7.6.0
-deprecated==1.2.14
+click==8.1.8
+coverage[toml]==7.6.10
+deprecated==1.2.15
 flask==2.1.3
-gevent==24.2.1
-greenlet==3.0.3
+gevent==24.11.1
+greenlet==3.1.1
 hypothesis==6.45.0
-idna==3.7
-importlib-metadata==8.2.0
+idna==3.10
+importlib-metadata==8.5.0
 iniconfig==2.0.0
 itsdangerous==2.2.0
-jinja2==3.1.4
+jinja2==3.1.5
 markupsafe==2.0.1
 mock==5.1.0
 opentelemetry-api==1.15.0
@@ -28,21 +28,21 @@ opentelemetry-instrumentation-wsgi==0.45b0
 opentelemetry-semantic-conventions==0.45b0
 opentelemetry-util-http==0.45b0
 opentracing==2.4.0
-packaging==24.1
+packaging==24.2
 pluggy==1.5.0
-pytest==8.3.2
+pytest==8.3.4
 pytest-asyncio==0.21.1
-pytest-cov==5.0.0
+pytest-cov==6.0.0
 pytest-mock==3.14.0
-pytest-randomly==3.15.0
+pytest-randomly==3.16.0
 requests==2.28.1
 sortedcontainers==2.4.0
-urllib3==1.26.19
+urllib3==1.26.20
 werkzeug==2.1.2
-wrapt==1.16.0
-zipp==3.19.2
+wrapt==1.17.0
+zipp==3.21.0
 zope-event==5.0
-zope-interface==6.4.post2
+zope-interface==7.2
 
 # The following packages are considered to be unsafe in a requirements file:
-setuptools==71.1.0
+setuptools==75.7.0
diff --git a/.riot/requirements/2848d2c.txt b/.riot/requirements/1532dd6.txt
similarity index 83%
rename from .riot/requirements/2848d2c.txt
rename to .riot/requirements/1532dd6.txt
index fbd5a04bf84..bb2d4670425 100644
--- a/.riot/requirements/2848d2c.txt
+++ b/.riot/requirements/1532dd6.txt
@@ -2,22 +2,23 @@
 # This file is autogenerated by pip-compile with Python 3.7
 # by the following command:
 #
-#    pip-compile --allow-unsafe --config=pyproject.toml --no-annotate --resolver=backtracking .riot/requirements/2848d2c.in
+#    pip-compile --allow-unsafe --no-annotate --resolver=backtracking .riot/requirements/1532dd6.in
 #
 arrow==1.2.3
 asgiref==3.7.2
 attrs==24.2.0
 autobahn==23.1.2
 automat==22.10.0
+bcrypt==4.2.1
 blessed==1.20.0
 cached-property==1.5.2
-certifi==2024.8.30
+certifi==2024.12.14
 cffi==1.15.1
 channels==3.0.5
-charset-normalizer==3.3.2
+charset-normalizer==3.4.0
 constantly==15.1.0
 coverage[toml]==7.2.7
-cryptography==43.0.0
+cryptography==44.0.0
 daphne==3.0.2
 django==3.2.25
 django-configurations==2.4.2
@@ -28,11 +29,11 @@ django-redis==4.5.0
 exceptiongroup==1.2.2
 hyperlink==21.0.0
 hypothesis==6.45.0
-idna==3.8
+idna==3.10
 importlib-metadata==6.7.0
 incremental==22.10.0
 iniconfig==2.0.0
-isodate==0.6.1
+isodate==0.7.2
 lxml==5.3.0
 mock==5.1.0
 opentracing==2.4.0
@@ -44,7 +45,7 @@ pyasn1==0.5.1
 pyasn1-modules==0.3.0
 pycparser==2.21
 pylibmc==1.6.3
-pyopenssl==24.2.1
+pyopenssl==24.3.0
 pytest==7.4.4
 pytest-cov==4.1.0
 pytest-django[testing]==3.10.0
@@ -52,13 +53,13 @@ pytest-mock==3.11.1
 pytest-randomly==3.12.0
 python-dateutil==2.9.0.post0
 python-memcached==1.62
-pytz==2024.1
+pytz==2024.2
 redis==2.10.6
 requests==2.31.0
 requests-file==2.1.0
 requests-toolbelt==1.0.0
 service-identity==21.1.0
-six==1.16.0
+six==1.17.0
 sortedcontainers==2.4.0
 spyne==2.14.0
 sqlparse==0.4.4
diff --git a/.riot/requirements/1560353.txt b/.riot/requirements/1560353.txt
index 4b50732d926..78615534ee1 100644
--- a/.riot/requirements/1560353.txt
+++ b/.riot/requirements/1560353.txt
@@ -4,8 +4,8 @@
 #
 #    pip-compile --allow-unsafe --no-annotate .riot/requirements/1560353.in
 #
-attrs==24.2.0
-coverage[toml]==7.6.4
+attrs==24.3.0
+coverage[toml]==7.6.10
 gevent==24.11.1
 greenlet==3.1.1
 gunicorn[gevent]==23.0.0
@@ -16,7 +16,7 @@ opentracing==2.4.0
 packaging==24.2
 pluggy==1.5.0
 py-cpuinfo==8.0.0
-pytest==8.3.3
+pytest==8.3.4
 pytest-asyncio==0.21.1
 pytest-benchmark==5.1.0
 pytest-cov==6.0.0
@@ -25,7 +25,7 @@ pytest-randomly==3.16.0
 sortedcontainers==2.4.0
 uwsgi==2.0.28
 zope-event==5.0
-zope-interface==7.1.1
+zope-interface==7.2
 
 # The following packages are considered to be unsafe in a requirements file:
-setuptools==75.3.0
+setuptools==75.7.0
diff --git a/.riot/requirements/15e90ee.txt b/.riot/requirements/15e90ee.txt
index 1855f4db88a..aec80194652 100644
--- a/.riot/requirements/15e90ee.txt
+++ b/.riot/requirements/15e90ee.txt
@@ -4,10 +4,10 @@
 #
 #    pip-compile --allow-unsafe --no-annotate .riot/requirements/15e90ee.in
 #
-attrs==24.2.0
-coverage[toml]==7.6.3
+attrs==24.3.0
+coverage[toml]==7.6.10
 exceptiongroup==1.2.2
-gevent==24.10.2
+gevent==24.11.1
 greenlet==3.1.1
 gunicorn[gevent]==23.0.0
 hypothesis==6.45.0
@@ -15,21 +15,21 @@ iniconfig==2.0.0
 lz4==4.3.3
 mock==5.1.0
 opentracing==2.4.0
-packaging==24.1
+packaging==24.2
 pluggy==1.5.0
 py-cpuinfo==8.0.0
-pytest==8.3.3
+pytest==8.3.4
 pytest-asyncio==0.21.1
-pytest-benchmark==4.0.0
-pytest-cov==5.0.0
+pytest-benchmark==5.1.0
+pytest-cov==6.0.0
 pytest-cpp==2.6.0
 pytest-mock==3.14.0
-pytest-randomly==3.15.0
+pytest-randomly==3.16.0
 sortedcontainers==2.4.0
-tomli==2.0.2
-uwsgi==2.0.27
+tomli==2.2.1
+uwsgi==2.0.28
 zope-event==5.0
-zope-interface==7.1.0
+zope-interface==7.2
 
 # The following packages are considered to be unsafe in a requirements file:
-setuptools==75.2.0
+setuptools==75.7.0
diff --git a/.riot/requirements/1600ae2.txt b/.riot/requirements/1600ae2.txt
index d330d767bc1..8510d225c91 100644
--- a/.riot/requirements/1600ae2.txt
+++ b/.riot/requirements/1600ae2.txt
@@ -30,7 +30,7 @@ pytest-randomly==3.12.0
 sortedcontainers==2.4.0
 tomli==2.0.1
 typing-extensions==4.7.1
-uwsgi==2.0.27
+uwsgi==2.0.28
 zipp==3.15.0
 zope-event==5.0
 zope-interface==6.4.post2
diff --git a/.riot/requirements/163a963.txt b/.riot/requirements/163a963.txt
index edcbb10715b..68e73bd43c0 100644
--- a/.riot/requirements/163a963.txt
+++ b/.riot/requirements/163a963.txt
@@ -4,27 +4,27 @@
 #
 #    pip-compile --allow-unsafe --no-annotate .riot/requirements/163a963.in
 #
-attrs==23.2.0
-coverage[toml]==7.6.0
+attrs==24.3.0
+coverage[toml]==7.6.1
 exceptiongroup==1.2.2
 gevent==24.2.1
-greenlet==3.0.3
+greenlet==3.1.1
 hypothesis==6.45.0
-importlib-metadata==8.2.0
+importlib-metadata==8.5.0
 iniconfig==2.0.0
 mock==5.1.0
 opentracing==2.4.0
-packaging==24.1
+packaging==24.2
 pluggy==1.5.0
-pytest==8.3.1
+pytest==8.3.4
 pytest-cov==5.0.0
 pytest-mock==3.14.0
 pytest-randomly==3.15.0
 sortedcontainers==2.4.0
-tomli==2.0.1
-zipp==3.19.2
+tomli==2.2.1
+zipp==3.20.2
 zope-event==5.0
-zope-interface==6.4.post2
+zope-interface==7.2
 
 # The following packages are considered to be unsafe in a requirements file:
-setuptools==71.1.0
+setuptools==75.3.0
diff --git a/.riot/requirements/1ef9f39.txt b/.riot/requirements/1655cb3.txt
similarity index 60%
rename from .riot/requirements/1ef9f39.txt
rename to .riot/requirements/1655cb3.txt
index 024457a7bfe..f2ceb6dcf0f 100644
--- a/.riot/requirements/1ef9f39.txt
+++ b/.riot/requirements/1655cb3.txt
@@ -2,23 +2,24 @@
 # This file is autogenerated by pip-compile with Python 3.12
 # by the following command:
 #
-#    pip-compile --allow-unsafe --no-annotate .riot/requirements/1ef9f39.in
+#    pip-compile --allow-unsafe --no-annotate .riot/requirements/1655cb3.in
 #
 arrow==1.3.0
 asgiref==3.8.1
-attrs==24.2.0
+attrs==24.3.0
 autobahn==24.4.2
 automat==24.8.1
+bcrypt==4.2.1
 blessed==1.20.0
-certifi==2024.8.30
-cffi==1.17.0
-channels==4.1.0
-charset-normalizer==3.3.2
+certifi==2024.12.14
+cffi==1.17.1
+channels==4.2.0
+charset-normalizer==3.4.0
 constantly==23.10.4
-coverage[toml]==7.6.1
-cryptography==43.0.0
+coverage[toml]==7.6.9
+cryptography==44.0.0
 daphne==4.1.2
-django==4.2.15
+django==4.2.17
 django-configurations==2.5.1
 django-picklefield==3.2
 django-pylibmc==0.6.1
@@ -26,48 +27,48 @@ django-q==1.3.6
 django-redis==4.5.0
 hyperlink==21.0.0
 hypothesis==6.45.0
-idna==3.8
+idna==3.10
 incremental==24.7.2
 iniconfig==2.0.0
-isodate==0.6.1
+isodate==0.7.2
 lxml==5.3.0
 mock==5.1.0
 opentracing==2.4.0
-packaging==24.1
-platformdirs==4.2.2
+packaging==24.2
+platformdirs==4.3.6
 pluggy==1.5.0
-psycopg==3.2.1
-psycopg2-binary==2.9.9
-pyasn1==0.6.0
-pyasn1-modules==0.4.0
+psycopg==3.2.3
+psycopg2-binary==2.9.10
+pyasn1==0.6.1
+pyasn1-modules==0.4.1
 pycparser==2.22
 pylibmc==1.6.3
-pyopenssl==24.2.1
-pytest==8.3.2
-pytest-cov==5.0.0
+pyopenssl==24.3.0
+pytest==8.3.4
+pytest-cov==6.0.0
 pytest-django[testing]==3.10.0
 pytest-mock==3.14.0
-pytest-randomly==3.15.0
+pytest-randomly==3.16.0
 python-dateutil==2.9.0.post0
 python-memcached==1.62
-pytz==2024.1
+pytz==2024.2
 redis==2.10.6
 requests==2.32.3
 requests-file==2.1.0
 requests-toolbelt==1.0.0
-service-identity==24.1.0
-six==1.16.0
+service-identity==24.2.0
+six==1.17.0
 sortedcontainers==2.4.0
 spyne==2.14.0
-sqlparse==0.5.1
-twisted[tls]==24.7.0
+sqlparse==0.5.3
+twisted[tls]==24.11.0
 txaio==23.1.1
-types-python-dateutil==2.9.0.20240821
+types-python-dateutil==2.9.0.20241206
 typing-extensions==4.12.2
-urllib3==2.2.2
+urllib3==2.2.3
 wcwidth==0.2.13
-zeep==4.2.1
-zope-interface==7.0.3
+zeep==4.3.1
+zope-interface==7.2
 
 # The following packages are considered to be unsafe in a requirements file:
-setuptools==74.0.0
+setuptools==75.6.0
diff --git a/.riot/requirements/16c1c69.txt b/.riot/requirements/16c1c69.txt
index 42db11315dd..1ead3b9ead1 100644
--- a/.riot/requirements/16c1c69.txt
+++ b/.riot/requirements/16c1c69.txt
@@ -4,27 +4,27 @@
 #
 #    pip-compile --allow-unsafe --no-annotate .riot/requirements/16c1c69.in
 #
-async-timeout==4.0.3
-attrs==23.2.0
-coverage[toml]==7.6.0
+async-timeout==5.0.1
+attrs==24.3.0
+coverage[toml]==7.6.10
 exceptiongroup==1.2.2
-gevent==24.2.1
-greenlet==3.0.3
+gevent==24.11.1
+greenlet==3.1.1
 hypothesis==6.45.0
 iniconfig==2.0.0
 mock==5.1.0
 opentracing==2.4.0
-packaging==24.1
+packaging==24.2
 pluggy==1.5.0
-pytest==8.3.1
-pytest-cov==5.0.0
+pytest==8.3.4
+pytest-cov==6.0.0
 pytest-mock==3.14.0
-pytest-randomly==3.15.0
-redis==5.0.7
+pytest-randomly==3.16.0
+redis==5.2.1
 sortedcontainers==2.4.0
-tomli==2.0.1
+tomli==2.2.1
 zope-event==5.0
-zope-interface==6.4.post2
+zope-interface==7.2
 
 # The following packages are considered to be unsafe in a requirements file:
-setuptools==71.1.0
+setuptools==75.7.0
diff --git a/.riot/requirements/16d2d1f.txt b/.riot/requirements/16d2d1f.txt
index 7092a5762ac..ef73ff927ab 100644
--- a/.riot/requirements/16d2d1f.txt
+++ b/.riot/requirements/16d2d1f.txt
@@ -4,21 +4,21 @@
 #
 #    pip-compile --allow-unsafe --no-annotate .riot/requirements/16d2d1f.in
 #
-attrs==24.2.0
-certifi==2024.8.30
+attrs==24.3.0
+certifi==2024.12.14
 charset-normalizer==2.1.1
-click==8.1.7
-coverage[toml]==7.6.1
-deprecated==1.2.14
+click==8.1.8
+coverage[toml]==7.6.10
+deprecated==1.2.15
 flask==2.1.3
-gevent==24.2.1
+gevent==24.11.1
 greenlet==3.1.1
 hypothesis==6.45.0
 idna==3.10
 importlib-metadata==8.5.0
 iniconfig==2.0.0
 itsdangerous==2.2.0
-jinja2==3.1.4
+jinja2==3.1.5
 markupsafe==2.0.1
 mock==5.1.0
 opentelemetry-api==1.15.0
@@ -28,21 +28,21 @@ opentelemetry-instrumentation-wsgi==0.45b0
 opentelemetry-semantic-conventions==0.45b0
 opentelemetry-util-http==0.45b0
 opentracing==2.4.0
-packaging==24.1
+packaging==24.2
 pluggy==1.5.0
-pytest==8.3.3
+pytest==8.3.4
 pytest-asyncio==0.21.1
-pytest-cov==5.0.0
+pytest-cov==6.0.0
 pytest-mock==3.14.0
-pytest-randomly==3.15.0
+pytest-randomly==3.16.0
 requests==2.28.1
 sortedcontainers==2.4.0
 urllib3==1.26.20
 werkzeug==2.1.2
-wrapt==1.16.0
-zipp==3.20.2
+wrapt==1.17.0
+zipp==3.21.0
 zope-event==5.0
-zope-interface==7.0.3
+zope-interface==7.2
 
 # The following packages are considered to be unsafe in a requirements file:
-setuptools==75.1.0
+setuptools==75.7.0
diff --git a/.riot/requirements/17148ee.txt b/.riot/requirements/17148ee.txt
index 55038acdf9f..2078ecac7e3 100644
--- a/.riot/requirements/17148ee.txt
+++ b/.riot/requirements/17148ee.txt
@@ -4,24 +4,24 @@
 #
 #    pip-compile --allow-unsafe --no-annotate .riot/requirements/17148ee.in
 #
-attrs==23.2.0
-coverage[toml]==7.6.0
-gevent==24.2.1
-greenlet==3.0.3
+attrs==24.3.0
+coverage[toml]==7.6.10
+gevent==24.11.1
+greenlet==3.1.1
 hypothesis==6.45.0
 iniconfig==2.0.0
 mock==5.1.0
 opentracing==2.4.0
-packaging==24.1
+packaging==24.2
 pluggy==1.5.0
-pytest==8.3.1
-pytest-cov==5.0.0
+pytest==8.3.4
+pytest-cov==6.0.0
 pytest-mock==3.14.0
-pytest-randomly==3.15.0
-redis==5.0.7
+pytest-randomly==3.16.0
+redis==5.2.1
 sortedcontainers==2.4.0
 zope-event==5.0
-zope-interface==6.4.post2
+zope-interface==7.2
 
 # The following packages are considered to be unsafe in a requirements file:
-setuptools==71.1.0
+setuptools==75.7.0
diff --git a/.riot/requirements/1800771.txt b/.riot/requirements/1800771.txt
index 9b2a1d04756..862fe93b3b3 100644
--- a/.riot/requirements/1800771.txt
+++ b/.riot/requirements/1800771.txt
@@ -4,32 +4,32 @@
 #
 #    pip-compile --allow-unsafe --no-annotate .riot/requirements/1800771.in
 #
-attrs==23.2.0
-coverage[toml]==7.6.0
+attrs==24.3.0
+coverage[toml]==7.6.10
 exceptiongroup==1.2.2
-gevent==24.2.1
-greenlet==3.0.3
-gunicorn[gevent]==22.0.0
+gevent==24.11.1
+greenlet==3.1.1
+gunicorn[gevent]==23.0.0
 hypothesis==6.45.0
-importlib-metadata==8.2.0
+importlib-metadata==8.5.0
 iniconfig==2.0.0
 mock==5.1.0
 opentracing==2.4.0
-packaging==24.1
+packaging==24.2
 pluggy==1.5.0
 py-cpuinfo==8.0.0
-pytest==8.3.1
+pytest==8.3.4
 pytest-asyncio==0.21.1
-pytest-benchmark==4.0.0
-pytest-cov==5.0.0
+pytest-benchmark==5.1.0
+pytest-cov==6.0.0
 pytest-mock==3.14.0
-pytest-randomly==3.15.0
+pytest-randomly==3.16.0
 sortedcontainers==2.4.0
-tomli==2.0.1
-uwsgi==2.0.26
-zipp==3.19.2
+tomli==2.2.1
+uwsgi==2.0.28
+zipp==3.21.0
 zope-event==5.0
-zope-interface==6.4.post2
+zope-interface==7.2
 
 # The following packages are considered to be unsafe in a requirements file:
-setuptools==71.1.0
+setuptools==75.7.0
diff --git a/.riot/requirements/189a9da.txt b/.riot/requirements/189a9da.txt
index 327d29ca153..2d4ab01b347 100644
--- a/.riot/requirements/189a9da.txt
+++ b/.riot/requirements/189a9da.txt
@@ -12,8 +12,8 @@ async-timeout==4.0.3
 asynctest==0.13.0
 attrs==24.2.0
 botocore==1.24.21
-certifi==2024.8.30
-charset-normalizer==3.4.0
+certifi==2024.12.14
+charset-normalizer==3.4.1
 coverage[toml]==7.2.7
 elastic-transport==8.13.1
 elasticsearch==8.14.0
@@ -39,7 +39,7 @@ pytest-mock==3.11.1
 pytest-randomly==3.12.0
 python-dateutil==2.9.0.post0
 requests==2.31.0
-six==1.16.0
+six==1.17.0
 sortedcontainers==2.4.0
 tomli==2.0.1
 typing-extensions==4.7.1
diff --git a/.riot/requirements/196d465.txt b/.riot/requirements/196d465.txt
index f54a0ce3377..16882c4c72e 100644
--- a/.riot/requirements/196d465.txt
+++ b/.riot/requirements/196d465.txt
@@ -2,23 +2,23 @@
 # This file is autogenerated by pip-compile with Python 3.12
 # by the following command:
 #
-#    pip-compile --no-annotate .riot/requirements/196d465.in
+#    pip-compile --allow-unsafe --no-annotate .riot/requirements/196d465.in
 #
-attrs==23.2.0
-certifi==2024.7.4
+attrs==24.3.0
+certifi==2024.12.14
 charset-normalizer==2.1.1
-click==8.1.7
-coverage[toml]==7.6.0
-deprecated==1.2.14
+click==8.1.8
+coverage[toml]==7.6.10
+deprecated==1.2.15
 flask==2.1.3
-gevent==24.2.1
-greenlet==3.0.3
+gevent==24.11.1
+greenlet==3.1.1
 hypothesis==6.45.0
-idna==3.7
+idna==3.10
 importlib-metadata==8.0.0
 iniconfig==2.0.0
 itsdangerous==2.2.0
-jinja2==3.1.4
+jinja2==3.1.5
 markupsafe==2.0.1
 mock==5.1.0
 opentelemetry-api==1.26.0
@@ -28,21 +28,21 @@ opentelemetry-instrumentation-wsgi==0.47b0
 opentelemetry-semantic-conventions==0.47b0
 opentelemetry-util-http==0.47b0
 opentracing==2.4.0
-packaging==24.1
+packaging==24.2
 pluggy==1.5.0
-pytest==8.3.2
+pytest==8.3.4
 pytest-asyncio==0.21.1
-pytest-cov==5.0.0
+pytest-cov==6.0.0
 pytest-mock==3.14.0
-pytest-randomly==3.15.0
+pytest-randomly==3.16.0
 requests==2.28.1
 sortedcontainers==2.4.0
-urllib3==1.26.19
+urllib3==1.26.20
 werkzeug==2.1.2
-wrapt==1.16.0
-zipp==3.19.2
+wrapt==1.17.0
+zipp==3.21.0
 zope-event==5.0
-zope-interface==6.4.post2
+zope-interface==7.2
 
 # The following packages are considered to be unsafe in a requirements file:
-setuptools==71.1.0
+setuptools==75.7.0
diff --git a/.riot/requirements/19a43a5.txt b/.riot/requirements/19a43a5.txt
index 25a918eb7ad..9847c944110 100644
--- a/.riot/requirements/19a43a5.txt
+++ b/.riot/requirements/19a43a5.txt
@@ -4,8 +4,8 @@
 #
 #    pip-compile --allow-unsafe --no-annotate .riot/requirements/19a43a5.in
 #
-attrs==24.2.0
-coverage[toml]==7.6.4
+attrs==24.3.0
+coverage[toml]==7.6.10
 exceptiongroup==1.2.2
 gevent==24.11.1
 greenlet==3.1.1
@@ -16,15 +16,15 @@ mock==5.1.0
 opentracing==2.4.0
 packaging==24.2
 pluggy==1.5.0
-pytest==8.3.3
+pytest==8.3.4
 pytest-cov==6.0.0
 pytest-mock==3.14.0
 pytest-randomly==3.16.0
 sortedcontainers==2.4.0
-tomli==2.0.2
+tomli==2.2.1
 zipp==3.21.0
 zope-event==5.0
-zope-interface==7.1.1
+zope-interface==7.2
 
 # The following packages are considered to be unsafe in a requirements file:
-setuptools==75.3.0
+setuptools==75.7.0
diff --git a/.riot/requirements/1a1dfc3.txt b/.riot/requirements/1a1dfc3.txt
index 314db7a3a01..3b472dee665 100644
--- a/.riot/requirements/1a1dfc3.txt
+++ b/.riot/requirements/1a1dfc3.txt
@@ -4,32 +4,32 @@
 #
 #    pip-compile --allow-unsafe --no-annotate .riot/requirements/1a1dfc3.in
 #
-attrs==23.2.0
-coverage[toml]==7.6.0
+attrs==24.3.0
+coverage[toml]==7.6.1
 exceptiongroup==1.2.2
 gevent==24.2.1
-greenlet==3.0.3
-gunicorn[gevent]==22.0.0
+greenlet==3.1.1
+gunicorn[gevent]==23.0.0
 hypothesis==6.45.0
-importlib-metadata==8.2.0
+importlib-metadata==8.5.0
 iniconfig==2.0.0
 mock==5.1.0
 opentracing==2.4.0
-packaging==24.1
+packaging==24.2
 pluggy==1.5.0
 py-cpuinfo==8.0.0
-pytest==8.3.1
+pytest==8.3.4
 pytest-asyncio==0.21.1
 pytest-benchmark==4.0.0
 pytest-cov==5.0.0
 pytest-mock==3.14.0
 pytest-randomly==3.15.0
 sortedcontainers==2.4.0
-tomli==2.0.1
-uwsgi==2.0.26
-zipp==3.19.2
+tomli==2.2.1
+uwsgi==2.0.28
+zipp==3.20.2
 zope-event==5.0
-zope-interface==6.4.post2
+zope-interface==7.2
 
 # The following packages are considered to be unsafe in a requirements file:
-setuptools==71.1.0
+setuptools==75.3.0
diff --git a/.riot/requirements/1a736ea.txt b/.riot/requirements/1a736ea.txt
index c6bda03b45b..12c7df3ce6c 100644
--- a/.riot/requirements/1a736ea.txt
+++ b/.riot/requirements/1a736ea.txt
@@ -4,33 +4,33 @@
 #
 #    pip-compile --allow-unsafe --no-annotate .riot/requirements/1a736ea.in
 #
-attrs==23.2.0
-certifi==2024.7.4
-charset-normalizer==3.3.2
-coverage[toml]==7.6.0
+attrs==24.3.0
+certifi==2024.12.14
+charset-normalizer==3.4.1
+coverage[toml]==7.6.10
 exceptiongroup==1.2.2
-gevent==24.2.1
-greenlet==3.0.3
-gunicorn==22.0.0
+gevent==24.11.1
+greenlet==3.1.1
+gunicorn==23.0.0
 hypothesis==6.45.0
-idna==3.7
-importlib-metadata==8.2.0
+idna==3.10
+importlib-metadata==8.5.0
 iniconfig==2.0.0
 mock==5.1.0
 opentracing==2.4.0
-packaging==24.1
+packaging==24.2
 pluggy==1.5.0
-pytest==8.3.1
-pytest-cov==5.0.0
+pytest==8.3.4
+pytest-cov==6.0.0
 pytest-mock==3.14.0
-pytest-randomly==3.15.0
+pytest-randomly==3.16.0
 requests==2.32.3
 sortedcontainers==2.4.0
-tomli==2.0.1
-urllib3==2.2.2
-zipp==3.19.2
+tomli==2.2.1
+urllib3==2.3.0
+zipp==3.21.0
 zope-event==5.0
-zope-interface==6.4.post2
+zope-interface==7.2
 
 # The following packages are considered to be unsafe in a requirements file:
-setuptools==71.1.0
+setuptools==75.7.0
diff --git a/.riot/requirements/1aa3044.txt b/.riot/requirements/1aa3044.txt
index 7bf52690f10..ea24d5777cb 100644
--- a/.riot/requirements/1aa3044.txt
+++ b/.riot/requirements/1aa3044.txt
@@ -2,19 +2,19 @@
 # This file is autogenerated by pip-compile with Python 3.12
 # by the following command:
 #
-#    pip-compile --no-annotate .riot/requirements/1aa3044.in
+#    pip-compile --allow-unsafe --no-annotate .riot/requirements/1aa3044.in
 #
 asgiref==3.8.1
-attrs==23.2.0
-certifi==2024.7.4
+attrs==24.3.0
+certifi==2024.12.14
 charset-normalizer==2.1.1
 click==7.1.2
-coverage[toml]==7.6.0
+coverage[toml]==7.6.10
 flask==1.1.4
-gevent==24.2.1
-greenlet==3.0.3
+gevent==24.11.1
+greenlet==3.1.1
 hypothesis==6.45.0
-idna==3.7
+idna==3.10
 iniconfig==2.0.0
 itsdangerous==1.1.0
 jinja2==2.11.3
@@ -26,20 +26,20 @@ opentelemetry-instrumentation-flask==0.19b0
 opentelemetry-instrumentation-wsgi==0.19b0
 opentelemetry-util-http==0.19b0
 opentracing==2.4.0
-packaging==24.1
+packaging==24.2
 pluggy==1.5.0
-pytest==8.3.2
+pytest==8.3.4
 pytest-asyncio==0.21.1
-pytest-cov==5.0.0
+pytest-cov==6.0.0
 pytest-mock==3.14.0
-pytest-randomly==3.15.0
+pytest-randomly==3.16.0
 requests==2.28.1
 sortedcontainers==2.4.0
-urllib3==1.26.19
+urllib3==1.26.20
 werkzeug==1.0.1
-wrapt==1.16.0
+wrapt==1.17.0
 zope-event==5.0
-zope-interface==6.4.post2
+zope-interface==7.2
 
 # The following packages are considered to be unsafe in a requirements file:
-# setuptools
+setuptools==75.7.0
diff --git a/.riot/requirements/d5fcd88.txt b/.riot/requirements/1aa41b2.txt
similarity index 83%
rename from .riot/requirements/d5fcd88.txt
rename to .riot/requirements/1aa41b2.txt
index acdaba91c5a..79322e51fe1 100644
--- a/.riot/requirements/d5fcd88.txt
+++ b/.riot/requirements/1aa41b2.txt
@@ -2,22 +2,23 @@
 # This file is autogenerated by pip-compile with Python 3.7
 # by the following command:
 #
-#    pip-compile --allow-unsafe --config=pyproject.toml --no-annotate --resolver=backtracking .riot/requirements/d5fcd88.in
+#    pip-compile --allow-unsafe --no-annotate --resolver=backtracking .riot/requirements/1aa41b2.in
 #
 arrow==1.2.3
 asgiref==3.7.2
 attrs==24.2.0
 autobahn==23.1.2
 automat==22.10.0
+bcrypt==4.2.1
 blessed==1.20.0
 cached-property==1.5.2
-certifi==2024.8.30
+certifi==2024.12.14
 cffi==1.15.1
 channels==4.0.0
-charset-normalizer==3.3.2
+charset-normalizer==3.4.0
 constantly==15.1.0
 coverage[toml]==7.2.7
-cryptography==43.0.0
+cryptography==44.0.0
 daphne==4.0.0
 django==3.2.25
 django-configurations==2.4.2
@@ -28,11 +29,11 @@ django-redis==4.5.0
 exceptiongroup==1.2.2
 hyperlink==21.0.0
 hypothesis==6.45.0
-idna==3.8
+idna==3.10
 importlib-metadata==6.7.0
 incremental==22.10.0
 iniconfig==2.0.0
-isodate==0.6.1
+isodate==0.7.2
 lxml==5.3.0
 mock==5.1.0
 opentracing==2.4.0
@@ -44,7 +45,7 @@ pyasn1==0.5.1
 pyasn1-modules==0.3.0
 pycparser==2.21
 pylibmc==1.6.3
-pyopenssl==24.2.1
+pyopenssl==24.3.0
 pytest==7.4.4
 pytest-cov==4.1.0
 pytest-django[testing]==3.10.0
@@ -52,13 +53,13 @@ pytest-mock==3.11.1
 pytest-randomly==3.12.0
 python-dateutil==2.9.0.post0
 python-memcached==1.62
-pytz==2024.1
+pytz==2024.2
 redis==2.10.6
 requests==2.31.0
 requests-file==2.1.0
 requests-toolbelt==1.0.0
 service-identity==21.1.0
-six==1.16.0
+six==1.17.0
 sortedcontainers==2.4.0
 spyne==2.14.0
 sqlparse==0.4.4
diff --git a/.riot/requirements/1aa652f.txt b/.riot/requirements/1aa652f.txt
index c93d6b8a86f..1acfd0b6d9f 100644
--- a/.riot/requirements/1aa652f.txt
+++ b/.riot/requirements/1aa652f.txt
@@ -5,17 +5,17 @@
 #    pip-compile --allow-unsafe --no-annotate .riot/requirements/1aa652f.in
 #
 aiobotocore==2.3.1
-aiohappyeyeballs==2.4.3
-aiohttp==3.10.10
+aiohappyeyeballs==2.4.4
+aiohttp==3.11.11
 aioitertools==0.12.0
-aiosignal==1.3.1
-attrs==24.2.0
+aiosignal==1.3.2
+attrs==24.3.0
 botocore==1.24.21
-certifi==2024.8.30
-charset-normalizer==3.4.0
-coverage[toml]==7.6.4
+certifi==2024.12.14
+charset-normalizer==3.4.1
+coverage[toml]==7.6.10
 elastic-transport==8.15.1
-elasticsearch==8.15.1
+elasticsearch==8.17.0
 events==0.5
 frozenlist==1.5.0
 gevent==22.10.2
@@ -26,25 +26,25 @@ iniconfig==2.0.0
 jmespath==1.0.1
 mock==5.1.0
 multidict==6.1.0
-opensearch-py==2.7.1
+opensearch-py==2.8.0
 opentracing==2.4.0
-packaging==24.1
+packaging==24.2
 pluggy==1.5.0
-propcache==0.2.0
+propcache==0.2.1
 pynamodb==5.5.1
-pytest==8.3.3
-pytest-cov==5.0.0
+pytest==8.3.4
+pytest-cov==6.0.0
 pytest-mock==3.14.0
 pytest-randomly==3.16.0
 python-dateutil==2.9.0.post0
 requests==2.32.3
-six==1.16.0
+six==1.17.0
 sortedcontainers==2.4.0
 urllib3==1.26.20
-wrapt==1.16.0
-yarl==1.16.0
+wrapt==1.17.0
+yarl==1.18.3
 zope-event==5.0
-zope-interface==7.1.1
+zope-interface==7.2
 
 # The following packages are considered to be unsafe in a requirements file:
-setuptools==75.2.0
+setuptools==75.7.0
diff --git a/.riot/requirements/1ace55b.txt b/.riot/requirements/1ace55b.txt
index 60ffb476378..ce911d8a998 100644
--- a/.riot/requirements/1ace55b.txt
+++ b/.riot/requirements/1ace55b.txt
@@ -5,18 +5,18 @@
 #    pip-compile --allow-unsafe --no-annotate .riot/requirements/1ace55b.in
 #
 aiobotocore==2.3.1
-aiohappyeyeballs==2.4.3
-aiohttp==3.10.10
+aiohappyeyeballs==2.4.4
+aiohttp==3.11.11
 aioitertools==0.12.0
-aiosignal==1.3.1
-async-timeout==4.0.3
-attrs==24.2.0
+aiosignal==1.3.2
+async-timeout==5.0.1
+attrs==24.3.0
 botocore==1.24.21
-certifi==2024.8.30
-charset-normalizer==3.4.0
-coverage[toml]==7.6.4
+certifi==2024.12.14
+charset-normalizer==3.4.1
+coverage[toml]==7.6.10
 elastic-transport==8.15.1
-elasticsearch==8.15.1
+elasticsearch==8.17.0
 events==0.5
 exceptiongroup==1.2.2
 frozenlist==1.5.0
@@ -28,27 +28,27 @@ iniconfig==2.0.0
 jmespath==1.0.1
 mock==5.1.0
 multidict==6.1.0
-opensearch-py==2.7.1
+opensearch-py==2.8.0
 opentracing==2.4.0
-packaging==24.1
+packaging==24.2
 pluggy==1.5.0
-propcache==0.2.0
+propcache==0.2.1
 pynamodb==5.5.1
-pytest==8.3.3
-pytest-cov==5.0.0
+pytest==8.3.4
+pytest-cov==6.0.0
 pytest-mock==3.14.0
 pytest-randomly==3.16.0
 python-dateutil==2.9.0.post0
 requests==2.32.3
-six==1.16.0
+six==1.17.0
 sortedcontainers==2.4.0
-tomli==2.0.2
+tomli==2.2.1
 typing-extensions==4.12.2
 urllib3==1.26.20
-wrapt==1.16.0
-yarl==1.16.0
+wrapt==1.17.0
+yarl==1.18.3
 zope-event==5.0
-zope-interface==7.1.1
+zope-interface==7.2
 
 # The following packages are considered to be unsafe in a requirements file:
-setuptools==75.2.0
+setuptools==75.7.0
diff --git a/.riot/requirements/1b284db.txt b/.riot/requirements/1b284db.txt
index 890031e7402..d5fd2c4603b 100644
--- a/.riot/requirements/1b284db.txt
+++ b/.riot/requirements/1b284db.txt
@@ -4,7 +4,7 @@
 #
 #    pip-compile --allow-unsafe --no-annotate .riot/requirements/1b284db.in
 #
-attrs==24.2.0
+attrs==24.3.0
 coverage[toml]==7.6.1
 exceptiongroup==1.2.2
 gevent==24.2.1
@@ -16,10 +16,10 @@ iniconfig==2.0.0
 lz4==4.3.3
 mock==5.1.0
 opentracing==2.4.0
-packaging==24.1
+packaging==24.2
 pluggy==1.5.0
 py-cpuinfo==8.0.0
-pytest==8.3.3
+pytest==8.3.4
 pytest-asyncio==0.21.1
 pytest-benchmark==4.0.0
 pytest-cov==5.0.0
@@ -27,11 +27,11 @@ pytest-cpp==2.6.0
 pytest-mock==3.14.0
 pytest-randomly==3.15.0
 sortedcontainers==2.4.0
-tomli==2.0.2
-uwsgi==2.0.27
+tomli==2.2.1
+uwsgi==2.0.28
 zipp==3.20.2
 zope-event==5.0
-zope-interface==7.1.0
+zope-interface==7.2
 
 # The following packages are considered to be unsafe in a requirements file:
-setuptools==75.2.0
+setuptools==75.3.0
diff --git a/.riot/requirements/1b73c58.txt b/.riot/requirements/1b73c58.txt
index dd75b04079c..19a201fee30 100644
--- a/.riot/requirements/1b73c58.txt
+++ b/.riot/requirements/1b73c58.txt
@@ -4,16 +4,16 @@
 #
 #    pip-compile --allow-unsafe --config=pyproject.toml --no-annotate --resolver=backtracking .riot/requirements/1b73c58.in
 #
-attrs==23.2.0
-certifi==2024.7.4
-charset-normalizer==3.3.2
+attrs==24.2.0
+certifi==2024.12.14
+charset-normalizer==3.4.1
 coverage[toml]==7.2.7
 exceptiongroup==1.2.2
 gevent==22.10.2
-greenlet==3.0.3
+greenlet==3.1.1
 gunicorn==20.0.4
 hypothesis==6.45.0
-idna==3.7
+idna==3.10
 importlib-metadata==6.7.0
 iniconfig==2.0.0
 mock==5.1.0
diff --git a/.riot/requirements/1b90fc9.txt b/.riot/requirements/1b90fc9.txt
index 1cbc40de4bb..dcfcaa69631 100644
--- a/.riot/requirements/1b90fc9.txt
+++ b/.riot/requirements/1b90fc9.txt
@@ -4,26 +4,26 @@
 #
 #    pip-compile --allow-unsafe --no-annotate .riot/requirements/1b90fc9.in
 #
-attrs==23.2.0
-coverage[toml]==7.6.0
+attrs==24.3.0
+coverage[toml]==7.6.10
 exceptiongroup==1.2.2
-gevent==24.2.1
-greenlet==3.0.3
+gevent==24.11.1
+greenlet==3.1.1
 hypothesis==6.45.0
 iniconfig==2.0.0
 mock==5.1.0
-msgpack==1.0.8
+msgpack==1.1.0
 opentracing==2.4.0
-packaging==24.1
+packaging==24.2
 pluggy==1.5.0
-pytest==8.3.1
-pytest-cov==5.0.0
+pytest==8.3.4
+pytest-cov==6.0.0
 pytest-mock==3.14.0
-pytest-randomly==3.15.0
+pytest-randomly==3.16.0
 sortedcontainers==2.4.0
-tomli==2.0.1
+tomli==2.2.1
 zope-event==5.0
-zope-interface==6.4.post2
+zope-interface==7.2
 
 # The following packages are considered to be unsafe in a requirements file:
-setuptools==71.1.0
+setuptools==75.7.0
diff --git a/.riot/requirements/1bceb88.txt b/.riot/requirements/1bceb88.txt
index 444e5a3b49c..2c50572f098 100644
--- a/.riot/requirements/1bceb88.txt
+++ b/.riot/requirements/1bceb88.txt
@@ -5,18 +5,18 @@
 #    pip-compile --allow-unsafe --no-annotate .riot/requirements/1bceb88.in
 #
 aiobotocore==2.3.1
-aiohappyeyeballs==2.4.3
-aiohttp==3.10.10
+aiohappyeyeballs==2.4.4
+aiohttp==3.10.11
 aioitertools==0.12.0
 aiosignal==1.3.1
-async-timeout==4.0.3
-attrs==24.2.0
+async-timeout==5.0.1
+attrs==24.3.0
 botocore==1.24.21
-certifi==2024.8.30
-charset-normalizer==3.4.0
+certifi==2024.12.14
+charset-normalizer==3.4.1
 coverage[toml]==7.6.1
 elastic-transport==8.15.1
-elasticsearch==8.15.1
+elasticsearch==8.17.0
 events==0.5
 exceptiongroup==1.2.2
 frozenlist==1.5.0
@@ -29,28 +29,28 @@ iniconfig==2.0.0
 jmespath==1.0.1
 mock==5.1.0
 multidict==6.1.0
-opensearch-py==2.7.1
+opensearch-py==2.8.0
 opentracing==2.4.0
-packaging==24.1
+packaging==24.2
 pluggy==1.5.0
 propcache==0.2.0
 pynamodb==5.5.1
-pytest==8.3.3
+pytest==8.3.4
 pytest-cov==5.0.0
 pytest-mock==3.14.0
 pytest-randomly==3.15.0
 python-dateutil==2.9.0.post0
 requests==2.32.3
-six==1.16.0
+six==1.17.0
 sortedcontainers==2.4.0
-tomli==2.0.2
+tomli==2.2.1
 typing-extensions==4.12.2
 urllib3==1.26.20
-wrapt==1.16.0
+wrapt==1.17.0
 yarl==1.15.2
 zipp==3.20.2
 zope-event==5.0
-zope-interface==7.1.1
+zope-interface==7.2
 
 # The following packages are considered to be unsafe in a requirements file:
-setuptools==75.2.0
+setuptools==75.3.0
diff --git a/.riot/requirements/1c47005.txt b/.riot/requirements/1c47005.txt
index 7be57bbcc0d..721efbb4269 100644
--- a/.riot/requirements/1c47005.txt
+++ b/.riot/requirements/1c47005.txt
@@ -2,20 +2,20 @@
 # This file is autogenerated by pip-compile with Python 3.10
 # by the following command:
 #
-#    pip-compile --no-annotate .riot/requirements/1c47005.in
+#    pip-compile --allow-unsafe --no-annotate .riot/requirements/1c47005.in
 #
 asgiref==3.8.1
-attrs==23.2.0
-certifi==2024.7.4
+attrs==24.3.0
+certifi==2024.12.14
 charset-normalizer==2.1.1
 click==7.1.2
-coverage[toml]==7.6.0
+coverage[toml]==7.6.10
 exceptiongroup==1.2.2
 flask==1.1.4
-gevent==24.2.1
-greenlet==3.0.3
+gevent==24.11.1
+greenlet==3.1.1
 hypothesis==6.45.0
-idna==3.7
+idna==3.10
 iniconfig==2.0.0
 itsdangerous==1.1.0
 jinja2==2.11.3
@@ -27,22 +27,22 @@ opentelemetry-instrumentation-flask==0.19b0
 opentelemetry-instrumentation-wsgi==0.19b0
 opentelemetry-util-http==0.19b0
 opentracing==2.4.0
-packaging==24.1
+packaging==24.2
 pluggy==1.5.0
-pytest==8.3.2
+pytest==8.3.4
 pytest-asyncio==0.21.1
-pytest-cov==5.0.0
+pytest-cov==6.0.0
 pytest-mock==3.14.0
-pytest-randomly==3.15.0
+pytest-randomly==3.16.0
 requests==2.28.1
 sortedcontainers==2.4.0
-tomli==2.0.1
+tomli==2.2.1
 typing-extensions==4.12.2
-urllib3==1.26.19
+urllib3==1.26.20
 werkzeug==1.0.1
-wrapt==1.16.0
+wrapt==1.17.0
 zope-event==5.0
-zope-interface==6.4.post2
+zope-interface==7.2
 
 # The following packages are considered to be unsafe in a requirements file:
-# setuptools
+setuptools==75.7.0
diff --git a/.riot/requirements/16ae097.txt b/.riot/requirements/1c5581b.txt
similarity index 59%
rename from .riot/requirements/16ae097.txt
rename to .riot/requirements/1c5581b.txt
index 9b59b497e97..4886bf012bf 100644
--- a/.riot/requirements/16ae097.txt
+++ b/.riot/requirements/1c5581b.txt
@@ -2,23 +2,24 @@
 # This file is autogenerated by pip-compile with Python 3.9
 # by the following command:
 #
-#    pip-compile --allow-unsafe --no-annotate .riot/requirements/16ae097.in
+#    pip-compile --allow-unsafe --no-annotate .riot/requirements/1c5581b.in
 #
 arrow==1.3.0
 asgiref==3.8.1
-attrs==24.2.0
+attrs==24.3.0
 autobahn==24.4.2
 automat==24.8.1
+bcrypt==4.2.1
 blessed==1.20.0
-certifi==2024.8.30
-cffi==1.17.0
-channels==4.1.0
-charset-normalizer==3.3.2
+certifi==2024.12.14
+cffi==1.17.1
+channels==4.2.0
+charset-normalizer==3.4.0
 constantly==23.10.4
-coverage[toml]==7.6.1
-cryptography==43.0.0
+coverage[toml]==7.6.9
+cryptography==43.0.3
 daphne==4.1.2
-django==4.2.15
+django==4.2.17
 django-configurations==2.5.1
 django-picklefield==3.2
 django-pylibmc==0.6.1
@@ -27,51 +28,50 @@ django-redis==4.5.0
 exceptiongroup==1.2.2
 hyperlink==21.0.0
 hypothesis==6.45.0
-idna==3.8
-importlib-metadata==8.4.0
+idna==3.10
+importlib-metadata==8.5.0
 incremental==24.7.2
 iniconfig==2.0.0
-isodate==0.6.1
+isodate==0.7.2
 lxml==5.3.0
 mock==5.1.0
 opentracing==2.4.0
-packaging==24.1
-platformdirs==4.2.2
+packaging==24.2
+platformdirs==4.3.6
 pluggy==1.5.0
-psycopg==3.2.1
-psycopg2-binary==2.9.9
-pyasn1==0.6.0
-pyasn1-modules==0.4.0
+psycopg2-binary==2.9.10
+pyasn1==0.6.1
+pyasn1-modules==0.4.1
 pycparser==2.22
 pylibmc==1.6.3
-pyopenssl==24.2.1
-pytest==8.3.2
-pytest-cov==5.0.0
+pyopenssl==24.3.0
+pytest==8.3.4
+pytest-cov==6.0.0
 pytest-django[testing]==3.10.0
 pytest-mock==3.14.0
-pytest-randomly==3.15.0
+pytest-randomly==3.16.0
 python-dateutil==2.9.0.post0
 python-memcached==1.62
-pytz==2024.1
+pytz==2024.2
 redis==2.10.6
 requests==2.32.3
 requests-file==2.1.0
 requests-toolbelt==1.0.0
-service-identity==24.1.0
-six==1.16.0
+service-identity==24.2.0
+six==1.17.0
 sortedcontainers==2.4.0
 spyne==2.14.0
-sqlparse==0.5.1
-tomli==2.0.1
-twisted[tls]==24.7.0
+sqlparse==0.5.3
+tomli==2.2.1
+twisted[tls]==24.11.0
 txaio==23.1.1
-types-python-dateutil==2.9.0.20240821
+types-python-dateutil==2.9.0.20241206
 typing-extensions==4.12.2
-urllib3==2.2.2
+urllib3==2.2.3
 wcwidth==0.2.13
-zeep==4.2.1
-zipp==3.20.1
-zope-interface==7.0.3
+zeep==4.3.1
+zipp==3.21.0
+zope-interface==7.2
 
 # The following packages are considered to be unsafe in a requirements file:
-setuptools==74.0.0
+setuptools==75.6.0
diff --git a/.riot/requirements/1d21682.txt b/.riot/requirements/1d21682.txt
index 93fd622b954..f70fec181a5 100644
--- a/.riot/requirements/1d21682.txt
+++ b/.riot/requirements/1d21682.txt
@@ -4,8 +4,8 @@
 #
 #    pip-compile --allow-unsafe --no-annotate .riot/requirements/1d21682.in
 #
-attrs==24.2.0
-coverage[toml]==7.6.4
+attrs==24.3.0
+coverage[toml]==7.6.10
 gevent==24.11.1
 greenlet==3.1.1
 gunicorn[gevent]==23.0.0
@@ -17,7 +17,7 @@ opentracing==2.4.0
 packaging==24.2
 pluggy==1.5.0
 py-cpuinfo==8.0.0
-pytest==8.3.3
+pytest==8.3.4
 pytest-asyncio==0.21.1
 pytest-benchmark==5.1.0
 pytest-cov==6.0.0
@@ -27,7 +27,7 @@ pytest-randomly==3.16.0
 sortedcontainers==2.4.0
 uwsgi==2.0.28
 zope-event==5.0
-zope-interface==7.1.1
+zope-interface==7.2
 
 # The following packages are considered to be unsafe in a requirements file:
-setuptools==75.4.0
+setuptools==75.7.0
diff --git a/.riot/requirements/1d4e95e.txt b/.riot/requirements/1d4e95e.txt
new file mode 100644
index 00000000000..9d2871696ae
--- /dev/null
+++ b/.riot/requirements/1d4e95e.txt
@@ -0,0 +1,27 @@
+#
+# This file is autogenerated by pip-compile with Python 3.13
+# by the following command:
+#
+#    pip-compile --allow-unsafe --no-annotate .riot/requirements/1d4e95e.in
+#
+attrs==24.3.0
+coverage[toml]==7.6.10
+gevent==24.11.1
+greenlet==3.1.1
+hypothesis==6.45.0
+iniconfig==2.0.0
+mock==5.1.0
+msgpack==1.1.0
+opentracing==2.4.0
+packaging==24.2
+pluggy==1.5.0
+pytest==8.3.4
+pytest-cov==6.0.0
+pytest-mock==3.14.0
+pytest-randomly==3.16.0
+sortedcontainers==2.4.0
+zope-event==5.0
+zope-interface==7.2
+
+# The following packages are considered to be unsafe in a requirements file:
+setuptools==75.8.0
diff --git a/.riot/requirements/1d6a1a5.txt b/.riot/requirements/1d6a1a5.txt
index 2ec9ed99c31..8c33bbe9819 100644
--- a/.riot/requirements/1d6a1a5.txt
+++ b/.riot/requirements/1d6a1a5.txt
@@ -4,11 +4,11 @@
 #
 #    pip-compile --allow-unsafe --config=pyproject.toml --no-annotate --resolver=backtracking .riot/requirements/1d6a1a5.in
 #
-attrs==23.2.0
+attrs==24.2.0
 coverage[toml]==7.2.7
 exceptiongroup==1.2.2
 gevent==22.10.2
-greenlet==3.0.3
+greenlet==3.1.1
 hypothesis==6.45.0
 importlib-metadata==6.7.0
 iniconfig==2.0.0
diff --git a/.riot/requirements/1dcce79.txt b/.riot/requirements/1dcce79.txt
index 77afe779c84..4e759a7f5b6 100644
--- a/.riot/requirements/1dcce79.txt
+++ b/.riot/requirements/1dcce79.txt
@@ -4,29 +4,29 @@
 #
 #    pip-compile --allow-unsafe --no-annotate .riot/requirements/1dcce79.in
 #
-attrs==23.2.0
-certifi==2024.7.4
-charset-normalizer==3.3.2
-coverage[toml]==7.6.0
-gevent==24.2.1
-greenlet==3.0.3
-gunicorn==22.0.0
+attrs==24.3.0
+certifi==2024.12.14
+charset-normalizer==3.4.1
+coverage[toml]==7.6.10
+gevent==24.11.1
+greenlet==3.1.1
+gunicorn==23.0.0
 hypothesis==6.45.0
-idna==3.7
+idna==3.10
 iniconfig==2.0.0
 mock==5.1.0
 opentracing==2.4.0
-packaging==24.1
+packaging==24.2
 pluggy==1.5.0
-pytest==8.3.1
-pytest-cov==5.0.0
+pytest==8.3.4
+pytest-cov==6.0.0
 pytest-mock==3.14.0
-pytest-randomly==3.15.0
+pytest-randomly==3.16.0
 requests==2.32.3
 sortedcontainers==2.4.0
-urllib3==2.2.2
+urllib3==2.3.0
 zope-event==5.0
-zope-interface==6.4.post2
+zope-interface==7.2
 
 # The following packages are considered to be unsafe in a requirements file:
-setuptools==71.1.0
+setuptools==75.7.0
diff --git a/.riot/requirements/1dd5678.txt b/.riot/requirements/1dd5678.txt
index c3ed6ec2447..148c212e752 100644
--- a/.riot/requirements/1dd5678.txt
+++ b/.riot/requirements/1dd5678.txt
@@ -4,27 +4,27 @@
 #
 #    pip-compile --allow-unsafe --no-annotate .riot/requirements/1dd5678.in
 #
-attrs==24.2.0
-coverage[toml]==7.6.1
-gevent==24.2.1
+attrs==24.3.0
+coverage[toml]==7.6.10
+gevent==24.11.1
 greenlet==3.1.1
 httpretty==1.1.4
 hypothesis==6.45.0
 iniconfig==2.0.0
 mock==5.1.0
 opentracing==2.4.0
-packaging==24.1
+packaging==24.2
 pluggy==1.5.0
-pyfakefs==5.6.0
-pytest==8.3.3
+pyfakefs==5.7.3
+pytest==8.3.4
 pytest-asyncio==0.23.8
-pytest-cov==5.0.0
+pytest-cov==6.0.0
 pytest-mock==3.14.0
-pytest-randomly==3.15.0
+pytest-randomly==3.16.0
 python-json-logger==2.0.7
 sortedcontainers==2.4.0
 zope-event==5.0
-zope-interface==7.0.3
+zope-interface==7.2
 
 # The following packages are considered to be unsafe in a requirements file:
-setuptools==75.1.0
+setuptools==75.7.0
diff --git a/.riot/requirements/1ddcf3c.txt b/.riot/requirements/1ddcf3c.txt
index 9a981cb2891..a6256298653 100644
--- a/.riot/requirements/1ddcf3c.txt
+++ b/.riot/requirements/1ddcf3c.txt
@@ -4,33 +4,33 @@
 #
 #    pip-compile --allow-unsafe --no-annotate .riot/requirements/1ddcf3c.in
 #
-attrs==23.2.0
-certifi==2024.7.4
-charset-normalizer==3.3.2
-coverage[toml]==7.6.0
+attrs==24.3.0
+certifi==2024.12.14
+charset-normalizer==3.4.1
+coverage[toml]==7.6.10
 exceptiongroup==1.2.2
-gevent==24.2.1
-greenlet==3.0.3
+gevent==24.11.1
+greenlet==3.1.1
 gunicorn==20.0.4
 hypothesis==6.45.0
-idna==3.7
-importlib-metadata==8.2.0
+idna==3.10
+importlib-metadata==8.5.0
 iniconfig==2.0.0
 mock==5.1.0
 opentracing==2.4.0
-packaging==24.1
+packaging==24.2
 pluggy==1.5.0
-pytest==8.3.1
-pytest-cov==5.0.0
+pytest==8.3.4
+pytest-cov==6.0.0
 pytest-mock==3.14.0
-pytest-randomly==3.15.0
+pytest-randomly==3.16.0
 requests==2.32.3
 sortedcontainers==2.4.0
-tomli==2.0.1
-urllib3==2.2.2
-zipp==3.19.2
+tomli==2.2.1
+urllib3==2.3.0
+zipp==3.21.0
 zope-event==5.0
-zope-interface==6.4.post2
+zope-interface==7.2
 
 # The following packages are considered to be unsafe in a requirements file:
-setuptools==71.1.0
+setuptools==75.7.0
diff --git a/.riot/requirements/1df3425.txt b/.riot/requirements/1df3425.txt
index 607001ee8c3..f3b560229bd 100644
--- a/.riot/requirements/1df3425.txt
+++ b/.riot/requirements/1df3425.txt
@@ -4,27 +4,27 @@
 #
 #    pip-compile --allow-unsafe --no-annotate .riot/requirements/1df3425.in
 #
-attrs==23.2.0
-coverage[toml]==7.6.0
-gevent==24.2.1
-greenlet==3.0.3
+attrs==24.3.0
+coverage[toml]==7.6.10
+gevent==24.11.1
+greenlet==3.1.1
 httpretty==1.1.4
 hypothesis==6.45.0
 iniconfig==2.0.0
 mock==5.1.0
 opentracing==2.4.0
-packaging==24.1
+packaging==24.2
 pluggy==1.5.0
-pyfakefs==5.6.0
-pytest==8.3.1
+pyfakefs==5.7.3
+pytest==8.3.4
 pytest-asyncio==0.23.8
-pytest-cov==5.0.0
+pytest-cov==6.0.0
 pytest-mock==3.14.0
-pytest-randomly==3.15.0
+pytest-randomly==3.16.0
 python-json-logger==2.0.7
 sortedcontainers==2.4.0
 zope-event==5.0
-zope-interface==6.4.post2
+zope-interface==7.2
 
 # The following packages are considered to be unsafe in a requirements file:
-setuptools==71.1.0
+setuptools==75.7.0
diff --git a/.riot/requirements/1df8347.txt b/.riot/requirements/1df8347.txt
index f99acfad6e4..ca1c3a6ec3f 100644
--- a/.riot/requirements/1df8347.txt
+++ b/.riot/requirements/1df8347.txt
@@ -4,33 +4,33 @@
 #
 #    pip-compile --allow-unsafe --no-annotate .riot/requirements/1df8347.in
 #
-attrs==23.2.0
-certifi==2024.7.4
-charset-normalizer==3.3.2
-coverage[toml]==7.6.0
+attrs==24.3.0
+certifi==2024.12.14
+charset-normalizer==3.4.1
+coverage[toml]==7.6.1
 exceptiongroup==1.2.2
 gevent==24.2.1
-greenlet==3.0.3
-gunicorn==22.0.0
+greenlet==3.1.1
+gunicorn==23.0.0
 hypothesis==6.45.0
-idna==3.7
-importlib-metadata==8.2.0
+idna==3.10
+importlib-metadata==8.5.0
 iniconfig==2.0.0
 mock==5.1.0
 opentracing==2.4.0
-packaging==24.1
+packaging==24.2
 pluggy==1.5.0
-pytest==8.3.1
+pytest==8.3.4
 pytest-cov==5.0.0
 pytest-mock==3.14.0
 pytest-randomly==3.15.0
 requests==2.32.3
 sortedcontainers==2.4.0
-tomli==2.0.1
-urllib3==2.2.2
-zipp==3.19.2
+tomli==2.2.1
+urllib3==2.2.3
+zipp==3.20.2
 zope-event==5.0
-zope-interface==6.4.post2
+zope-interface==7.2
 
 # The following packages are considered to be unsafe in a requirements file:
-setuptools==71.1.0
+setuptools==75.3.0
diff --git a/.riot/requirements/1e1ea62.txt b/.riot/requirements/1e1ea62.txt
index b3150829b3b..950084f9d03 100644
--- a/.riot/requirements/1e1ea62.txt
+++ b/.riot/requirements/1e1ea62.txt
@@ -2,23 +2,23 @@
 # This file is autogenerated by pip-compile with Python 3.12
 # by the following command:
 #
-#    pip-compile --no-annotate .riot/requirements/1e1ea62.in
+#    pip-compile --allow-unsafe --no-annotate .riot/requirements/1e1ea62.in
 #
-attrs==23.2.0
-certifi==2024.7.4
+attrs==24.3.0
+certifi==2024.12.14
 charset-normalizer==2.1.1
-click==8.1.7
-coverage[toml]==7.6.0
-deprecated==1.2.14
+click==8.1.8
+coverage[toml]==7.6.10
+deprecated==1.2.15
 flask==2.1.3
-gevent==24.2.1
-greenlet==3.0.3
+gevent==24.11.1
+greenlet==3.1.1
 hypothesis==6.45.0
-idna==3.7
-importlib-metadata==8.2.0
+idna==3.10
+importlib-metadata==8.5.0
 iniconfig==2.0.0
 itsdangerous==2.2.0
-jinja2==3.1.4
+jinja2==3.1.5
 markupsafe==2.0.1
 mock==5.1.0
 opentelemetry-api==1.15.0
@@ -28,21 +28,21 @@ opentelemetry-instrumentation-wsgi==0.45b0
 opentelemetry-semantic-conventions==0.45b0
 opentelemetry-util-http==0.45b0
 opentracing==2.4.0
-packaging==24.1
+packaging==24.2
 pluggy==1.5.0
-pytest==8.3.2
+pytest==8.3.4
 pytest-asyncio==0.21.1
-pytest-cov==5.0.0
+pytest-cov==6.0.0
 pytest-mock==3.14.0
-pytest-randomly==3.15.0
+pytest-randomly==3.16.0
 requests==2.28.1
 sortedcontainers==2.4.0
-urllib3==1.26.19
+urllib3==1.26.20
 werkzeug==2.1.2
-wrapt==1.16.0
-zipp==3.19.2
+wrapt==1.17.0
+zipp==3.21.0
 zope-event==5.0
-zope-interface==6.4.post2
+zope-interface==7.2
 
 # The following packages are considered to be unsafe in a requirements file:
-# setuptools
+setuptools==75.7.0
diff --git a/.riot/requirements/1ef2187.txt b/.riot/requirements/1ef2187.txt
index b430f5158b2..02ccf9724c2 100644
--- a/.riot/requirements/1ef2187.txt
+++ b/.riot/requirements/1ef2187.txt
@@ -4,8 +4,8 @@
 #
 #    pip-compile --allow-unsafe --no-annotate .riot/requirements/1ef2187.in
 #
-attrs==24.2.0
-coverage[toml]==7.6.4
+attrs==24.3.0
+coverage[toml]==7.6.10
 exceptiongroup==1.2.2
 gevent==24.11.1
 greenlet==3.1.1
@@ -15,14 +15,14 @@ mock==5.1.0
 opentracing==2.4.0
 packaging==24.2
 pluggy==1.5.0
-pytest==8.3.3
+pytest==8.3.4
 pytest-cov==6.0.0
 pytest-mock==3.14.0
 pytest-randomly==3.16.0
 sortedcontainers==2.4.0
-tomli==2.0.2
+tomli==2.2.1
 zope-event==5.0
-zope-interface==7.1.1
+zope-interface==7.2
 
 # The following packages are considered to be unsafe in a requirements file:
-setuptools==75.3.0
+setuptools==75.7.0
diff --git a/.riot/requirements/1d3001d.txt b/.riot/requirements/1f06d17.txt
similarity index 60%
rename from .riot/requirements/1d3001d.txt
rename to .riot/requirements/1f06d17.txt
index 92cb90787bc..b22a36b05b9 100644
--- a/.riot/requirements/1d3001d.txt
+++ b/.riot/requirements/1f06d17.txt
@@ -2,23 +2,24 @@
 # This file is autogenerated by pip-compile with Python 3.11
 # by the following command:
 #
-#    pip-compile --allow-unsafe --no-annotate .riot/requirements/1d3001d.in
+#    pip-compile --allow-unsafe --no-annotate .riot/requirements/1f06d17.in
 #
 arrow==1.3.0
 asgiref==3.8.1
-attrs==24.2.0
+attrs==24.3.0
 autobahn==24.4.2
 automat==24.8.1
+bcrypt==4.2.1
 blessed==1.20.0
-certifi==2024.8.30
-cffi==1.17.0
-channels==4.1.0
-charset-normalizer==3.3.2
+certifi==2024.12.14
+cffi==1.17.1
+channels==4.2.0
+charset-normalizer==3.4.0
 constantly==23.10.4
-coverage[toml]==7.6.1
-cryptography==43.0.0
+coverage[toml]==7.6.9
+cryptography==44.0.0
 daphne==4.1.2
-django==4.2.15
+django==4.2.17
 django-configurations==2.5.1
 django-picklefield==3.2
 django-pylibmc==0.6.1
@@ -26,48 +27,48 @@ django-q==1.3.6
 django-redis==4.5.0
 hyperlink==21.0.0
 hypothesis==6.45.0
-idna==3.8
+idna==3.10
 incremental==24.7.2
 iniconfig==2.0.0
-isodate==0.6.1
+isodate==0.7.2
 lxml==5.3.0
 mock==5.1.0
 opentracing==2.4.0
-packaging==24.1
-platformdirs==4.2.2
+packaging==24.2
+platformdirs==4.3.6
 pluggy==1.5.0
-psycopg==3.2.1
-psycopg2-binary==2.9.9
-pyasn1==0.6.0
-pyasn1-modules==0.4.0
+psycopg==3.2.3
+psycopg2-binary==2.9.10
+pyasn1==0.6.1
+pyasn1-modules==0.4.1
 pycparser==2.22
 pylibmc==1.6.3
-pyopenssl==24.2.1
-pytest==8.3.2
-pytest-cov==5.0.0
+pyopenssl==24.3.0
+pytest==8.3.4
+pytest-cov==6.0.0
 pytest-django[testing]==3.10.0
 pytest-mock==3.14.0
-pytest-randomly==3.15.0
+pytest-randomly==3.16.0
 python-dateutil==2.9.0.post0
 python-memcached==1.62
-pytz==2024.1
+pytz==2024.2
 redis==2.10.6
 requests==2.32.3
 requests-file==2.1.0
 requests-toolbelt==1.0.0
-service-identity==24.1.0
-six==1.16.0
+service-identity==24.2.0
+six==1.17.0
 sortedcontainers==2.4.0
 spyne==2.14.0
-sqlparse==0.5.1
-twisted[tls]==24.7.0
+sqlparse==0.5.3
+twisted[tls]==24.11.0
 txaio==23.1.1
-types-python-dateutil==2.9.0.20240821
+types-python-dateutil==2.9.0.20241206
 typing-extensions==4.12.2
-urllib3==2.2.2
+urllib3==2.2.3
 wcwidth==0.2.13
-zeep==4.2.1
-zope-interface==7.0.3
+zeep==4.3.1
+zope-interface==7.2
 
 # The following packages are considered to be unsafe in a requirements file:
-setuptools==74.0.0
+setuptools==75.6.0
diff --git a/.riot/requirements/1f8ac1c.txt b/.riot/requirements/1f8ac1c.txt
index 6038da8e391..4bbe51235ae 100644
--- a/.riot/requirements/1f8ac1c.txt
+++ b/.riot/requirements/1f8ac1c.txt
@@ -4,47 +4,47 @@
 #
 #    pip-compile --allow-unsafe --no-annotate .riot/requirements/1f8ac1c.in
 #
-amqp==5.2.0
-attrs==24.2.0
-billiard==4.2.0
+amqp==5.3.1
+attrs==24.3.0
+billiard==4.2.1
 celery==5.4.0
-certifi==2024.8.30
-charset-normalizer==3.3.2
-click==8.1.7
+certifi==2024.12.14
+charset-normalizer==3.4.1
+click==8.1.8
 click-didyoumean==0.3.1
 click-plugins==1.1.1
 click-repl==0.3.0
-coverage[toml]==7.6.1
+coverage[toml]==7.6.10
 django==2.2.1
-gevent==24.2.1
-greenlet==3.0.3
+gevent==24.11.1
+greenlet==3.1.1
 hypothesis==6.45.0
-idna==3.8
+idna==3.10
 iniconfig==2.0.0
-kombu==5.4.0
+kombu==5.4.2
 mock==5.1.0
 opentracing==2.4.0
-packaging==24.1
+packaging==24.2
 pluggy==1.5.0
-prompt-toolkit==3.0.47
-pytest==8.3.2
-pytest-cov==5.0.0
+prompt-toolkit==3.0.48
+pytest==8.3.4
+pytest-cov==6.0.0
 pytest-mock==3.14.0
-pytest-randomly==3.15.0
+pytest-randomly==3.16.0
 python-dateutil==2.9.0.post0
-pytz==2024.1
+pytz==2024.2
 requests==2.32.3
-six==1.16.0
+six==1.17.0
 sortedcontainers==2.4.0
 sqlalchemy==1.2.19
-sqlparse==0.5.1
+sqlparse==0.5.3
 typing-extensions==4.12.2
-tzdata==2024.1
-urllib3==2.2.2
+tzdata==2024.2
+urllib3==2.3.0
 vine==5.1.0
 wcwidth==0.2.13
 zope-event==5.0
-zope-interface==7.0.3
+zope-interface==7.2
 
 # The following packages are considered to be unsafe in a requirements file:
-setuptools==74.0.0
+setuptools==75.7.0
diff --git a/.riot/requirements/1fbf1f2.txt b/.riot/requirements/1fbf1f2.txt
index b2acee3ce55..a7b38184134 100644
--- a/.riot/requirements/1fbf1f2.txt
+++ b/.riot/requirements/1fbf1f2.txt
@@ -2,19 +2,19 @@
 # This file is autogenerated by pip-compile with Python 3.11
 # by the following command:
 #
-#    pip-compile --no-annotate .riot/requirements/1fbf1f2.in
+#    pip-compile --allow-unsafe --no-annotate .riot/requirements/1fbf1f2.in
 #
 asgiref==3.8.1
-attrs==23.2.0
-certifi==2024.7.4
+attrs==24.3.0
+certifi==2024.12.14
 charset-normalizer==2.1.1
 click==7.1.2
-coverage[toml]==7.6.0
+coverage[toml]==7.6.10
 flask==1.1.4
-gevent==24.2.1
-greenlet==3.0.3
+gevent==24.11.1
+greenlet==3.1.1
 hypothesis==6.45.0
-idna==3.7
+idna==3.10
 iniconfig==2.0.0
 itsdangerous==1.1.0
 jinja2==2.11.3
@@ -26,20 +26,20 @@ opentelemetry-instrumentation-flask==0.19b0
 opentelemetry-instrumentation-wsgi==0.19b0
 opentelemetry-util-http==0.19b0
 opentracing==2.4.0
-packaging==24.1
+packaging==24.2
 pluggy==1.5.0
-pytest==8.3.2
+pytest==8.3.4
 pytest-asyncio==0.21.1
-pytest-cov==5.0.0
+pytest-cov==6.0.0
 pytest-mock==3.14.0
-pytest-randomly==3.15.0
+pytest-randomly==3.16.0
 requests==2.28.1
 sortedcontainers==2.4.0
-urllib3==1.26.19
+urllib3==1.26.20
 werkzeug==1.0.1
-wrapt==1.16.0
+wrapt==1.17.0
 zope-event==5.0
-zope-interface==6.4.post2
+zope-interface==7.2
 
 # The following packages are considered to be unsafe in a requirements file:
-# setuptools
+setuptools==75.7.0
diff --git a/.riot/requirements/1fe881e.txt b/.riot/requirements/1fe881e.txt
index 5c187ea3c82..9cc5d6b64c4 100644
--- a/.riot/requirements/1fe881e.txt
+++ b/.riot/requirements/1fe881e.txt
@@ -4,23 +4,23 @@
 #
 #    pip-compile --allow-unsafe --no-annotate .riot/requirements/1fe881e.in
 #
-attrs==23.2.0
-coverage[toml]==7.6.0
-gevent==24.2.1
-greenlet==3.0.3
+attrs==24.3.0
+coverage[toml]==7.6.10
+gevent==24.11.1
+greenlet==3.1.1
 hypothesis==6.45.0
 iniconfig==2.0.0
 mock==5.1.0
 opentracing==2.4.0
-packaging==24.1
+packaging==24.2
 pluggy==1.5.0
-pytest==8.3.1
-pytest-cov==5.0.0
+pytest==8.3.4
+pytest-cov==6.0.0
 pytest-mock==3.14.0
-pytest-randomly==3.15.0
+pytest-randomly==3.16.0
 sortedcontainers==2.4.0
 zope-event==5.0
-zope-interface==6.4.post2
+zope-interface==7.2
 
 # The following packages are considered to be unsafe in a requirements file:
-setuptools==71.1.0
+setuptools==75.7.0
diff --git a/.riot/requirements/1fefc1d.txt b/.riot/requirements/1fefc1d.txt
index 47d4260b2b5..9d32c7b902d 100644
--- a/.riot/requirements/1fefc1d.txt
+++ b/.riot/requirements/1fefc1d.txt
@@ -4,30 +4,30 @@
 #
 #    pip-compile --allow-unsafe --no-annotate .riot/requirements/1fefc1d.in
 #
-attrs==23.2.0
-coverage[toml]==7.6.0
+attrs==24.3.0
+coverage[toml]==7.6.10
 exceptiongroup==1.2.2
-gevent==24.2.1
-greenlet==3.0.3
-gunicorn[gevent]==22.0.0
+gevent==24.11.1
+greenlet==3.1.1
+gunicorn[gevent]==23.0.0
 hypothesis==6.45.0
 iniconfig==2.0.0
 mock==5.1.0
 opentracing==2.4.0
-packaging==24.1
+packaging==24.2
 pluggy==1.5.0
 py-cpuinfo==8.0.0
-pytest==8.3.1
+pytest==8.3.4
 pytest-asyncio==0.21.1
-pytest-benchmark==4.0.0
-pytest-cov==5.0.0
+pytest-benchmark==5.1.0
+pytest-cov==6.0.0
 pytest-mock==3.14.0
-pytest-randomly==3.15.0
+pytest-randomly==3.16.0
 sortedcontainers==2.4.0
-tomli==2.0.1
-uwsgi==2.0.26
+tomli==2.2.1
+uwsgi==2.0.28
 zope-event==5.0
-zope-interface==6.4.post2
+zope-interface==7.2
 
 # The following packages are considered to be unsafe in a requirements file:
-setuptools==71.1.0
+setuptools==75.7.0
diff --git a/.riot/requirements/26ee64c.txt b/.riot/requirements/26ee64c.txt
index 02f82b9fee8..f1a65526c25 100644
--- a/.riot/requirements/26ee64c.txt
+++ b/.riot/requirements/26ee64c.txt
@@ -4,14 +4,14 @@
 #
 #    pip-compile --allow-unsafe --no-annotate .riot/requirements/26ee64c.in
 #
-amqp==5.2.0
-attrs==24.2.0
+amqp==5.3.1
+attrs==24.3.0
 backports-zoneinfo[tzdata]==0.2.1
-billiard==4.2.0
+billiard==4.2.1
 celery==5.4.0
-certifi==2024.8.30
-charset-normalizer==3.3.2
-click==8.1.7
+certifi==2024.12.14
+charset-normalizer==3.4.1
+click==8.1.8
 click-didyoumean==0.3.1
 click-plugins==1.1.1
 click-repl==0.3.0
@@ -19,37 +19,37 @@ coverage[toml]==7.6.1
 django==2.2.1
 exceptiongroup==1.2.2
 gevent==24.2.1
-greenlet==3.0.3
+greenlet==3.1.1
 hypothesis==6.45.0
-idna==3.8
-importlib-metadata==8.4.0
+idna==3.10
+importlib-metadata==8.5.0
 iniconfig==2.0.0
-kombu==5.4.0
+kombu==5.4.2
 mock==5.1.0
 opentracing==2.4.0
-packaging==24.1
+packaging==24.2
 pluggy==1.5.0
-prompt-toolkit==3.0.47
-pytest==8.3.2
+prompt-toolkit==3.0.48
+pytest==8.3.4
 pytest-cov==5.0.0
 pytest-mock==3.14.0
 pytest-randomly==3.15.0
 python-dateutil==2.9.0.post0
-pytz==2024.1
+pytz==2024.2
 requests==2.32.3
-six==1.16.0
+six==1.17.0
 sortedcontainers==2.4.0
 sqlalchemy==1.2.19
-sqlparse==0.5.1
-tomli==2.0.1
+sqlparse==0.5.3
+tomli==2.2.1
 typing-extensions==4.12.2
-tzdata==2024.1
-urllib3==2.2.2
+tzdata==2024.2
+urllib3==2.2.3
 vine==5.1.0
 wcwidth==0.2.13
-zipp==3.20.1
+zipp==3.20.2
 zope-event==5.0
-zope-interface==7.0.3
+zope-interface==7.2
 
 # The following packages are considered to be unsafe in a requirements file:
-setuptools==74.0.0
+setuptools==75.3.0
diff --git a/.riot/requirements/2d19e52.txt b/.riot/requirements/2d19e52.txt
deleted file mode 100644
index 0f538889725..00000000000
--- a/.riot/requirements/2d19e52.txt
+++ /dev/null
@@ -1,32 +0,0 @@
-#
-# This file is autogenerated by pip-compile with Python 3.7
-# by the following command:
-#
-#    pip-compile --allow-unsafe --config=pyproject.toml --no-annotate --resolver=backtracking .riot/requirements/2d19e52.in
-#
-attrs==23.2.0
-coverage[toml]==7.2.7
-exceptiongroup==1.2.2
-gevent==22.10.2
-greenlet==3.0.3
-hypothesis==6.45.0
-importlib-metadata==6.7.0
-iniconfig==2.0.0
-mock==5.1.0
-msgpack==1.0.5
-opentracing==2.4.0
-packaging==24.0
-pluggy==1.2.0
-pytest==7.4.4
-pytest-cov==4.1.0
-pytest-mock==3.11.1
-pytest-randomly==3.12.0
-sortedcontainers==2.4.0
-tomli==2.0.1
-typing-extensions==4.7.1
-zipp==3.15.0
-zope-event==5.0
-zope-interface==6.4.post2
-
-# The following packages are considered to be unsafe in a requirements file:
-setuptools==68.0.0
diff --git a/.riot/requirements/2e36381.txt b/.riot/requirements/2e36381.txt
index 8629f1a5892..f4a2aa986fc 100644
--- a/.riot/requirements/2e36381.txt
+++ b/.riot/requirements/2e36381.txt
@@ -4,9 +4,9 @@
 #
 #    pip-compile --allow-unsafe --no-annotate .riot/requirements/2e36381.in
 #
-attrs==24.2.0
-coverage[toml]==7.6.3
-gevent==24.10.2
+attrs==24.3.0
+coverage[toml]==7.6.10
+gevent==24.11.1
 greenlet==3.1.1
 gunicorn[gevent]==23.0.0
 hypothesis==6.45.0
@@ -14,20 +14,20 @@ iniconfig==2.0.0
 lz4==4.3.3
 mock==5.1.0
 opentracing==2.4.0
-packaging==24.1
+packaging==24.2
 pluggy==1.5.0
 py-cpuinfo==8.0.0
-pytest==8.3.3
+pytest==8.3.4
 pytest-asyncio==0.21.1
-pytest-benchmark==4.0.0
-pytest-cov==5.0.0
+pytest-benchmark==5.1.0
+pytest-cov==6.0.0
 pytest-cpp==2.6.0
 pytest-mock==3.14.0
-pytest-randomly==3.15.0
+pytest-randomly==3.16.0
 sortedcontainers==2.4.0
-uwsgi==2.0.27
+uwsgi==2.0.28
 zope-event==5.0
-zope-interface==7.1.0
+zope-interface==7.2
 
 # The following packages are considered to be unsafe in a requirements file:
-setuptools==75.2.0
+setuptools==75.7.0
diff --git a/.riot/requirements/401d7e2.txt b/.riot/requirements/401d7e2.txt
index bee88652365..61768550da7 100644
--- a/.riot/requirements/401d7e2.txt
+++ b/.riot/requirements/401d7e2.txt
@@ -4,29 +4,29 @@
 #
 #    pip-compile --allow-unsafe --no-annotate .riot/requirements/401d7e2.in
 #
-attrs==23.2.0
-certifi==2024.7.4
-charset-normalizer==3.3.2
-coverage[toml]==7.6.0
-gevent==24.2.1
-greenlet==3.0.3
+attrs==24.3.0
+certifi==2024.12.14
+charset-normalizer==3.4.1
+coverage[toml]==7.6.10
+gevent==24.11.1
+greenlet==3.1.1
 gunicorn==20.0.4
 hypothesis==6.45.0
-idna==3.7
+idna==3.10
 iniconfig==2.0.0
 mock==5.1.0
 opentracing==2.4.0
-packaging==24.1
+packaging==24.2
 pluggy==1.5.0
-pytest==8.3.1
-pytest-cov==5.0.0
+pytest==8.3.4
+pytest-cov==6.0.0
 pytest-mock==3.14.0
-pytest-randomly==3.15.0
+pytest-randomly==3.16.0
 requests==2.32.3
 sortedcontainers==2.4.0
-urllib3==2.2.2
+urllib3==2.3.0
 zope-event==5.0
-zope-interface==6.4.post2
+zope-interface==7.2
 
 # The following packages are considered to be unsafe in a requirements file:
-setuptools==71.1.0
+setuptools==75.7.0
diff --git a/.riot/requirements/4132bce.txt b/.riot/requirements/4132bce.txt
index b27023913a3..e9c28c4280c 100644
--- a/.riot/requirements/4132bce.txt
+++ b/.riot/requirements/4132bce.txt
@@ -2,10 +2,10 @@
 # This file is autogenerated by pip-compile with Python 3.12
 # by the following command:
 #
-#    pip-compile --no-annotate .riot/requirements/4132bce.in
+#    pip-compile --allow-unsafe --no-annotate .riot/requirements/4132bce.in
 #
-attrs==24.2.0
-coverage[toml]==7.6.9
+attrs==24.3.0
+coverage[toml]==7.6.10
 gevent==23.9.1
 greenlet==3.1.1
 hypothesis==6.45.0
@@ -23,4 +23,4 @@ zope-event==5.0
 zope-interface==7.2
 
 # The following packages are considered to be unsafe in a requirements file:
-# setuptools
+setuptools==75.7.0
diff --git a/.riot/requirements/4211915.txt b/.riot/requirements/4211915.txt
index 74a4e1c120e..b9365d94058 100644
--- a/.riot/requirements/4211915.txt
+++ b/.riot/requirements/4211915.txt
@@ -5,22 +5,22 @@
 #    pip-compile --allow-unsafe --no-annotate .riot/requirements/4211915.in
 #
 aiobotocore==2.3.1
-aiohappyeyeballs==2.4.3
-aiohttp==3.10.10
+aiohappyeyeballs==2.4.4
+aiohttp==3.11.11
 aioitertools==0.12.0
-aiosignal==1.3.1
-async-timeout==4.0.3
-attrs==24.2.0
+aiosignal==1.3.2
+async-timeout==5.0.1
+attrs==24.3.0
 botocore==1.24.21
-certifi==2024.8.30
-charset-normalizer==3.4.0
-coverage[toml]==7.6.4
+certifi==2024.12.14
+charset-normalizer==3.4.1
+coverage[toml]==7.6.10
 elastic-transport==8.15.1
-elasticsearch==8.15.1
+elasticsearch==8.17.0
 events==0.5
 exceptiongroup==1.2.2
 frozenlist==1.5.0
-gevent==24.10.3
+gevent==24.11.1
 greenlet==3.1.1
 hypothesis==6.45.0
 idna==3.10
@@ -28,27 +28,27 @@ iniconfig==2.0.0
 jmespath==1.0.1
 mock==5.1.0
 multidict==6.1.0
-opensearch-py==2.7.1
+opensearch-py==2.8.0
 opentracing==2.4.0
-packaging==24.1
+packaging==24.2
 pluggy==1.5.0
-propcache==0.2.0
+propcache==0.2.1
 pynamodb==5.5.1
-pytest==8.3.3
-pytest-cov==5.0.0
+pytest==8.3.4
+pytest-cov==6.0.0
 pytest-mock==3.14.0
 pytest-randomly==3.16.0
 python-dateutil==2.9.0.post0
 requests==2.32.3
-six==1.16.0
+six==1.17.0
 sortedcontainers==2.4.0
-tomli==2.0.2
+tomli==2.2.1
 typing-extensions==4.12.2
 urllib3==1.26.20
-wrapt==1.16.0
-yarl==1.16.0
+wrapt==1.17.0
+yarl==1.18.3
 zope-event==5.0
-zope-interface==7.1.1
+zope-interface==7.2
 
 # The following packages are considered to be unsafe in a requirements file:
-setuptools==75.2.0
+setuptools==75.7.0
diff --git a/.riot/requirements/11065bb.txt b/.riot/requirements/4de03a5.txt
similarity index 64%
rename from .riot/requirements/11065bb.txt
rename to .riot/requirements/4de03a5.txt
index d93c2d7bd31..5f1cc3a70e4 100644
--- a/.riot/requirements/11065bb.txt
+++ b/.riot/requirements/4de03a5.txt
@@ -2,24 +2,25 @@
 # This file is autogenerated by pip-compile with Python 3.8
 # by the following command:
 #
-#    pip-compile --allow-unsafe --no-annotate .riot/requirements/11065bb.in
+#    pip-compile --allow-unsafe --no-annotate .riot/requirements/4de03a5.in
 #
 arrow==1.3.0
 asgiref==3.8.1
-attrs==24.2.0
+attrs==24.3.0
 autobahn==23.1.2
 automat==24.8.1
 backports-zoneinfo==0.2.1
+bcrypt==4.2.1
 blessed==1.20.0
-certifi==2024.8.30
-cffi==1.17.0
-channels==4.1.0
-charset-normalizer==3.3.2
+certifi==2024.12.14
+cffi==1.17.1
+channels==4.2.0
+charset-normalizer==3.4.0
 constantly==23.10.4
 coverage[toml]==7.6.1
-cryptography==43.0.0
+cryptography==44.0.0
 daphne==4.1.2
-django==4.2.15
+django==4.2.17
 django-configurations==2.5.1
 django-picklefield==3.2
 django-pylibmc==0.6.1
@@ -28,51 +29,50 @@ django-redis==4.5.0
 exceptiongroup==1.2.2
 hyperlink==21.0.0
 hypothesis==6.45.0
-idna==3.8
-importlib-metadata==8.4.0
+idna==3.10
+importlib-metadata==8.5.0
 incremental==24.7.2
 iniconfig==2.0.0
-isodate==0.6.1
+isodate==0.7.2
 lxml==5.3.0
 mock==5.1.0
 opentracing==2.4.0
-packaging==24.1
-platformdirs==4.2.2
+packaging==24.2
+platformdirs==4.3.6
 pluggy==1.5.0
-psycopg==3.2.1
-psycopg2-binary==2.9.9
-pyasn1==0.6.0
-pyasn1-modules==0.4.0
+psycopg2-binary==2.9.10
+pyasn1==0.6.1
+pyasn1-modules==0.4.1
 pycparser==2.22
 pylibmc==1.6.3
-pyopenssl==24.2.1
-pytest==8.3.2
+pyopenssl==24.3.0
+pytest==8.3.4
 pytest-cov==5.0.0
 pytest-django[testing]==3.10.0
 pytest-mock==3.14.0
 pytest-randomly==3.15.0
 python-dateutil==2.9.0.post0
 python-memcached==1.62
-pytz==2024.1
+pytz==2024.2
 redis==2.10.6
 requests==2.32.3
 requests-file==2.1.0
 requests-toolbelt==1.0.0
-service-identity==24.1.0
-six==1.16.0
+service-identity==24.2.0
+six==1.17.0
 sortedcontainers==2.4.0
 spyne==2.14.0
-sqlparse==0.5.1
-tomli==2.0.1
-twisted[tls]==24.7.0
+sqlparse==0.5.3
+tomli==2.2.1
+twisted[tls]==24.11.0
 txaio==23.1.1
-types-python-dateutil==2.9.0.20240821
+types-python-dateutil==2.9.0.20241206
 typing-extensions==4.12.2
-urllib3==2.2.2
+urllib3==2.2.3
 wcwidth==0.2.13
-zeep==4.2.1
-zipp==3.20.1
-zope-interface==7.0.3
+zeep==4.3.1
+zipp==3.20.2
+zope-interface==7.2
 
 # The following packages are considered to be unsafe in a requirements file:
-setuptools==74.0.0
+setuptools==75.3.0
diff --git a/.riot/requirements/4e87dd9.txt b/.riot/requirements/4e87dd9.txt
index ec01ebe5392..8326ebf2d8b 100644
--- a/.riot/requirements/4e87dd9.txt
+++ b/.riot/requirements/4e87dd9.txt
@@ -4,29 +4,29 @@
 #
 #    pip-compile --allow-unsafe --no-annotate .riot/requirements/4e87dd9.in
 #
-attrs==23.2.0
-coverage[toml]==7.6.0
+attrs==24.3.0
+coverage[toml]==7.6.10
 exceptiongroup==1.2.2
-gevent==24.2.1
-greenlet==3.0.3
+gevent==24.11.1
+greenlet==3.1.1
 httpretty==1.1.4
 hypothesis==6.45.0
 iniconfig==2.0.0
 mock==5.1.0
 opentracing==2.4.0
-packaging==24.1
+packaging==24.2
 pluggy==1.5.0
-pyfakefs==5.6.0
-pytest==8.3.1
+pyfakefs==5.7.3
+pytest==8.3.4
 pytest-asyncio==0.23.8
-pytest-cov==5.0.0
+pytest-cov==6.0.0
 pytest-mock==3.14.0
-pytest-randomly==3.15.0
+pytest-randomly==3.16.0
 python-json-logger==2.0.7
 sortedcontainers==2.4.0
-tomli==2.0.1
+tomli==2.2.1
 zope-event==5.0
-zope-interface==6.4.post2
+zope-interface==7.2
 
 # The following packages are considered to be unsafe in a requirements file:
-setuptools==71.1.0
+setuptools==75.7.0
diff --git a/.riot/requirements/512bff3.txt b/.riot/requirements/512bff3.txt
index 044d35664f9..a6997b2c866 100644
--- a/.riot/requirements/512bff3.txt
+++ b/.riot/requirements/512bff3.txt
@@ -5,18 +5,18 @@
 #    pip-compile --allow-unsafe --no-annotate .riot/requirements/512bff3.in
 #
 aiobotocore==2.3.1
-aiohappyeyeballs==2.4.3
-aiohttp==3.10.10
+aiohappyeyeballs==2.4.4
+aiohttp==3.11.11
 aioitertools==0.12.0
-aiosignal==1.3.1
-async-timeout==4.0.3
-attrs==24.2.0
+aiosignal==1.3.2
+async-timeout==5.0.1
+attrs==24.3.0
 botocore==1.24.21
-certifi==2024.8.30
-charset-normalizer==3.4.0
-coverage[toml]==7.6.4
+certifi==2024.12.14
+charset-normalizer==3.4.1
+coverage[toml]==7.6.10
 elastic-transport==8.15.1
-elasticsearch==8.15.1
+elasticsearch==8.17.0
 events==0.5
 exceptiongroup==1.2.2
 frozenlist==1.5.0
@@ -29,28 +29,28 @@ iniconfig==2.0.0
 jmespath==1.0.1
 mock==5.1.0
 multidict==6.1.0
-opensearch-py==2.7.1
+opensearch-py==2.8.0
 opentracing==2.4.0
-packaging==24.1
+packaging==24.2
 pluggy==1.5.0
-propcache==0.2.0
+propcache==0.2.1
 pynamodb==5.5.1
-pytest==8.3.3
-pytest-cov==5.0.0
+pytest==8.3.4
+pytest-cov==6.0.0
 pytest-mock==3.14.0
 pytest-randomly==3.16.0
 python-dateutil==2.9.0.post0
 requests==2.32.3
-six==1.16.0
+six==1.17.0
 sortedcontainers==2.4.0
-tomli==2.0.2
+tomli==2.2.1
 typing-extensions==4.12.2
 urllib3==1.26.20
-wrapt==1.16.0
-yarl==1.16.0
-zipp==3.20.2
+wrapt==1.17.0
+yarl==1.18.3
+zipp==3.21.0
 zope-event==5.0
-zope-interface==7.1.1
+zope-interface==7.2
 
 # The following packages are considered to be unsafe in a requirements file:
-setuptools==75.2.0
+setuptools==75.7.0
diff --git a/.riot/requirements/51f5382.txt b/.riot/requirements/51f5382.txt
index b483c0f1fb2..ad560a48a54 100644
--- a/.riot/requirements/51f5382.txt
+++ b/.riot/requirements/51f5382.txt
@@ -5,20 +5,20 @@
 #    pip-compile --allow-unsafe --no-annotate .riot/requirements/51f5382.in
 #
 aiobotocore==2.3.1
-aiohappyeyeballs==2.4.3
-aiohttp==3.10.10
+aiohappyeyeballs==2.4.4
+aiohttp==3.11.11
 aioitertools==0.12.0
-aiosignal==1.3.1
-attrs==24.2.0
+aiosignal==1.3.2
+attrs==24.3.0
 botocore==1.24.21
-certifi==2024.8.30
-charset-normalizer==3.4.0
-coverage[toml]==7.6.4
+certifi==2024.12.14
+charset-normalizer==3.4.1
+coverage[toml]==7.6.10
 elastic-transport==8.15.1
-elasticsearch==8.15.1
+elasticsearch==8.17.0
 events==0.5
 frozenlist==1.5.0
-gevent==24.10.3
+gevent==24.11.1
 greenlet==3.1.1
 hypothesis==6.45.0
 idna==3.10
@@ -26,25 +26,25 @@ iniconfig==2.0.0
 jmespath==1.0.1
 mock==5.1.0
 multidict==6.1.0
-opensearch-py==2.7.1
+opensearch-py==2.8.0
 opentracing==2.4.0
-packaging==24.1
+packaging==24.2
 pluggy==1.5.0
-propcache==0.2.0
+propcache==0.2.1
 pynamodb==5.5.1
-pytest==8.3.3
-pytest-cov==5.0.0
+pytest==8.3.4
+pytest-cov==6.0.0
 pytest-mock==3.14.0
 pytest-randomly==3.16.0
 python-dateutil==2.9.0.post0
 requests==2.32.3
-six==1.16.0
+six==1.17.0
 sortedcontainers==2.4.0
 urllib3==1.26.20
-wrapt==1.16.0
-yarl==1.16.0
+wrapt==1.17.0
+yarl==1.18.3
 zope-event==5.0
-zope-interface==7.1.1
+zope-interface==7.2
 
 # The following packages are considered to be unsafe in a requirements file:
-setuptools==75.2.0
+setuptools==75.7.0
diff --git a/.riot/requirements/cbc433f.txt b/.riot/requirements/556d901.txt
similarity index 60%
rename from .riot/requirements/cbc433f.txt
rename to .riot/requirements/556d901.txt
index 8dfa49d4a04..7c70525020c 100644
--- a/.riot/requirements/cbc433f.txt
+++ b/.riot/requirements/556d901.txt
@@ -2,23 +2,24 @@
 # This file is autogenerated by pip-compile with Python 3.10
 # by the following command:
 #
-#    pip-compile --allow-unsafe --no-annotate .riot/requirements/cbc433f.in
+#    pip-compile --allow-unsafe --no-annotate .riot/requirements/556d901.in
 #
 arrow==1.3.0
 asgiref==3.8.1
-attrs==24.2.0
+attrs==24.3.0
 autobahn==24.4.2
 automat==24.8.1
+bcrypt==4.2.1
 blessed==1.20.0
-certifi==2024.8.30
-cffi==1.17.0
-channels==4.1.0
-charset-normalizer==3.3.2
+certifi==2024.12.14
+cffi==1.17.1
+channels==4.2.0
+charset-normalizer==3.4.0
 constantly==23.10.4
-coverage[toml]==7.6.1
-cryptography==43.0.0
+coverage[toml]==7.6.9
+cryptography==44.0.0
 daphne==4.1.2
-django==4.2.15
+django==4.2.17
 django-configurations==2.5.1
 django-picklefield==3.2
 django-pylibmc==0.6.1
@@ -27,49 +28,49 @@ django-redis==4.5.0
 exceptiongroup==1.2.2
 hyperlink==21.0.0
 hypothesis==6.45.0
-idna==3.8
+idna==3.10
 incremental==24.7.2
 iniconfig==2.0.0
-isodate==0.6.1
+isodate==0.7.2
 lxml==5.3.0
 mock==5.1.0
 opentracing==2.4.0
-packaging==24.1
-platformdirs==4.2.2
+packaging==24.2
+platformdirs==4.3.6
 pluggy==1.5.0
-psycopg==3.2.1
-psycopg2-binary==2.9.9
-pyasn1==0.6.0
-pyasn1-modules==0.4.0
+psycopg==3.2.3
+psycopg2-binary==2.9.10
+pyasn1==0.6.1
+pyasn1-modules==0.4.1
 pycparser==2.22
 pylibmc==1.6.3
-pyopenssl==24.2.1
-pytest==8.3.2
-pytest-cov==5.0.0
+pyopenssl==24.3.0
+pytest==8.3.4
+pytest-cov==6.0.0
 pytest-django[testing]==3.10.0
 pytest-mock==3.14.0
-pytest-randomly==3.15.0
+pytest-randomly==3.16.0
 python-dateutil==2.9.0.post0
 python-memcached==1.62
-pytz==2024.1
+pytz==2024.2
 redis==2.10.6
 requests==2.32.3
 requests-file==2.1.0
 requests-toolbelt==1.0.0
-service-identity==24.1.0
-six==1.16.0
+service-identity==24.2.0
+six==1.17.0
 sortedcontainers==2.4.0
 spyne==2.14.0
-sqlparse==0.5.1
-tomli==2.0.1
-twisted[tls]==24.7.0
+sqlparse==0.5.3
+tomli==2.2.1
+twisted[tls]==24.11.0
 txaio==23.1.1
-types-python-dateutil==2.9.0.20240821
+types-python-dateutil==2.9.0.20241206
 typing-extensions==4.12.2
-urllib3==2.2.2
+urllib3==2.2.3
 wcwidth==0.2.13
-zeep==4.2.1
-zope-interface==7.0.3
+zeep==4.3.1
+zope-interface==7.2
 
 # The following packages are considered to be unsafe in a requirements file:
-setuptools==74.0.0
+setuptools==75.6.0
diff --git a/.riot/requirements/5b922fc.txt b/.riot/requirements/5b922fc.txt
index ff7fa5e6ba6..a77a16b9d1c 100644
--- a/.riot/requirements/5b922fc.txt
+++ b/.riot/requirements/5b922fc.txt
@@ -5,13 +5,13 @@
 #    pip-compile --allow-unsafe --no-annotate .riot/requirements/5b922fc.in
 #
 asgiref==3.8.1
-attrs==24.2.0
-certifi==2024.8.30
+attrs==24.3.0
+certifi==2024.12.14
 charset-normalizer==2.1.1
 click==7.1.2
-coverage[toml]==7.6.1
+coverage[toml]==7.6.10
 flask==1.1.4
-gevent==24.2.1
+gevent==24.11.1
 greenlet==3.1.1
 hypothesis==6.45.0
 idna==3.10
@@ -26,20 +26,20 @@ opentelemetry-instrumentation-flask==0.19b0
 opentelemetry-instrumentation-wsgi==0.19b0
 opentelemetry-util-http==0.19b0
 opentracing==2.4.0
-packaging==24.1
+packaging==24.2
 pluggy==1.5.0
-pytest==8.3.3
+pytest==8.3.4
 pytest-asyncio==0.21.1
-pytest-cov==5.0.0
+pytest-cov==6.0.0
 pytest-mock==3.14.0
-pytest-randomly==3.15.0
+pytest-randomly==3.16.0
 requests==2.28.1
 sortedcontainers==2.4.0
 urllib3==1.26.20
 werkzeug==1.0.1
-wrapt==1.16.0
+wrapt==1.17.0
 zope-event==5.0
-zope-interface==7.0.3
+zope-interface==7.2
 
 # The following packages are considered to be unsafe in a requirements file:
-setuptools==75.1.0
+setuptools==75.7.0
diff --git a/.riot/requirements/5baaec1.txt b/.riot/requirements/5baaec1.txt
index c0c03de46f4..a76d1ffc9ed 100644
--- a/.riot/requirements/5baaec1.txt
+++ b/.riot/requirements/5baaec1.txt
@@ -4,31 +4,31 @@
 #
 #    pip-compile --allow-unsafe --no-annotate .riot/requirements/5baaec1.in
 #
-attrs==23.2.0
-coverage[toml]==7.6.0
+attrs==24.3.0
+coverage[toml]==7.6.10
 exceptiongroup==1.2.2
-gevent==24.2.1
-greenlet==3.0.3
+gevent==24.11.1
+greenlet==3.1.1
 httpretty==1.1.4
 hypothesis==6.45.0
-importlib-metadata==8.2.0
+importlib-metadata==8.5.0
 iniconfig==2.0.0
 mock==5.1.0
 opentracing==2.4.0
-packaging==24.1
+packaging==24.2
 pluggy==1.5.0
-pyfakefs==5.6.0
-pytest==8.3.1
+pyfakefs==5.7.3
+pytest==8.3.4
 pytest-asyncio==0.23.8
-pytest-cov==5.0.0
+pytest-cov==6.0.0
 pytest-mock==3.14.0
-pytest-randomly==3.15.0
+pytest-randomly==3.16.0
 python-json-logger==2.0.7
 sortedcontainers==2.4.0
-tomli==2.0.1
-zipp==3.19.2
+tomli==2.2.1
+zipp==3.21.0
 zope-event==5.0
-zope-interface==6.4.post2
+zope-interface==7.2
 
 # The following packages are considered to be unsafe in a requirements file:
-setuptools==71.1.0
+setuptools==75.7.0
diff --git a/.riot/requirements/5be696d.txt b/.riot/requirements/5be696d.txt
index 15994511d1e..7f38750f686 100644
--- a/.riot/requirements/5be696d.txt
+++ b/.riot/requirements/5be696d.txt
@@ -2,21 +2,21 @@
 # This file is autogenerated by pip-compile with Python 3.9
 # by the following command:
 #
-#    pip-compile --no-annotate .riot/requirements/5be696d.in
+#    pip-compile --allow-unsafe --no-annotate .riot/requirements/5be696d.in
 #
 asgiref==3.8.1
-attrs==23.2.0
-certifi==2024.7.4
+attrs==24.3.0
+certifi==2024.12.14
 charset-normalizer==2.1.1
 click==7.1.2
-coverage[toml]==7.6.0
+coverage[toml]==7.6.10
 exceptiongroup==1.2.2
 flask==1.1.4
-gevent==24.2.1
-greenlet==3.0.3
+gevent==24.11.1
+greenlet==3.1.1
 hypothesis==6.45.0
-idna==3.7
-importlib-metadata==8.2.0
+idna==3.10
+importlib-metadata==8.5.0
 iniconfig==2.0.0
 itsdangerous==1.1.0
 jinja2==2.11.3
@@ -28,23 +28,23 @@ opentelemetry-instrumentation-flask==0.19b0
 opentelemetry-instrumentation-wsgi==0.19b0
 opentelemetry-util-http==0.19b0
 opentracing==2.4.0
-packaging==24.1
+packaging==24.2
 pluggy==1.5.0
-pytest==8.3.2
+pytest==8.3.4
 pytest-asyncio==0.21.1
-pytest-cov==5.0.0
+pytest-cov==6.0.0
 pytest-mock==3.14.0
-pytest-randomly==3.15.0
+pytest-randomly==3.16.0
 requests==2.28.1
 sortedcontainers==2.4.0
-tomli==2.0.1
+tomli==2.2.1
 typing-extensions==4.12.2
-urllib3==1.26.19
+urllib3==1.26.20
 werkzeug==1.0.1
-wrapt==1.16.0
-zipp==3.19.2
+wrapt==1.17.0
+zipp==3.21.0
 zope-event==5.0
-zope-interface==6.4.post2
+zope-interface==7.2
 
 # The following packages are considered to be unsafe in a requirements file:
-# setuptools
+setuptools==75.7.0
diff --git a/.riot/requirements/5ddbef6.txt b/.riot/requirements/5ddbef6.txt
index 821ea4b50e8..5107ba9513e 100644
--- a/.riot/requirements/5ddbef6.txt
+++ b/.riot/requirements/5ddbef6.txt
@@ -4,29 +4,29 @@
 #
 #    pip-compile --allow-unsafe --no-annotate .riot/requirements/5ddbef6.in
 #
-attrs==23.2.0
-certifi==2024.7.4
-charset-normalizer==3.3.2
-coverage[toml]==7.6.0
-gevent==24.2.1
-greenlet==3.0.3
+attrs==24.3.0
+certifi==2024.12.14
+charset-normalizer==3.4.1
+coverage[toml]==7.6.10
+gevent==24.11.1
+greenlet==3.1.1
 gunicorn==20.0.4
 hypothesis==6.45.0
-idna==3.7
+idna==3.10
 iniconfig==2.0.0
 mock==5.1.0
 opentracing==2.4.0
-packaging==24.1
+packaging==24.2
 pluggy==1.5.0
-pytest==8.3.1
-pytest-cov==5.0.0
+pytest==8.3.4
+pytest-cov==6.0.0
 pytest-mock==3.14.0
-pytest-randomly==3.15.0
+pytest-randomly==3.16.0
 requests==2.32.3
 sortedcontainers==2.4.0
-urllib3==2.2.2
+urllib3==2.3.0
 zope-event==5.0
-zope-interface==6.4.post2
+zope-interface==7.2
 
 # The following packages are considered to be unsafe in a requirements file:
-setuptools==71.1.0
+setuptools==75.7.0
diff --git a/.riot/requirements/5e63315.txt b/.riot/requirements/5e63315.txt
index ff4304b6236..2b4d79c191b 100644
--- a/.riot/requirements/5e63315.txt
+++ b/.riot/requirements/5e63315.txt
@@ -2,23 +2,23 @@
 # This file is autogenerated by pip-compile with Python 3.11
 # by the following command:
 #
-#    pip-compile --no-annotate .riot/requirements/5e63315.in
+#    pip-compile --allow-unsafe --no-annotate .riot/requirements/5e63315.in
 #
-attrs==23.2.0
-certifi==2024.7.4
+attrs==24.3.0
+certifi==2024.12.14
 charset-normalizer==2.1.1
-click==8.1.7
-coverage[toml]==7.6.0
-deprecated==1.2.14
+click==8.1.8
+coverage[toml]==7.6.10
+deprecated==1.2.15
 flask==2.1.3
-gevent==24.2.1
-greenlet==3.0.3
+gevent==24.11.1
+greenlet==3.1.1
 hypothesis==6.45.0
-idna==3.7
+idna==3.10
 importlib-metadata==8.0.0
 iniconfig==2.0.0
 itsdangerous==2.2.0
-jinja2==3.1.4
+jinja2==3.1.5
 markupsafe==2.0.1
 mock==5.1.0
 opentelemetry-api==1.26.0
@@ -28,21 +28,21 @@ opentelemetry-instrumentation-wsgi==0.47b0
 opentelemetry-semantic-conventions==0.47b0
 opentelemetry-util-http==0.47b0
 opentracing==2.4.0
-packaging==24.1
+packaging==24.2
 pluggy==1.5.0
-pytest==8.3.2
+pytest==8.3.4
 pytest-asyncio==0.21.1
-pytest-cov==5.0.0
+pytest-cov==6.0.0
 pytest-mock==3.14.0
-pytest-randomly==3.15.0
+pytest-randomly==3.16.0
 requests==2.28.1
 sortedcontainers==2.4.0
-urllib3==1.26.19
+urllib3==1.26.20
 werkzeug==2.1.2
-wrapt==1.16.0
-zipp==3.19.2
+wrapt==1.17.0
+zipp==3.21.0
 zope-event==5.0
-zope-interface==6.4.post2
+zope-interface==7.2
 
 # The following packages are considered to be unsafe in a requirements file:
-# setuptools
+setuptools==75.7.0
diff --git a/.riot/requirements/61891b4.txt b/.riot/requirements/61891b4.txt
index 3b561890425..3e87510d66f 100644
--- a/.riot/requirements/61891b4.txt
+++ b/.riot/requirements/61891b4.txt
@@ -4,28 +4,28 @@
 #
 #    pip-compile --allow-unsafe --no-annotate .riot/requirements/61891b4.in
 #
-attrs==23.2.0
-coverage[toml]==7.6.0
+attrs==24.3.0
+coverage[toml]==7.6.10
 exceptiongroup==1.2.2
-gevent==24.2.1
-greenlet==3.0.3
+gevent==24.11.1
+greenlet==3.1.1
 hypothesis==6.45.0
-importlib-metadata==8.2.0
+importlib-metadata==8.5.0
 iniconfig==2.0.0
 mock==5.1.0
-msgpack==1.0.8
+msgpack==1.1.0
 opentracing==2.4.0
-packaging==24.1
+packaging==24.2
 pluggy==1.5.0
-pytest==8.3.1
-pytest-cov==5.0.0
+pytest==8.3.4
+pytest-cov==6.0.0
 pytest-mock==3.14.0
-pytest-randomly==3.15.0
+pytest-randomly==3.16.0
 sortedcontainers==2.4.0
-tomli==2.0.1
-zipp==3.19.2
+tomli==2.2.1
+zipp==3.21.0
 zope-event==5.0
-zope-interface==6.4.post2
+zope-interface==7.2
 
 # The following packages are considered to be unsafe in a requirements file:
-setuptools==71.1.0
+setuptools==75.7.0
diff --git a/.riot/requirements/620a309.txt b/.riot/requirements/620a309.txt
index 732e3bb845e..b0ada3ca20b 100644
--- a/.riot/requirements/620a309.txt
+++ b/.riot/requirements/620a309.txt
@@ -4,12 +4,12 @@
 #
 #    pip-compile --allow-unsafe --config=pyproject.toml --no-annotate --resolver=backtracking .riot/requirements/620a309.in
 #
-attrs==23.2.0
+attrs==24.2.0
 coverage[toml]==7.2.7
 exceptiongroup==1.2.2
 gevent==22.10.2
-greenlet==3.0.3
-gunicorn[gevent]==22.0.0
+greenlet==3.1.1
+gunicorn[gevent]==23.0.0
 hypothesis==6.45.0
 importlib-metadata==6.7.0
 iniconfig==2.0.0
@@ -27,7 +27,7 @@ pytest-randomly==3.12.0
 sortedcontainers==2.4.0
 tomli==2.0.1
 typing-extensions==4.7.1
-uwsgi==2.0.26
+uwsgi==2.0.28
 zipp==3.15.0
 zope-event==5.0
 zope-interface==6.4.post2
diff --git a/.riot/requirements/69997b1.txt b/.riot/requirements/69997b1.txt
index df6c9557e52..e2747670559 100644
--- a/.riot/requirements/69997b1.txt
+++ b/.riot/requirements/69997b1.txt
@@ -4,22 +4,22 @@
 #
 #    pip-compile --allow-unsafe --no-annotate .riot/requirements/69997b1.in
 #
-attrs==23.2.0
-certifi==2024.7.4
+attrs==24.3.0
+certifi==2024.12.14
 charset-normalizer==2.1.1
-click==8.1.7
-coverage[toml]==7.6.0
-deprecated==1.2.14
+click==8.1.8
+coverage[toml]==7.6.10
+deprecated==1.2.15
 exceptiongroup==1.2.2
 flask==2.1.3
-gevent==24.2.1
-greenlet==3.0.3
+gevent==24.11.1
+greenlet==3.1.1
 hypothesis==6.45.0
-idna==3.7
-importlib-metadata==8.2.0
+idna==3.10
+importlib-metadata==8.5.0
 iniconfig==2.0.0
 itsdangerous==2.2.0
-jinja2==3.1.4
+jinja2==3.1.5
 markupsafe==2.0.1
 mock==5.1.0
 opentelemetry-api==1.15.0
@@ -29,22 +29,22 @@ opentelemetry-instrumentation-wsgi==0.45b0
 opentelemetry-semantic-conventions==0.45b0
 opentelemetry-util-http==0.45b0
 opentracing==2.4.0
-packaging==24.1
+packaging==24.2
 pluggy==1.5.0
-pytest==8.3.2
+pytest==8.3.4
 pytest-asyncio==0.21.1
-pytest-cov==5.0.0
+pytest-cov==6.0.0
 pytest-mock==3.14.0
-pytest-randomly==3.15.0
+pytest-randomly==3.16.0
 requests==2.28.1
 sortedcontainers==2.4.0
-tomli==2.0.1
-urllib3==1.26.19
+tomli==2.2.1
+urllib3==1.26.20
 werkzeug==2.1.2
-wrapt==1.16.0
-zipp==3.19.2
+wrapt==1.17.0
+zipp==3.21.0
 zope-event==5.0
-zope-interface==6.4.post2
+zope-interface==7.2
 
 # The following packages are considered to be unsafe in a requirements file:
-setuptools==71.1.0
+setuptools==75.7.0
diff --git a/.riot/requirements/27d0ff3.txt b/.riot/requirements/6bec1ec.txt
similarity index 68%
rename from .riot/requirements/27d0ff3.txt
rename to .riot/requirements/6bec1ec.txt
index 136eacdd947..3e128a77c79 100644
--- a/.riot/requirements/27d0ff3.txt
+++ b/.riot/requirements/6bec1ec.txt
@@ -2,30 +2,30 @@
 # This file is autogenerated by pip-compile with Python 3.8
 # by the following command:
 #
-#    pip-compile --allow-unsafe --no-annotate .riot/requirements/27d0ff3.in
+#    pip-compile --allow-unsafe --no-annotate .riot/requirements/6bec1ec.in
 #
-attrs==23.2.0
-coverage[toml]==7.6.0
+attrs==24.3.0
+coverage[toml]==7.6.1
 exceptiongroup==1.2.2
 gevent==24.2.1
-greenlet==3.0.3
+greenlet==3.1.0
 hypothesis==6.45.0
-importlib-metadata==8.2.0
+importlib-metadata==8.5.0
 iniconfig==2.0.0
 mock==5.1.0
-msgpack==1.0.8
+msgpack==1.1.0
 opentracing==2.4.0
-packaging==24.1
+packaging==24.2
 pluggy==1.5.0
-pytest==8.3.1
+pytest==8.3.4
 pytest-cov==5.0.0
 pytest-mock==3.14.0
 pytest-randomly==3.15.0
 sortedcontainers==2.4.0
-tomli==2.0.1
-zipp==3.19.2
+tomli==2.2.1
+zipp==3.20.2
 zope-event==5.0
-zope-interface==6.4.post2
+zope-interface==7.2
 
 # The following packages are considered to be unsafe in a requirements file:
-setuptools==71.1.0
+setuptools==75.3.0
diff --git a/.riot/requirements/6e78b72.txt b/.riot/requirements/6e78b72.txt
index 9068ed17649..eba09755f05 100644
--- a/.riot/requirements/6e78b72.txt
+++ b/.riot/requirements/6e78b72.txt
@@ -4,31 +4,31 @@
 #
 #    pip-compile --allow-unsafe --no-annotate .riot/requirements/6e78b72.in
 #
-attrs==23.2.0
-certifi==2024.7.4
-charset-normalizer==3.3.2
-coverage[toml]==7.6.0
+attrs==24.3.0
+certifi==2024.12.14
+charset-normalizer==3.4.1
+coverage[toml]==7.6.10
 exceptiongroup==1.2.2
-gevent==24.2.1
-greenlet==3.0.3
+gevent==24.11.1
+greenlet==3.1.1
 gunicorn==20.0.4
 hypothesis==6.45.0
-idna==3.7
+idna==3.10
 iniconfig==2.0.0
 mock==5.1.0
 opentracing==2.4.0
-packaging==24.1
+packaging==24.2
 pluggy==1.5.0
-pytest==8.3.1
-pytest-cov==5.0.0
+pytest==8.3.4
+pytest-cov==6.0.0
 pytest-mock==3.14.0
-pytest-randomly==3.15.0
+pytest-randomly==3.16.0
 requests==2.32.3
 sortedcontainers==2.4.0
-tomli==2.0.1
-urllib3==2.2.2
+tomli==2.2.1
+urllib3==2.3.0
 zope-event==5.0
-zope-interface==6.4.post2
+zope-interface==7.2
 
 # The following packages are considered to be unsafe in a requirements file:
-setuptools==71.1.0
+setuptools==75.7.0
diff --git a/.riot/requirements/7c104f7.txt b/.riot/requirements/7c104f7.txt
index f415d67621a..c104f45e033 100644
--- a/.riot/requirements/7c104f7.txt
+++ b/.riot/requirements/7c104f7.txt
@@ -4,22 +4,22 @@
 #
 #    pip-compile --allow-unsafe --no-annotate .riot/requirements/7c104f7.in
 #
-attrs==23.2.0
-certifi==2024.7.4
+attrs==24.3.0
+certifi==2024.12.14
 charset-normalizer==2.1.1
-click==8.1.7
-coverage[toml]==7.6.0
-deprecated==1.2.14
+click==8.1.8
+coverage[toml]==7.6.1
+deprecated==1.2.15
 exceptiongroup==1.2.2
 flask==2.1.3
 gevent==24.2.1
-greenlet==3.0.3
+greenlet==3.1.1
 hypothesis==6.45.0
-idna==3.7
+idna==3.10
 importlib-metadata==8.0.0
 iniconfig==2.0.0
 itsdangerous==2.2.0
-jinja2==3.1.4
+jinja2==3.1.5
 markupsafe==2.0.1
 mock==5.1.0
 opentelemetry-api==1.26.0
@@ -29,22 +29,22 @@ opentelemetry-instrumentation-wsgi==0.47b0
 opentelemetry-semantic-conventions==0.47b0
 opentelemetry-util-http==0.47b0
 opentracing==2.4.0
-packaging==24.1
+packaging==24.2
 pluggy==1.5.0
-pytest==8.3.2
+pytest==8.3.4
 pytest-asyncio==0.21.1
 pytest-cov==5.0.0
 pytest-mock==3.14.0
 pytest-randomly==3.15.0
 requests==2.28.1
 sortedcontainers==2.4.0
-tomli==2.0.1
-urllib3==1.26.19
+tomli==2.2.1
+urllib3==1.26.20
 werkzeug==2.1.2
-wrapt==1.16.0
-zipp==3.19.2
+wrapt==1.17.0
+zipp==3.20.2
 zope-event==5.0
-zope-interface==6.4.post2
+zope-interface==7.2
 
 # The following packages are considered to be unsafe in a requirements file:
-setuptools==71.1.0
+setuptools==75.3.0
diff --git a/.riot/requirements/85c90b4.txt b/.riot/requirements/85c90b4.txt
index c465fca400a..9a51942ad69 100644
--- a/.riot/requirements/85c90b4.txt
+++ b/.riot/requirements/85c90b4.txt
@@ -2,21 +2,21 @@
 # This file is autogenerated by pip-compile with Python 3.8
 # by the following command:
 #
-#    pip-compile --config=pyproject.toml --no-annotate .riot/requirements/85c90b4.in
+#    pip-compile --allow-unsafe --no-annotate .riot/requirements/85c90b4.in
 #
 asgiref==3.8.1
-attrs==23.2.0
-certifi==2024.7.4
+attrs==24.3.0
+certifi==2024.12.14
 charset-normalizer==2.1.1
 click==7.1.2
-coverage[toml]==7.6.0
+coverage[toml]==7.6.1
 exceptiongroup==1.2.2
 flask==1.1.4
 gevent==24.2.1
-greenlet==3.0.3
+greenlet==3.1.1
 hypothesis==6.45.0
-idna==3.7
-importlib-metadata==8.2.0
+idna==3.10
+importlib-metadata==8.5.0
 iniconfig==2.0.0
 itsdangerous==1.1.0
 jinja2==2.11.3
@@ -28,23 +28,23 @@ opentelemetry-instrumentation-flask==0.19b0
 opentelemetry-instrumentation-wsgi==0.19b0
 opentelemetry-util-http==0.19b0
 opentracing==2.4.0
-packaging==24.1
+packaging==24.2
 pluggy==1.5.0
-pytest==8.3.2
+pytest==8.3.4
 pytest-asyncio==0.21.1
 pytest-cov==5.0.0
 pytest-mock==3.14.0
 pytest-randomly==3.15.0
 requests==2.28.1
 sortedcontainers==2.4.0
-tomli==2.0.1
+tomli==2.2.1
 typing-extensions==4.12.2
-urllib3==1.26.19
+urllib3==1.26.20
 werkzeug==1.0.1
-wrapt==1.16.0
-zipp==3.19.2
+wrapt==1.17.0
+zipp==3.20.2
 zope-event==5.0
-zope-interface==6.4.post2
+zope-interface==7.2
 
 # The following packages are considered to be unsafe in a requirements file:
-# setuptools
+setuptools==75.3.0
diff --git a/.riot/requirements/85e923f.txt b/.riot/requirements/85e923f.txt
index 0e4d880f5c9..dc94da04908 100644
--- a/.riot/requirements/85e923f.txt
+++ b/.riot/requirements/85e923f.txt
@@ -4,33 +4,33 @@
 #
 #    pip-compile --allow-unsafe --no-annotate .riot/requirements/85e923f.in
 #
-attrs==23.2.0
-certifi==2024.7.4
-charset-normalizer==3.3.2
-coverage[toml]==7.6.0
+attrs==24.3.0
+certifi==2024.12.14
+charset-normalizer==3.4.1
+coverage[toml]==7.6.1
 exceptiongroup==1.2.2
 gevent==24.2.1
-greenlet==3.0.3
+greenlet==3.1.1
 gunicorn==20.0.4
 hypothesis==6.45.0
-idna==3.7
-importlib-metadata==8.2.0
+idna==3.10
+importlib-metadata==8.5.0
 iniconfig==2.0.0
 mock==5.1.0
 opentracing==2.4.0
-packaging==24.1
+packaging==24.2
 pluggy==1.5.0
-pytest==8.3.1
+pytest==8.3.4
 pytest-cov==5.0.0
 pytest-mock==3.14.0
 pytest-randomly==3.15.0
 requests==2.32.3
 sortedcontainers==2.4.0
-tomli==2.0.1
-urllib3==2.2.2
-zipp==3.19.2
+tomli==2.2.1
+urllib3==2.2.3
+zipp==3.20.2
 zope-event==5.0
-zope-interface==6.4.post2
+zope-interface==7.2
 
 # The following packages are considered to be unsafe in a requirements file:
-setuptools==71.1.0
+setuptools==75.3.0
diff --git a/.riot/requirements/89b8013.txt b/.riot/requirements/89b8013.txt
index 159f4651100..f971cee9f2c 100644
--- a/.riot/requirements/89b8013.txt
+++ b/.riot/requirements/89b8013.txt
@@ -4,28 +4,28 @@
 #
 #    pip-compile --allow-unsafe --no-annotate .riot/requirements/89b8013.in
 #
-attrs==23.2.0
-coverage[toml]==7.6.0
-gevent==24.2.1
-greenlet==3.0.3
-gunicorn[gevent]==22.0.0
+attrs==24.3.0
+coverage[toml]==7.6.10
+gevent==24.11.1
+greenlet==3.1.1
+gunicorn[gevent]==23.0.0
 hypothesis==6.45.0
 iniconfig==2.0.0
 mock==5.1.0
 opentracing==2.4.0
-packaging==24.1
+packaging==24.2
 pluggy==1.5.0
 py-cpuinfo==8.0.0
-pytest==8.3.1
+pytest==8.3.4
 pytest-asyncio==0.21.1
-pytest-benchmark==4.0.0
-pytest-cov==5.0.0
+pytest-benchmark==5.1.0
+pytest-cov==6.0.0
 pytest-mock==3.14.0
-pytest-randomly==3.15.0
+pytest-randomly==3.16.0
 sortedcontainers==2.4.0
-uwsgi==2.0.26
+uwsgi==2.0.28
 zope-event==5.0
-zope-interface==6.4.post2
+zope-interface==7.2
 
 # The following packages are considered to be unsafe in a requirements file:
-setuptools==71.1.0
+setuptools==75.7.0
diff --git a/.riot/requirements/8dea090.txt b/.riot/requirements/8dea090.txt
index 06f3310a9eb..f54ede984f8 100644
--- a/.riot/requirements/8dea090.txt
+++ b/.riot/requirements/8dea090.txt
@@ -4,47 +4,47 @@
 #
 #    pip-compile --allow-unsafe --no-annotate .riot/requirements/8dea090.in
 #
-attrs==23.2.0
-certifi==2024.7.4
+attrs==24.3.0
+certifi==2024.12.14
 charset-normalizer==2.1.1
-click==8.1.7
-coverage[toml]==7.6.0
-deprecated==1.2.14
+click==8.1.8
+coverage[toml]==7.6.1
+deprecated==1.2.15
 exceptiongroup==1.2.2
 flask==2.1.3
 gevent==24.2.1
-greenlet==3.0.3
+greenlet==3.1.1
 hypothesis==6.45.0
-idna==3.7
-importlib-metadata==8.0.0
+idna==3.10
+importlib-metadata==8.5.0
 iniconfig==2.0.0
 itsdangerous==2.2.0
-jinja2==3.1.4
+jinja2==3.1.5
 markupsafe==2.0.1
 mock==5.1.0
-opentelemetry-api==1.26.0
-opentelemetry-instrumentation==0.47b0
-opentelemetry-instrumentation-flask==0.47b0
-opentelemetry-instrumentation-wsgi==0.47b0
-opentelemetry-semantic-conventions==0.47b0
-opentelemetry-util-http==0.47b0
+opentelemetry-api==1.29.0
+opentelemetry-instrumentation==0.50b0
+opentelemetry-instrumentation-flask==0.50b0
+opentelemetry-instrumentation-wsgi==0.50b0
+opentelemetry-semantic-conventions==0.50b0
+opentelemetry-util-http==0.50b0
 opentracing==2.4.0
-packaging==24.1
+packaging==24.2
 pluggy==1.5.0
-pytest==8.3.2
+pytest==8.3.4
 pytest-asyncio==0.21.1
 pytest-cov==5.0.0
 pytest-mock==3.14.0
 pytest-randomly==3.15.0
 requests==2.28.1
 sortedcontainers==2.4.0
-tomli==2.0.1
-urllib3==1.26.19
+tomli==2.2.1
+urllib3==1.26.20
 werkzeug==2.1.2
-wrapt==1.16.0
-zipp==3.19.2
+wrapt==1.17.0
+zipp==3.20.2
 zope-event==5.0
-zope-interface==6.4.post2
+zope-interface==7.2
 
 # The following packages are considered to be unsafe in a requirements file:
-setuptools==71.1.0
+setuptools==75.3.0
diff --git a/.riot/requirements/9a5c0d9.txt b/.riot/requirements/9a5c0d9.txt
index edab275315a..78e0546dfc9 100644
--- a/.riot/requirements/9a5c0d9.txt
+++ b/.riot/requirements/9a5c0d9.txt
@@ -4,11 +4,11 @@
 #
 #    pip-compile --allow-unsafe --no-annotate .riot/requirements/9a5c0d9.in
 #
-attrs==24.2.0
-certifi==2024.8.30
-charset-normalizer==3.3.2
-coverage[toml]==7.6.1
-gevent==24.2.1
+attrs==24.3.0
+certifi==2024.12.14
+charset-normalizer==3.4.1
+coverage[toml]==7.6.10
+gevent==24.11.1
 greenlet==3.1.1
 gunicorn==23.0.0
 hypothesis==6.45.0
@@ -16,17 +16,17 @@ idna==3.10
 iniconfig==2.0.0
 mock==5.1.0
 opentracing==2.4.0
-packaging==24.1
+packaging==24.2
 pluggy==1.5.0
-pytest==8.3.3
-pytest-cov==5.0.0
+pytest==8.3.4
+pytest-cov==6.0.0
 pytest-mock==3.14.0
-pytest-randomly==3.15.0
+pytest-randomly==3.16.0
 requests==2.32.3
 sortedcontainers==2.4.0
-urllib3==2.2.3
+urllib3==2.3.0
 zope-event==5.0
-zope-interface==7.0.3
+zope-interface==7.2
 
 # The following packages are considered to be unsafe in a requirements file:
-setuptools==75.1.0
+setuptools==75.7.0
diff --git a/.riot/requirements/9b3b6c2.txt b/.riot/requirements/9b3b6c2.txt
index 68d87089e1e..4e8db321caa 100644
--- a/.riot/requirements/9b3b6c2.txt
+++ b/.riot/requirements/9b3b6c2.txt
@@ -4,45 +4,45 @@
 #
 #    pip-compile --allow-unsafe --no-annotate .riot/requirements/9b3b6c2.in
 #
-attrs==23.2.0
-certifi==2024.7.4
+attrs==24.3.0
+certifi==2024.12.14
 charset-normalizer==2.1.1
-click==8.1.7
-coverage[toml]==7.6.0
-deprecated==1.2.14
+click==8.1.8
+coverage[toml]==7.6.10
+deprecated==1.2.15
 flask==2.1.3
-gevent==24.2.1
-greenlet==3.0.3
+gevent==24.11.1
+greenlet==3.1.1
 hypothesis==6.45.0
-idna==3.7
-importlib-metadata==8.0.0
+idna==3.10
+importlib-metadata==8.5.0
 iniconfig==2.0.0
 itsdangerous==2.2.0
-jinja2==3.1.4
+jinja2==3.1.5
 markupsafe==2.0.1
 mock==5.1.0
-opentelemetry-api==1.26.0
-opentelemetry-instrumentation==0.47b0
-opentelemetry-instrumentation-flask==0.47b0
-opentelemetry-instrumentation-wsgi==0.47b0
-opentelemetry-semantic-conventions==0.47b0
-opentelemetry-util-http==0.47b0
+opentelemetry-api==1.29.0
+opentelemetry-instrumentation==0.50b0
+opentelemetry-instrumentation-flask==0.50b0
+opentelemetry-instrumentation-wsgi==0.50b0
+opentelemetry-semantic-conventions==0.50b0
+opentelemetry-util-http==0.50b0
 opentracing==2.4.0
-packaging==24.1
+packaging==24.2
 pluggy==1.5.0
-pytest==8.3.2
+pytest==8.3.4
 pytest-asyncio==0.21.1
-pytest-cov==5.0.0
+pytest-cov==6.0.0
 pytest-mock==3.14.0
-pytest-randomly==3.15.0
+pytest-randomly==3.16.0
 requests==2.28.1
 sortedcontainers==2.4.0
-urllib3==1.26.19
+urllib3==1.26.20
 werkzeug==2.1.2
-wrapt==1.16.0
-zipp==3.19.2
+wrapt==1.17.0
+zipp==3.21.0
 zope-event==5.0
-zope-interface==6.4.post2
+zope-interface==7.2
 
 # The following packages are considered to be unsafe in a requirements file:
-setuptools==71.1.0
+setuptools==75.7.0
diff --git a/.riot/requirements/a0f2001.txt b/.riot/requirements/a0f2001.txt
index 0fc05775a5d..1e2f66ee1e1 100644
--- a/.riot/requirements/a0f2001.txt
+++ b/.riot/requirements/a0f2001.txt
@@ -2,47 +2,47 @@
 # This file is autogenerated by pip-compile with Python 3.12
 # by the following command:
 #
-#    pip-compile --no-annotate .riot/requirements/a0f2001.in
+#    pip-compile --allow-unsafe --no-annotate .riot/requirements/a0f2001.in
 #
-attrs==23.2.0
-certifi==2024.7.4
+attrs==24.3.0
+certifi==2024.12.14
 charset-normalizer==2.1.1
-click==8.1.7
-coverage[toml]==7.6.0
-deprecated==1.2.14
+click==8.1.8
+coverage[toml]==7.6.10
+deprecated==1.2.15
 flask==2.1.3
-gevent==24.2.1
-greenlet==3.0.3
+gevent==24.11.1
+greenlet==3.1.1
 hypothesis==6.45.0
-idna==3.7
-importlib-metadata==8.0.0
+idna==3.10
+importlib-metadata==8.5.0
 iniconfig==2.0.0
 itsdangerous==2.2.0
-jinja2==3.1.4
+jinja2==3.1.5
 markupsafe==2.0.1
 mock==5.1.0
-opentelemetry-api==1.26.0
-opentelemetry-instrumentation==0.47b0
-opentelemetry-instrumentation-flask==0.47b0
-opentelemetry-instrumentation-wsgi==0.47b0
-opentelemetry-semantic-conventions==0.47b0
-opentelemetry-util-http==0.47b0
+opentelemetry-api==1.29.0
+opentelemetry-instrumentation==0.50b0
+opentelemetry-instrumentation-flask==0.50b0
+opentelemetry-instrumentation-wsgi==0.50b0
+opentelemetry-semantic-conventions==0.50b0
+opentelemetry-util-http==0.50b0
 opentracing==2.4.0
-packaging==24.1
+packaging==24.2
 pluggy==1.5.0
-pytest==8.3.2
+pytest==8.3.4
 pytest-asyncio==0.21.1
-pytest-cov==5.0.0
+pytest-cov==6.0.0
 pytest-mock==3.14.0
-pytest-randomly==3.15.0
+pytest-randomly==3.16.0
 requests==2.28.1
 sortedcontainers==2.4.0
-urllib3==1.26.19
+urllib3==1.26.20
 werkzeug==2.1.2
-wrapt==1.16.0
-zipp==3.19.2
+wrapt==1.17.0
+zipp==3.21.0
 zope-event==5.0
-zope-interface==6.4.post2
+zope-interface==7.2
 
 # The following packages are considered to be unsafe in a requirements file:
-# setuptools
+setuptools==75.7.0
diff --git a/.riot/requirements/a8351f1.txt b/.riot/requirements/a8351f1.txt
index 15c5c7af338..5b8e590f7a4 100644
--- a/.riot/requirements/a8351f1.txt
+++ b/.riot/requirements/a8351f1.txt
@@ -4,22 +4,22 @@
 #
 #    pip-compile --allow-unsafe --no-annotate .riot/requirements/a8351f1.in
 #
-attrs==23.2.0
-certifi==2024.7.4
+attrs==24.3.0
+certifi==2024.12.14
 charset-normalizer==2.1.1
-click==8.1.7
-coverage[toml]==7.6.0
-deprecated==1.2.14
+click==8.1.8
+coverage[toml]==7.6.10
+deprecated==1.2.15
 exceptiongroup==1.2.2
 flask==2.1.3
-gevent==24.2.1
-greenlet==3.0.3
+gevent==24.11.1
+greenlet==3.1.1
 hypothesis==6.45.0
-idna==3.7
+idna==3.10
 importlib-metadata==8.0.0
 iniconfig==2.0.0
 itsdangerous==2.2.0
-jinja2==3.1.4
+jinja2==3.1.5
 markupsafe==2.0.1
 mock==5.1.0
 opentelemetry-api==1.26.0
@@ -29,22 +29,22 @@ opentelemetry-instrumentation-wsgi==0.47b0
 opentelemetry-semantic-conventions==0.47b0
 opentelemetry-util-http==0.47b0
 opentracing==2.4.0
-packaging==24.1
+packaging==24.2
 pluggy==1.5.0
-pytest==8.3.2
+pytest==8.3.4
 pytest-asyncio==0.21.1
-pytest-cov==5.0.0
+pytest-cov==6.0.0
 pytest-mock==3.14.0
-pytest-randomly==3.15.0
+pytest-randomly==3.16.0
 requests==2.28.1
 sortedcontainers==2.4.0
-tomli==2.0.1
-urllib3==1.26.19
+tomli==2.2.1
+urllib3==1.26.20
 werkzeug==2.1.2
-wrapt==1.16.0
-zipp==3.19.2
+wrapt==1.17.0
+zipp==3.21.0
 zope-event==5.0
-zope-interface==6.4.post2
+zope-interface==7.2
 
 # The following packages are considered to be unsafe in a requirements file:
-setuptools==71.1.0
+setuptools==75.7.0
diff --git a/.riot/requirements/adb0290.txt b/.riot/requirements/adb0290.txt
index faf9aac2cc0..28eafd82e1f 100644
--- a/.riot/requirements/adb0290.txt
+++ b/.riot/requirements/adb0290.txt
@@ -4,51 +4,51 @@
 #
 #    pip-compile --allow-unsafe --no-annotate .riot/requirements/adb0290.in
 #
-amqp==5.2.0
-attrs==24.2.0
-billiard==4.2.0
+amqp==5.3.1
+attrs==24.3.0
+billiard==4.2.1
 celery==5.4.0
-certifi==2024.8.30
-charset-normalizer==3.3.2
-click==8.1.7
+certifi==2024.12.14
+charset-normalizer==3.4.1
+click==8.1.8
 click-didyoumean==0.3.1
 click-plugins==1.1.1
 click-repl==0.3.0
-coverage[toml]==7.6.1
+coverage[toml]==7.6.10
 django==2.2.1
 exceptiongroup==1.2.2
-gevent==24.2.1
-greenlet==3.0.3
+gevent==24.11.1
+greenlet==3.1.1
 hypothesis==6.45.0
-idna==3.8
-importlib-metadata==8.4.0
+idna==3.10
+importlib-metadata==8.5.0
 iniconfig==2.0.0
-kombu==5.4.0
+kombu==5.4.2
 mock==5.1.0
 opentracing==2.4.0
-packaging==24.1
+packaging==24.2
 pluggy==1.5.0
-prompt-toolkit==3.0.47
-pytest==8.3.2
-pytest-cov==5.0.0
+prompt-toolkit==3.0.48
+pytest==8.3.4
+pytest-cov==6.0.0
 pytest-mock==3.14.0
-pytest-randomly==3.15.0
+pytest-randomly==3.16.0
 python-dateutil==2.9.0.post0
-pytz==2024.1
+pytz==2024.2
 requests==2.32.3
-six==1.16.0
+six==1.17.0
 sortedcontainers==2.4.0
 sqlalchemy==1.2.19
-sqlparse==0.5.1
-tomli==2.0.1
+sqlparse==0.5.3
+tomli==2.2.1
 typing-extensions==4.12.2
-tzdata==2024.1
-urllib3==2.2.2
+tzdata==2024.2
+urllib3==2.3.0
 vine==5.1.0
 wcwidth==0.2.13
-zipp==3.20.1
+zipp==3.21.0
 zope-event==5.0
-zope-interface==7.0.3
+zope-interface==7.2
 
 # The following packages are considered to be unsafe in a requirements file:
-setuptools==74.0.0
+setuptools==75.7.0
diff --git a/.riot/requirements/b1df5a4.txt b/.riot/requirements/b1df5a4.txt
index d5ffb80461e..3d202e5eeba 100644
--- a/.riot/requirements/b1df5a4.txt
+++ b/.riot/requirements/b1df5a4.txt
@@ -4,16 +4,16 @@
 #
 #    pip-compile --allow-unsafe --config=pyproject.toml --no-annotate --resolver=backtracking .riot/requirements/b1df5a4.in
 #
-attrs==23.2.0
-certifi==2024.7.4
-charset-normalizer==3.3.2
+attrs==24.2.0
+certifi==2024.12.14
+charset-normalizer==3.4.1
 coverage[toml]==7.2.7
 exceptiongroup==1.2.2
 gevent==22.10.2
-greenlet==3.0.3
-gunicorn==22.0.0
+greenlet==3.1.1
+gunicorn==23.0.0
 hypothesis==6.45.0
-idna==3.7
+idna==3.10
 importlib-metadata==6.7.0
 iniconfig==2.0.0
 mock==5.1.0
diff --git a/.riot/requirements/b1eb794.txt b/.riot/requirements/b1eb794.txt
index a29a9e4ac1b..52606cb1258 100644
--- a/.riot/requirements/b1eb794.txt
+++ b/.riot/requirements/b1eb794.txt
@@ -4,29 +4,29 @@
 #
 #    pip-compile --allow-unsafe --no-annotate .riot/requirements/b1eb794.in
 #
-attrs==23.2.0
-certifi==2024.7.4
-charset-normalizer==3.3.2
-coverage[toml]==7.6.0
-gevent==24.2.1
-greenlet==3.0.3
-gunicorn==22.0.0
+attrs==24.3.0
+certifi==2024.12.14
+charset-normalizer==3.4.1
+coverage[toml]==7.6.10
+gevent==24.11.1
+greenlet==3.1.1
+gunicorn==23.0.0
 hypothesis==6.45.0
-idna==3.7
+idna==3.10
 iniconfig==2.0.0
 mock==5.1.0
 opentracing==2.4.0
-packaging==24.1
+packaging==24.2
 pluggy==1.5.0
-pytest==8.3.1
-pytest-cov==5.0.0
+pytest==8.3.4
+pytest-cov==6.0.0
 pytest-mock==3.14.0
-pytest-randomly==3.15.0
+pytest-randomly==3.16.0
 requests==2.32.3
 sortedcontainers==2.4.0
-urllib3==2.2.2
+urllib3==2.3.0
 zope-event==5.0
-zope-interface==6.4.post2
+zope-interface==7.2
 
 # The following packages are considered to be unsafe in a requirements file:
-setuptools==71.1.0
+setuptools==75.7.0
diff --git a/.riot/requirements/b1fd8ec.txt b/.riot/requirements/b1fd8ec.txt
index 8f6cdae803e..c08691d7fa4 100644
--- a/.riot/requirements/b1fd8ec.txt
+++ b/.riot/requirements/b1fd8ec.txt
@@ -4,47 +4,47 @@
 #
 #    pip-compile --allow-unsafe --no-annotate .riot/requirements/b1fd8ec.in
 #
-attrs==23.2.0
-certifi==2024.7.4
+attrs==24.3.0
+certifi==2024.12.14
 charset-normalizer==2.1.1
-click==8.1.7
-coverage[toml]==7.6.0
-deprecated==1.2.14
+click==8.1.8
+coverage[toml]==7.6.10
+deprecated==1.2.15
 exceptiongroup==1.2.2
 flask==2.1.3
-gevent==24.2.1
-greenlet==3.0.3
+gevent==24.11.1
+greenlet==3.1.1
 hypothesis==6.45.0
-idna==3.7
-importlib-metadata==8.0.0
+idna==3.10
+importlib-metadata==8.5.0
 iniconfig==2.0.0
 itsdangerous==2.2.0
-jinja2==3.1.4
+jinja2==3.1.5
 markupsafe==2.0.1
 mock==5.1.0
-opentelemetry-api==1.26.0
-opentelemetry-instrumentation==0.47b0
-opentelemetry-instrumentation-flask==0.47b0
-opentelemetry-instrumentation-wsgi==0.47b0
-opentelemetry-semantic-conventions==0.47b0
-opentelemetry-util-http==0.47b0
+opentelemetry-api==1.29.0
+opentelemetry-instrumentation==0.50b0
+opentelemetry-instrumentation-flask==0.50b0
+opentelemetry-instrumentation-wsgi==0.50b0
+opentelemetry-semantic-conventions==0.50b0
+opentelemetry-util-http==0.50b0
 opentracing==2.4.0
-packaging==24.1
+packaging==24.2
 pluggy==1.5.0
-pytest==8.3.2
+pytest==8.3.4
 pytest-asyncio==0.21.1
-pytest-cov==5.0.0
+pytest-cov==6.0.0
 pytest-mock==3.14.0
-pytest-randomly==3.15.0
+pytest-randomly==3.16.0
 requests==2.28.1
 sortedcontainers==2.4.0
-tomli==2.0.1
-urllib3==1.26.19
+tomli==2.2.1
+urllib3==1.26.20
 werkzeug==2.1.2
-wrapt==1.16.0
-zipp==3.19.2
+wrapt==1.17.0
+zipp==3.21.0
 zope-event==5.0
-zope-interface==6.4.post2
+zope-interface==7.2
 
 # The following packages are considered to be unsafe in a requirements file:
-setuptools==71.1.0
+setuptools==75.7.0
diff --git a/.riot/requirements/b403d9d.txt b/.riot/requirements/b403d9d.txt
index 1cb46c6afb0..b3ccfe59066 100644
--- a/.riot/requirements/b403d9d.txt
+++ b/.riot/requirements/b403d9d.txt
@@ -5,20 +5,20 @@
 #    pip-compile --allow-unsafe --no-annotate .riot/requirements/b403d9d.in
 #
 aiobotocore==2.3.1
-aiohappyeyeballs==2.4.3
-aiohttp==3.10.9
+aiohappyeyeballs==2.4.4
+aiohttp==3.11.11
 aioitertools==0.12.0
-aiosignal==1.3.1
-attrs==24.2.0
+aiosignal==1.3.2
+attrs==24.3.0
 botocore==1.24.21
-certifi==2024.8.30
-charset-normalizer==3.3.2
-coverage[toml]==7.6.1
-elastic-transport==8.15.0
-elasticsearch==8.15.1
+certifi==2024.12.14
+charset-normalizer==3.4.1
+coverage[toml]==7.6.10
+elastic-transport==8.15.1
+elasticsearch==8.17.0
 events==0.5
-frozenlist==1.4.1
-gevent==24.2.1
+frozenlist==1.5.0
+gevent==24.11.1
 greenlet==3.1.1
 hypothesis==6.45.0
 idna==3.10
@@ -26,24 +26,25 @@ iniconfig==2.0.0
 jmespath==1.0.1
 mock==5.1.0
 multidict==6.1.0
-opensearch-py==2.7.1
+opensearch-py==2.8.0
 opentracing==2.4.0
-packaging==24.1
+packaging==24.2
 pluggy==1.5.0
+propcache==0.2.1
 pynamodb==5.5.1
-pytest==8.3.3
-pytest-cov==5.0.0
+pytest==8.3.4
+pytest-cov==6.0.0
 pytest-mock==3.14.0
-pytest-randomly==3.15.0
+pytest-randomly==3.16.0
 python-dateutil==2.9.0.post0
 requests==2.32.3
-six==1.16.0
+six==1.17.0
 sortedcontainers==2.4.0
 urllib3==1.26.20
-wrapt==1.16.0
-yarl==1.13.1
+wrapt==1.17.0
+yarl==1.18.3
 zope-event==5.0
-zope-interface==7.0.3
+zope-interface==7.2
 
 # The following packages are considered to be unsafe in a requirements file:
-setuptools==75.1.0
+setuptools==75.7.0
diff --git a/.riot/requirements/1fe2c8e.txt b/.riot/requirements/b6e9905.txt
similarity index 64%
rename from .riot/requirements/1fe2c8e.txt
rename to .riot/requirements/b6e9905.txt
index 60fa0418337..c17865f1eae 100644
--- a/.riot/requirements/1fe2c8e.txt
+++ b/.riot/requirements/b6e9905.txt
@@ -2,24 +2,25 @@
 # This file is autogenerated by pip-compile with Python 3.8
 # by the following command:
 #
-#    pip-compile --allow-unsafe --no-annotate .riot/requirements/1fe2c8e.in
+#    pip-compile --allow-unsafe --no-annotate .riot/requirements/b6e9905.in
 #
 arrow==1.3.0
 asgiref==3.8.1
-attrs==24.2.0
+attrs==24.3.0
 autobahn==23.1.2
 automat==24.8.1
 backports-zoneinfo==0.2.1
+bcrypt==4.2.1
 blessed==1.20.0
-certifi==2024.8.30
-cffi==1.17.0
-channels==4.1.0
-charset-normalizer==3.3.2
+certifi==2024.12.14
+cffi==1.17.1
+channels==4.2.0
+charset-normalizer==3.4.0
 constantly==23.10.4
 coverage[toml]==7.6.1
-cryptography==43.0.0
+cryptography==44.0.0
 daphne==4.1.2
-django==4.2.15
+django==4.2.17
 django-configurations==2.5.1
 django-picklefield==3.2
 django-pylibmc==0.6.1
@@ -28,50 +29,51 @@ django-redis==4.5.0
 exceptiongroup==1.2.2
 hyperlink==21.0.0
 hypothesis==6.45.0
-idna==3.8
-importlib-metadata==8.4.0
+idna==3.10
+importlib-metadata==8.5.0
 incremental==24.7.2
 iniconfig==2.0.0
-isodate==0.6.1
+isodate==0.7.2
 lxml==5.3.0
 mock==5.1.0
 opentracing==2.4.0
-packaging==24.1
-platformdirs==4.2.2
+packaging==24.2
+platformdirs==4.3.6
 pluggy==1.5.0
-psycopg2-binary==2.9.9
-pyasn1==0.6.0
-pyasn1-modules==0.4.0
+psycopg==3.2.3
+psycopg2-binary==2.9.10
+pyasn1==0.6.1
+pyasn1-modules==0.4.1
 pycparser==2.22
 pylibmc==1.6.3
-pyopenssl==24.2.1
-pytest==8.3.2
+pyopenssl==24.3.0
+pytest==8.3.4
 pytest-cov==5.0.0
 pytest-django[testing]==3.10.0
 pytest-mock==3.14.0
 pytest-randomly==3.15.0
 python-dateutil==2.9.0.post0
 python-memcached==1.62
-pytz==2024.1
+pytz==2024.2
 redis==2.10.6
 requests==2.32.3
 requests-file==2.1.0
 requests-toolbelt==1.0.0
-service-identity==24.1.0
-six==1.16.0
+service-identity==24.2.0
+six==1.17.0
 sortedcontainers==2.4.0
 spyne==2.14.0
-sqlparse==0.5.1
-tomli==2.0.1
-twisted[tls]==24.7.0
+sqlparse==0.5.3
+tomli==2.2.1
+twisted[tls]==24.11.0
 txaio==23.1.1
-types-python-dateutil==2.9.0.20240821
+types-python-dateutil==2.9.0.20241206
 typing-extensions==4.12.2
-urllib3==2.2.2
+urllib3==2.2.3
 wcwidth==0.2.13
-zeep==4.2.1
-zipp==3.20.1
-zope-interface==7.0.3
+zeep==4.3.1
+zipp==3.20.2
+zope-interface==7.2
 
 # The following packages are considered to be unsafe in a requirements file:
-setuptools==74.0.0
+setuptools==75.3.0
diff --git a/.riot/requirements/b83f7ca.txt b/.riot/requirements/b83f7ca.txt
index 72d6ac027ea..43a27df48bc 100644
--- a/.riot/requirements/b83f7ca.txt
+++ b/.riot/requirements/b83f7ca.txt
@@ -4,10 +4,10 @@
 #
 #    pip-compile --allow-unsafe --no-annotate .riot/requirements/b83f7ca.in
 #
-attrs==24.2.0
-coverage[toml]==7.6.3
+attrs==24.3.0
+coverage[toml]==7.6.10
 exceptiongroup==1.2.2
-gevent==24.10.2
+gevent==24.11.1
 greenlet==3.1.1
 gunicorn[gevent]==23.0.0
 hypothesis==6.45.0
@@ -16,22 +16,22 @@ iniconfig==2.0.0
 lz4==4.3.3
 mock==5.1.0
 opentracing==2.4.0
-packaging==24.1
+packaging==24.2
 pluggy==1.5.0
 py-cpuinfo==8.0.0
-pytest==8.3.3
+pytest==8.3.4
 pytest-asyncio==0.21.1
-pytest-benchmark==4.0.0
-pytest-cov==5.0.0
+pytest-benchmark==5.1.0
+pytest-cov==6.0.0
 pytest-cpp==2.6.0
 pytest-mock==3.14.0
-pytest-randomly==3.15.0
+pytest-randomly==3.16.0
 sortedcontainers==2.4.0
-tomli==2.0.2
-uwsgi==2.0.27
-zipp==3.20.2
+tomli==2.2.1
+uwsgi==2.0.28
+zipp==3.21.0
 zope-event==5.0
-zope-interface==7.1.0
+zope-interface==7.2
 
 # The following packages are considered to be unsafe in a requirements file:
-setuptools==75.2.0
+setuptools==75.7.0
diff --git a/.riot/requirements/b92b3b0.txt b/.riot/requirements/b92b3b0.txt
index 112c5264b96..5ca3a9a729f 100644
--- a/.riot/requirements/b92b3b0.txt
+++ b/.riot/requirements/b92b3b0.txt
@@ -4,25 +4,25 @@
 #
 #    pip-compile --allow-unsafe --no-annotate .riot/requirements/b92b3b0.in
 #
-attrs==23.2.0
-coverage[toml]==7.6.0
+attrs==24.3.0
+coverage[toml]==7.6.10
 exceptiongroup==1.2.2
-gevent==24.2.1
-greenlet==3.0.3
+gevent==24.11.1
+greenlet==3.1.1
 hypothesis==6.45.0
 iniconfig==2.0.0
 mock==5.1.0
 opentracing==2.4.0
-packaging==24.1
+packaging==24.2
 pluggy==1.5.0
-pytest==8.3.1
-pytest-cov==5.0.0
+pytest==8.3.4
+pytest-cov==6.0.0
 pytest-mock==3.14.0
-pytest-randomly==3.15.0
+pytest-randomly==3.16.0
 sortedcontainers==2.4.0
-tomli==2.0.1
+tomli==2.2.1
 zope-event==5.0
-zope-interface==6.4.post2
+zope-interface==7.2
 
 # The following packages are considered to be unsafe in a requirements file:
-setuptools==71.1.0
+setuptools==75.7.0
diff --git a/.riot/requirements/c7b5ba5.txt b/.riot/requirements/ba009af.txt
similarity index 64%
rename from .riot/requirements/c7b5ba5.txt
rename to .riot/requirements/ba009af.txt
index b600cea7664..7a653d3034f 100644
--- a/.riot/requirements/c7b5ba5.txt
+++ b/.riot/requirements/ba009af.txt
@@ -2,25 +2,25 @@
 # This file is autogenerated by pip-compile with Python 3.9
 # by the following command:
 #
-#    pip-compile --allow-unsafe --no-annotate .riot/requirements/c7b5ba5.in
+#    pip-compile --allow-unsafe --no-annotate .riot/requirements/ba009af.in
 #
 aiobotocore==2.3.1
-aiohappyeyeballs==2.4.3
-aiohttp==3.10.10
+aiohappyeyeballs==2.4.4
+aiohttp==3.11.11
 aioitertools==0.12.0
-aiosignal==1.3.1
-async-timeout==4.0.3
-attrs==24.2.0
+aiosignal==1.3.2
+async-timeout==5.0.1
+attrs==24.3.0
 botocore==1.24.21
-certifi==2024.8.30
-charset-normalizer==3.4.0
-coverage[toml]==7.6.4
+certifi==2024.12.14
+charset-normalizer==3.4.1
+coverage[toml]==7.6.10
 elastic-transport==8.15.1
-elasticsearch==8.15.1
+elasticsearch==8.17.0
 events==0.5
 exceptiongroup==1.2.2
 frozenlist==1.5.0
-gevent==22.10.1
+gevent==21.1.2
 greenlet==1.1.3.post0
 hypothesis==6.45.0
 idna==3.10
@@ -29,28 +29,28 @@ iniconfig==2.0.0
 jmespath==1.0.1
 mock==5.1.0
 multidict==6.1.0
-opensearch-py==2.7.1
+opensearch-py==2.8.0
 opentracing==2.4.0
-packaging==24.1
+packaging==24.2
 pluggy==1.5.0
-propcache==0.2.0
+propcache==0.2.1
 pynamodb==5.5.1
-pytest==8.3.3
-pytest-cov==5.0.0
+pytest==8.3.4
+pytest-cov==6.0.0
 pytest-mock==3.14.0
 pytest-randomly==3.16.0
 python-dateutil==2.9.0.post0
 requests==2.32.3
-six==1.16.0
+six==1.17.0
 sortedcontainers==2.4.0
-tomli==2.0.2
+tomli==2.2.1
 typing-extensions==4.12.2
 urllib3==1.26.20
-wrapt==1.16.0
-yarl==1.16.0
-zipp==3.20.2
+wrapt==1.17.0
+yarl==1.18.3
+zipp==3.21.0
 zope-event==5.0
-zope-interface==7.1.1
+zope-interface==7.2
 
 # The following packages are considered to be unsafe in a requirements file:
-setuptools==75.2.0
+setuptools==75.7.0
diff --git a/.riot/requirements/bbb3af0.txt b/.riot/requirements/bbb3af0.txt
index 5969bf60e1a..0c47cba8e87 100644
--- a/.riot/requirements/bbb3af0.txt
+++ b/.riot/requirements/bbb3af0.txt
@@ -4,47 +4,47 @@
 #
 #    pip-compile --allow-unsafe --no-annotate .riot/requirements/bbb3af0.in
 #
-amqp==5.2.0
+amqp==5.3.1
 asgiref==3.8.1
-attrs==24.2.0
-billiard==4.2.0
+attrs==24.3.0
+billiard==4.2.1
 celery==5.4.0
-certifi==2024.8.30
-charset-normalizer==3.3.2
-click==8.1.7
+certifi==2024.12.14
+charset-normalizer==3.4.1
+click==8.1.8
 click-didyoumean==0.3.1
 click-plugins==1.1.1
 click-repl==0.3.0
-coverage[toml]==7.6.1
-django==5.1
-gevent==24.2.1
-greenlet==3.0.3
+coverage[toml]==7.6.10
+django==5.1.4
+gevent==24.11.1
+greenlet==3.1.1
 hypothesis==6.45.0
-idna==3.8
+idna==3.10
 iniconfig==2.0.0
-kombu==5.4.0
+kombu==5.4.2
 mock==5.1.0
 opentracing==2.4.0
-packaging==24.1
+packaging==24.2
 pluggy==1.5.0
-prompt-toolkit==3.0.47
-pytest==8.3.2
-pytest-cov==5.0.0
+prompt-toolkit==3.0.48
+pytest==8.3.4
+pytest-cov==6.0.0
 pytest-mock==3.14.0
-pytest-randomly==3.15.0
+pytest-randomly==3.16.0
 python-dateutil==2.9.0.post0
 requests==2.32.3
-six==1.16.0
+six==1.17.0
 sortedcontainers==2.4.0
-sqlalchemy==2.0.32
-sqlparse==0.5.1
+sqlalchemy==2.0.36
+sqlparse==0.5.3
 typing-extensions==4.12.2
-tzdata==2024.1
-urllib3==2.2.2
+tzdata==2024.2
+urllib3==2.3.0
 vine==5.1.0
 wcwidth==0.2.13
 zope-event==5.0
-zope-interface==7.0.3
+zope-interface==7.2
 
 # The following packages are considered to be unsafe in a requirements file:
-setuptools==74.0.0
+setuptools==75.7.0
diff --git a/.riot/requirements/c3e8b1a.txt b/.riot/requirements/c3e8b1a.txt
index 5ff5316a4b2..6a2e37e2a58 100644
--- a/.riot/requirements/c3e8b1a.txt
+++ b/.riot/requirements/c3e8b1a.txt
@@ -4,22 +4,22 @@
 #
 #    pip-compile --allow-unsafe --no-annotate .riot/requirements/c3e8b1a.in
 #
-attrs==23.2.0
-certifi==2024.7.4
+attrs==24.3.0
+certifi==2024.12.14
 charset-normalizer==2.1.1
-click==8.1.7
-coverage[toml]==7.6.0
-deprecated==1.2.14
+click==8.1.8
+coverage[toml]==7.6.10
+deprecated==1.2.15
 exceptiongroup==1.2.2
 flask==2.1.3
-gevent==24.2.1
-greenlet==3.0.3
+gevent==24.11.1
+greenlet==3.1.1
 hypothesis==6.45.0
-idna==3.7
+idna==3.10
 importlib-metadata==8.0.0
 iniconfig==2.0.0
 itsdangerous==2.2.0
-jinja2==3.1.4
+jinja2==3.1.5
 markupsafe==2.0.1
 mock==5.1.0
 opentelemetry-api==1.26.0
@@ -29,22 +29,22 @@ opentelemetry-instrumentation-wsgi==0.47b0
 opentelemetry-semantic-conventions==0.47b0
 opentelemetry-util-http==0.47b0
 opentracing==2.4.0
-packaging==24.1
+packaging==24.2
 pluggy==1.5.0
-pytest==8.3.2
+pytest==8.3.4
 pytest-asyncio==0.21.1
-pytest-cov==5.0.0
+pytest-cov==6.0.0
 pytest-mock==3.14.0
-pytest-randomly==3.15.0
+pytest-randomly==3.16.0
 requests==2.28.1
 sortedcontainers==2.4.0
-tomli==2.0.1
-urllib3==1.26.19
+tomli==2.2.1
+urllib3==1.26.20
 werkzeug==2.1.2
-wrapt==1.16.0
-zipp==3.19.2
+wrapt==1.17.0
+zipp==3.21.0
 zope-event==5.0
-zope-interface==6.4.post2
+zope-interface==7.2
 
 # The following packages are considered to be unsafe in a requirements file:
-setuptools==71.1.0
+setuptools==75.7.0
diff --git a/.riot/requirements/c74560f.txt b/.riot/requirements/c74560f.txt
index 5bc94a35733..06136e66715 100644
--- a/.riot/requirements/c74560f.txt
+++ b/.riot/requirements/c74560f.txt
@@ -4,29 +4,29 @@
 #
 #    pip-compile --allow-unsafe --no-annotate .riot/requirements/c74560f.in
 #
-async-timeout==4.0.3
-attrs==23.2.0
-coverage[toml]==7.6.0
+async-timeout==5.0.1
+attrs==24.3.0
+coverage[toml]==7.6.1
 exceptiongroup==1.2.2
 gevent==24.2.1
-greenlet==3.0.3
+greenlet==3.1.1
 hypothesis==6.45.0
-importlib-metadata==8.2.0
+importlib-metadata==8.5.0
 iniconfig==2.0.0
 mock==5.1.0
 opentracing==2.4.0
-packaging==24.1
+packaging==24.2
 pluggy==1.5.0
-pytest==8.3.1
+pytest==8.3.4
 pytest-cov==5.0.0
 pytest-mock==3.14.0
 pytest-randomly==3.15.0
-redis==5.0.7
+redis==5.2.1
 sortedcontainers==2.4.0
-tomli==2.0.1
-zipp==3.19.2
+tomli==2.2.1
+zipp==3.20.2
 zope-event==5.0
-zope-interface==6.4.post2
+zope-interface==7.2
 
 # The following packages are considered to be unsafe in a requirements file:
-setuptools==71.1.0
+setuptools==75.3.0
diff --git a/.riot/requirements/c77bbb6.txt b/.riot/requirements/c77bbb6.txt
index 3f53bcba5e6..9a655b3df0c 100644
--- a/.riot/requirements/c77bbb6.txt
+++ b/.riot/requirements/c77bbb6.txt
@@ -4,45 +4,45 @@
 #
 #    pip-compile --allow-unsafe --no-annotate .riot/requirements/c77bbb6.in
 #
-attrs==24.2.0
-certifi==2024.8.30
+attrs==24.3.0
+certifi==2024.12.14
 charset-normalizer==2.1.1
-click==8.1.7
-coverage[toml]==7.6.1
-deprecated==1.2.14
+click==8.1.8
+coverage[toml]==7.6.10
+deprecated==1.2.15
 flask==2.1.3
-gevent==24.2.1
+gevent==24.11.1
 greenlet==3.1.1
 hypothesis==6.45.0
 idna==3.10
-importlib-metadata==8.4.0
+importlib-metadata==8.5.0
 iniconfig==2.0.0
 itsdangerous==2.2.0
-jinja2==3.1.4
+jinja2==3.1.5
 markupsafe==2.0.1
 mock==5.1.0
-opentelemetry-api==1.27.0
-opentelemetry-instrumentation==0.48b0
-opentelemetry-instrumentation-flask==0.48b0
-opentelemetry-instrumentation-wsgi==0.48b0
-opentelemetry-semantic-conventions==0.48b0
-opentelemetry-util-http==0.48b0
+opentelemetry-api==1.29.0
+opentelemetry-instrumentation==0.50b0
+opentelemetry-instrumentation-flask==0.50b0
+opentelemetry-instrumentation-wsgi==0.50b0
+opentelemetry-semantic-conventions==0.50b0
+opentelemetry-util-http==0.50b0
 opentracing==2.4.0
-packaging==24.1
+packaging==24.2
 pluggy==1.5.0
-pytest==8.3.3
+pytest==8.3.4
 pytest-asyncio==0.21.1
-pytest-cov==5.0.0
+pytest-cov==6.0.0
 pytest-mock==3.14.0
-pytest-randomly==3.15.0
+pytest-randomly==3.16.0
 requests==2.28.1
 sortedcontainers==2.4.0
 urllib3==1.26.20
 werkzeug==2.1.2
-wrapt==1.16.0
-zipp==3.20.2
+wrapt==1.17.0
+zipp==3.21.0
 zope-event==5.0
-zope-interface==7.0.3
+zope-interface==7.2
 
 # The following packages are considered to be unsafe in a requirements file:
-setuptools==75.1.0
+setuptools==75.7.0
diff --git a/.riot/requirements/c8b476b.txt b/.riot/requirements/c8b476b.txt
index d8fd4322d7f..e6d5e735b27 100644
--- a/.riot/requirements/c8b476b.txt
+++ b/.riot/requirements/c8b476b.txt
@@ -4,11 +4,11 @@
 #
 #    pip-compile --allow-unsafe --no-annotate .riot/requirements/c8b476b.in
 #
-attrs==24.2.0
-certifi==2024.8.30
-charset-normalizer==3.3.2
-coverage[toml]==7.6.1
-gevent==24.2.1
+attrs==24.3.0
+certifi==2024.12.14
+charset-normalizer==3.4.1
+coverage[toml]==7.6.10
+gevent==24.11.1
 greenlet==3.1.1
 gunicorn==20.0.4
 hypothesis==6.45.0
@@ -16,17 +16,17 @@ idna==3.10
 iniconfig==2.0.0
 mock==5.1.0
 opentracing==2.4.0
-packaging==24.1
+packaging==24.2
 pluggy==1.5.0
-pytest==8.3.3
-pytest-cov==5.0.0
+pytest==8.3.4
+pytest-cov==6.0.0
 pytest-mock==3.14.0
-pytest-randomly==3.15.0
+pytest-randomly==3.16.0
 requests==2.32.3
 sortedcontainers==2.4.0
-urllib3==2.2.3
+urllib3==2.3.0
 zope-event==5.0
-zope-interface==7.0.3
+zope-interface==7.2
 
 # The following packages are considered to be unsafe in a requirements file:
-setuptools==75.1.0
+setuptools==75.7.0
diff --git a/.riot/requirements/ce6cd33.txt b/.riot/requirements/ce6cd33.txt
index a54e367a3dc..c9d940f1e5c 100644
--- a/.riot/requirements/ce6cd33.txt
+++ b/.riot/requirements/ce6cd33.txt
@@ -4,49 +4,49 @@
 #
 #    pip-compile --allow-unsafe --no-annotate .riot/requirements/ce6cd33.in
 #
-amqp==5.2.0
-attrs==24.2.0
-billiard==4.2.0
+amqp==5.3.1
+attrs==24.3.0
+billiard==4.2.1
 celery==5.4.0
-certifi==2024.8.30
-charset-normalizer==3.3.2
-click==8.1.7
+certifi==2024.12.14
+charset-normalizer==3.4.1
+click==8.1.8
 click-didyoumean==0.3.1
 click-plugins==1.1.1
 click-repl==0.3.0
-coverage[toml]==7.6.1
+coverage[toml]==7.6.10
 django==2.2.1
 exceptiongroup==1.2.2
-gevent==24.2.1
-greenlet==3.0.3
+gevent==24.11.1
+greenlet==3.1.1
 hypothesis==6.45.0
-idna==3.8
+idna==3.10
 iniconfig==2.0.0
-kombu==5.4.0
+kombu==5.4.2
 mock==5.1.0
 opentracing==2.4.0
-packaging==24.1
+packaging==24.2
 pluggy==1.5.0
-prompt-toolkit==3.0.47
-pytest==8.3.2
-pytest-cov==5.0.0
+prompt-toolkit==3.0.48
+pytest==8.3.4
+pytest-cov==6.0.0
 pytest-mock==3.14.0
-pytest-randomly==3.15.0
+pytest-randomly==3.16.0
 python-dateutil==2.9.0.post0
-pytz==2024.1
+pytz==2024.2
 requests==2.32.3
-six==1.16.0
+six==1.17.0
 sortedcontainers==2.4.0
 sqlalchemy==1.2.19
-sqlparse==0.5.1
-tomli==2.0.1
+sqlparse==0.5.3
+tomli==2.2.1
 typing-extensions==4.12.2
-tzdata==2024.1
-urllib3==2.2.2
+tzdata==2024.2
+urllib3==2.3.0
 vine==5.1.0
 wcwidth==0.2.13
 zope-event==5.0
-zope-interface==7.0.3
+zope-interface==7.2
 
 # The following packages are considered to be unsafe in a requirements file:
-setuptools==74.0.0
+setuptools==75.7.0
diff --git a/.riot/requirements/d0355c2.txt b/.riot/requirements/d0355c2.txt
index a64f493f7f9..087e858b6e1 100644
--- a/.riot/requirements/d0355c2.txt
+++ b/.riot/requirements/d0355c2.txt
@@ -5,11 +5,11 @@
 #    pip-compile --allow-unsafe --config=pyproject.toml --no-annotate --resolver=backtracking .riot/requirements/d0355c2.in
 #
 async-timeout==4.0.3
-attrs==23.2.0
+attrs==24.2.0
 coverage[toml]==7.2.7
 exceptiongroup==1.2.2
 gevent==22.10.2
-greenlet==3.0.3
+greenlet==3.1.1
 hypothesis==6.45.0
 importlib-metadata==6.7.0
 iniconfig==2.0.0
@@ -21,7 +21,7 @@ pytest==7.4.4
 pytest-cov==4.1.0
 pytest-mock==3.11.1
 pytest-randomly==3.12.0
-redis==5.0.7
+redis==5.0.8
 sortedcontainers==2.4.0
 tomli==2.0.1
 typing-extensions==4.7.1
diff --git a/.riot/requirements/d171c08.txt b/.riot/requirements/d171c08.txt
index a90370ee256..96b05c92f6a 100644
--- a/.riot/requirements/d171c08.txt
+++ b/.riot/requirements/d171c08.txt
@@ -4,24 +4,24 @@
 #
 #    pip-compile --allow-unsafe --no-annotate .riot/requirements/d171c08.in
 #
-attrs==23.2.0
-coverage[toml]==7.6.0
-gevent==24.2.1
-greenlet==3.0.3
+attrs==24.3.0
+coverage[toml]==7.6.10
+gevent==24.11.1
+greenlet==3.1.1
 hypothesis==6.45.0
 iniconfig==2.0.0
 mock==5.1.0
-msgpack==1.0.8
+msgpack==1.1.0
 opentracing==2.4.0
-packaging==24.1
+packaging==24.2
 pluggy==1.5.0
-pytest==8.3.1
-pytest-cov==5.0.0
+pytest==8.3.4
+pytest-cov==6.0.0
 pytest-mock==3.14.0
-pytest-randomly==3.15.0
+pytest-randomly==3.16.0
 sortedcontainers==2.4.0
 zope-event==5.0
-zope-interface==6.4.post2
+zope-interface==7.2
 
 # The following packages are considered to be unsafe in a requirements file:
-setuptools==71.1.0
+setuptools==75.7.0
diff --git a/.riot/requirements/d44f455.txt b/.riot/requirements/d44f455.txt
index 6bf699d0ac7..92fa1159c1b 100644
--- a/.riot/requirements/d44f455.txt
+++ b/.riot/requirements/d44f455.txt
@@ -4,23 +4,23 @@
 #
 #    pip-compile --allow-unsafe --no-annotate .riot/requirements/d44f455.in
 #
-attrs==23.2.0
-coverage[toml]==7.6.0
-gevent==24.2.1
-greenlet==3.0.3
+attrs==24.3.0
+coverage[toml]==7.6.10
+gevent==24.11.1
+greenlet==3.1.1
 hypothesis==6.45.0
 iniconfig==2.0.0
 mock==5.1.0
 opentracing==2.4.0
-packaging==24.1
+packaging==24.2
 pluggy==1.5.0
-pytest==8.3.1
-pytest-cov==5.0.0
+pytest==8.3.4
+pytest-cov==6.0.0
 pytest-mock==3.14.0
-pytest-randomly==3.15.0
+pytest-randomly==3.16.0
 sortedcontainers==2.4.0
 zope-event==5.0
-zope-interface==6.4.post2
+zope-interface==7.2
 
 # The following packages are considered to be unsafe in a requirements file:
-setuptools==71.1.0
+setuptools==75.7.0
diff --git a/.riot/requirements/ddba314.txt b/.riot/requirements/ddba314.txt
index e99a4ed6a0f..5ec0de6aa63 100644
--- a/.riot/requirements/ddba314.txt
+++ b/.riot/requirements/ddba314.txt
@@ -5,20 +5,20 @@
 #    pip-compile --allow-unsafe --no-annotate .riot/requirements/ddba314.in
 #
 aiobotocore==2.3.1
-aiohappyeyeballs==2.4.3
-aiohttp==3.10.10
+aiohappyeyeballs==2.4.4
+aiohttp==3.11.11
 aioitertools==0.12.0
-aiosignal==1.3.1
-attrs==24.2.0
+aiosignal==1.3.2
+attrs==24.3.0
 botocore==1.24.21
-certifi==2024.8.30
-charset-normalizer==3.4.0
-coverage[toml]==7.6.4
+certifi==2024.12.14
+charset-normalizer==3.4.1
+coverage[toml]==7.6.10
 elastic-transport==8.15.1
-elasticsearch==8.15.1
+elasticsearch==8.17.0
 events==0.5
 frozenlist==1.5.0
-gevent==24.10.3
+gevent==24.11.1
 greenlet==3.1.1
 hypothesis==6.45.0
 idna==3.10
@@ -26,25 +26,25 @@ iniconfig==2.0.0
 jmespath==1.0.1
 mock==5.1.0
 multidict==6.1.0
-opensearch-py==2.7.1
+opensearch-py==2.8.0
 opentracing==2.4.0
-packaging==24.1
+packaging==24.2
 pluggy==1.5.0
-propcache==0.2.0
+propcache==0.2.1
 pynamodb==5.5.1
-pytest==8.3.3
-pytest-cov==5.0.0
+pytest==8.3.4
+pytest-cov==6.0.0
 pytest-mock==3.14.0
 pytest-randomly==3.16.0
 python-dateutil==2.9.0.post0
 requests==2.32.3
-six==1.16.0
+six==1.17.0
 sortedcontainers==2.4.0
 urllib3==1.26.20
-wrapt==1.16.0
-yarl==1.16.0
+wrapt==1.17.0
+yarl==1.18.3
 zope-event==5.0
-zope-interface==7.1.1
+zope-interface==7.2
 
 # The following packages are considered to be unsafe in a requirements file:
-setuptools==75.2.0
+setuptools==75.7.0
diff --git a/.riot/requirements/de578a7.txt b/.riot/requirements/de578a7.txt
index 351c740cf9d..45c73555c71 100644
--- a/.riot/requirements/de578a7.txt
+++ b/.riot/requirements/de578a7.txt
@@ -4,24 +4,24 @@
 #
 #    pip-compile --allow-unsafe --no-annotate .riot/requirements/de578a7.in
 #
-attrs==23.2.0
-coverage[toml]==7.6.0
-gevent==24.2.1
-greenlet==3.0.3
+attrs==24.3.0
+coverage[toml]==7.6.10
+gevent==24.11.1
+greenlet==3.1.1
 hypothesis==6.45.0
 iniconfig==2.0.0
 mock==5.1.0
-msgpack==1.0.8
+msgpack==1.1.0
 opentracing==2.4.0
-packaging==24.1
+packaging==24.2
 pluggy==1.5.0
-pytest==8.3.1
-pytest-cov==5.0.0
+pytest==8.3.4
+pytest-cov==6.0.0
 pytest-mock==3.14.0
-pytest-randomly==3.15.0
+pytest-randomly==3.16.0
 sortedcontainers==2.4.0
 zope-event==5.0
-zope-interface==6.4.post2
+zope-interface==7.2
 
 # The following packages are considered to be unsafe in a requirements file:
-setuptools==71.1.0
+setuptools==75.7.0
diff --git a/.riot/requirements/e20bbeb.txt b/.riot/requirements/e20bbeb.txt
index f14f6548c9a..1ea4d0c930d 100644
--- a/.riot/requirements/e20bbeb.txt
+++ b/.riot/requirements/e20bbeb.txt
@@ -4,22 +4,22 @@
 #
 #    pip-compile --allow-unsafe --no-annotate .riot/requirements/e20bbeb.in
 #
-attrs==23.2.0
-certifi==2024.7.4
+attrs==24.3.0
+certifi==2024.12.14
 charset-normalizer==2.1.1
-click==8.1.7
-coverage[toml]==7.6.0
-deprecated==1.2.14
+click==8.1.8
+coverage[toml]==7.6.10
+deprecated==1.2.15
 exceptiongroup==1.2.2
 flask==2.1.3
-gevent==24.2.1
-greenlet==3.0.3
+gevent==24.11.1
+greenlet==3.1.1
 hypothesis==6.45.0
-idna==3.7
-importlib-metadata==8.2.0
+idna==3.10
+importlib-metadata==8.5.0
 iniconfig==2.0.0
 itsdangerous==2.2.0
-jinja2==3.1.4
+jinja2==3.1.5
 markupsafe==2.0.1
 mock==5.1.0
 opentelemetry-api==1.15.0
@@ -29,22 +29,22 @@ opentelemetry-instrumentation-wsgi==0.45b0
 opentelemetry-semantic-conventions==0.45b0
 opentelemetry-util-http==0.45b0
 opentracing==2.4.0
-packaging==24.1
+packaging==24.2
 pluggy==1.5.0
-pytest==8.3.2
+pytest==8.3.4
 pytest-asyncio==0.21.1
-pytest-cov==5.0.0
+pytest-cov==6.0.0
 pytest-mock==3.14.0
-pytest-randomly==3.15.0
+pytest-randomly==3.16.0
 requests==2.28.1
 sortedcontainers==2.4.0
-tomli==2.0.1
-urllib3==1.26.19
+tomli==2.2.1
+urllib3==1.26.20
 werkzeug==2.1.2
-wrapt==1.16.0
-zipp==3.19.2
+wrapt==1.17.0
+zipp==3.21.0
 zope-event==5.0
-zope-interface==6.4.post2
+zope-interface==7.2
 
 # The following packages are considered to be unsafe in a requirements file:
-setuptools==71.1.0
+setuptools==75.7.0
diff --git a/.riot/requirements/e68fea2.txt b/.riot/requirements/e68fea2.txt
index 6ab46c7b910..064c974a99a 100644
--- a/.riot/requirements/e68fea2.txt
+++ b/.riot/requirements/e68fea2.txt
@@ -4,31 +4,31 @@
 #
 #    pip-compile --allow-unsafe --no-annotate .riot/requirements/e68fea2.in
 #
-attrs==23.2.0
-coverage[toml]==7.6.0
+attrs==24.3.0
+coverage[toml]==7.6.1
 exceptiongroup==1.2.2
 gevent==24.2.1
-greenlet==3.0.3
+greenlet==3.1.1
 httpretty==1.1.4
 hypothesis==6.45.0
-importlib-metadata==8.2.0
+importlib-metadata==8.5.0
 iniconfig==2.0.0
 mock==5.1.0
 opentracing==2.4.0
-packaging==24.1
+packaging==24.2
 pluggy==1.5.0
-pyfakefs==5.6.0
-pytest==8.3.1
+pyfakefs==5.7.3
+pytest==8.3.4
 pytest-asyncio==0.23.8
 pytest-cov==5.0.0
 pytest-mock==3.14.0
 pytest-randomly==3.15.0
 python-json-logger==2.0.7
 sortedcontainers==2.4.0
-tomli==2.0.1
-zipp==3.19.2
+tomli==2.2.1
+zipp==3.20.2
 zope-event==5.0
-zope-interface==6.4.post2
+zope-interface==7.2
 
 # The following packages are considered to be unsafe in a requirements file:
-setuptools==71.1.0
+setuptools==75.3.0
diff --git a/.riot/requirements/ee0b75a.txt b/.riot/requirements/ee0b75a.txt
index d7c20329467..d31d339e27b 100644
--- a/.riot/requirements/ee0b75a.txt
+++ b/.riot/requirements/ee0b75a.txt
@@ -4,29 +4,29 @@
 #
 #    pip-compile --allow-unsafe --no-annotate .riot/requirements/ee0b75a.in
 #
-async-timeout==4.0.3
-attrs==23.2.0
-coverage[toml]==7.6.0
+async-timeout==5.0.1
+attrs==24.3.0
+coverage[toml]==7.6.10
 exceptiongroup==1.2.2
-gevent==24.2.1
-greenlet==3.0.3
+gevent==24.11.1
+greenlet==3.1.1
 hypothesis==6.45.0
-importlib-metadata==8.2.0
+importlib-metadata==8.5.0
 iniconfig==2.0.0
 mock==5.1.0
 opentracing==2.4.0
-packaging==24.1
+packaging==24.2
 pluggy==1.5.0
-pytest==8.3.1
-pytest-cov==5.0.0
+pytest==8.3.4
+pytest-cov==6.0.0
 pytest-mock==3.14.0
-pytest-randomly==3.15.0
-redis==5.0.7
+pytest-randomly==3.16.0
+redis==5.2.1
 sortedcontainers==2.4.0
-tomli==2.0.1
-zipp==3.19.2
+tomli==2.2.1
+zipp==3.21.0
 zope-event==5.0
-zope-interface==6.4.post2
+zope-interface==7.2
 
 # The following packages are considered to be unsafe in a requirements file:
-setuptools==71.1.0
+setuptools==75.7.0
diff --git a/.riot/requirements/f19daa4.txt b/.riot/requirements/f19daa4.txt
index 14d329e1aeb..eb8d7a6aedb 100644
--- a/.riot/requirements/f19daa4.txt
+++ b/.riot/requirements/f19daa4.txt
@@ -4,22 +4,22 @@
 #
 #    pip-compile --allow-unsafe --no-annotate .riot/requirements/f19daa4.in
 #
-attrs==23.2.0
-certifi==2024.7.4
+attrs==24.3.0
+certifi==2024.12.14
 charset-normalizer==2.1.1
-click==8.1.7
-coverage[toml]==7.6.0
-deprecated==1.2.14
+click==8.1.8
+coverage[toml]==7.6.1
+deprecated==1.2.15
 exceptiongroup==1.2.2
 flask==2.1.3
 gevent==24.2.1
-greenlet==3.0.3
+greenlet==3.1.1
 hypothesis==6.45.0
-idna==3.7
-importlib-metadata==8.2.0
+idna==3.10
+importlib-metadata==8.5.0
 iniconfig==2.0.0
 itsdangerous==2.2.0
-jinja2==3.1.4
+jinja2==3.1.5
 markupsafe==2.0.1
 mock==5.1.0
 opentelemetry-api==1.15.0
@@ -29,22 +29,22 @@ opentelemetry-instrumentation-wsgi==0.45b0
 opentelemetry-semantic-conventions==0.45b0
 opentelemetry-util-http==0.45b0
 opentracing==2.4.0
-packaging==24.1
+packaging==24.2
 pluggy==1.5.0
-pytest==8.3.2
+pytest==8.3.4
 pytest-asyncio==0.21.1
 pytest-cov==5.0.0
 pytest-mock==3.14.0
 pytest-randomly==3.15.0
 requests==2.28.1
 sortedcontainers==2.4.0
-tomli==2.0.1
-urllib3==1.26.19
+tomli==2.2.1
+urllib3==1.26.20
 werkzeug==2.1.2
-wrapt==1.16.0
-zipp==3.19.2
+wrapt==1.17.0
+zipp==3.20.2
 zope-event==5.0
-zope-interface==6.4.post2
+zope-interface==7.2
 
 # The following packages are considered to be unsafe in a requirements file:
-setuptools==71.1.0
+setuptools==75.3.0
diff --git a/.riot/requirements/f4fafb3.txt b/.riot/requirements/f4fafb3.txt
index 09db801e27b..a659cb93729 100644
--- a/.riot/requirements/f4fafb3.txt
+++ b/.riot/requirements/f4fafb3.txt
@@ -4,21 +4,21 @@
 #
 #    pip-compile --allow-unsafe --no-annotate .riot/requirements/f4fafb3.in
 #
-attrs==24.2.0
-certifi==2024.8.30
+attrs==24.3.0
+certifi==2024.12.14
 charset-normalizer==2.1.1
-click==8.1.7
-coverage[toml]==7.6.1
-deprecated==1.2.14
+click==8.1.8
+coverage[toml]==7.6.10
+deprecated==1.2.15
 flask==2.1.3
-gevent==24.2.1
+gevent==24.11.1
 greenlet==3.1.1
 hypothesis==6.45.0
 idna==3.10
 importlib-metadata==8.0.0
 iniconfig==2.0.0
 itsdangerous==2.2.0
-jinja2==3.1.4
+jinja2==3.1.5
 markupsafe==2.0.1
 mock==5.1.0
 opentelemetry-api==1.26.0
@@ -28,21 +28,21 @@ opentelemetry-instrumentation-wsgi==0.47b0
 opentelemetry-semantic-conventions==0.47b0
 opentelemetry-util-http==0.47b0
 opentracing==2.4.0
-packaging==24.1
+packaging==24.2
 pluggy==1.5.0
-pytest==8.3.3
+pytest==8.3.4
 pytest-asyncio==0.21.1
-pytest-cov==5.0.0
+pytest-cov==6.0.0
 pytest-mock==3.14.0
-pytest-randomly==3.15.0
+pytest-randomly==3.16.0
 requests==2.28.1
 sortedcontainers==2.4.0
 urllib3==1.26.20
 werkzeug==2.1.2
-wrapt==1.16.0
-zipp==3.20.2
+wrapt==1.17.0
+zipp==3.21.0
 zope-event==5.0
-zope-interface==7.0.3
+zope-interface==7.2
 
 # The following packages are considered to be unsafe in a requirements file:
-setuptools==75.1.0
+setuptools==75.7.0
diff --git a/.riot/requirements/f65661f.txt b/.riot/requirements/f65661f.txt
index a83263be267..0c9b95e3c59 100644
--- a/.riot/requirements/f65661f.txt
+++ b/.riot/requirements/f65661f.txt
@@ -4,24 +4,24 @@
 #
 #    pip-compile --allow-unsafe --no-annotate .riot/requirements/f65661f.in
 #
-attrs==23.2.0
-coverage[toml]==7.6.0
-gevent==24.2.1
-greenlet==3.0.3
+attrs==24.3.0
+coverage[toml]==7.6.10
+gevent==24.11.1
+greenlet==3.1.1
 hypothesis==6.45.0
 iniconfig==2.0.0
 mock==5.1.0
 opentracing==2.4.0
-packaging==24.1
+packaging==24.2
 pluggy==1.5.0
-pytest==8.3.1
-pytest-cov==5.0.0
+pytest==8.3.4
+pytest-cov==6.0.0
 pytest-mock==3.14.0
-pytest-randomly==3.15.0
-redis==5.0.7
+pytest-randomly==3.16.0
+redis==5.2.1
 sortedcontainers==2.4.0
 zope-event==5.0
-zope-interface==6.4.post2
+zope-interface==7.2
 
 # The following packages are considered to be unsafe in a requirements file:
-setuptools==71.1.0
+setuptools==75.7.0
diff --git a/benchmarks/appsec_iast_aspects/scenario.py b/benchmarks/appsec_iast_aspects/scenario.py
index 145b43f1633..26d9f2a37bd 100644
--- a/benchmarks/appsec_iast_aspects/scenario.py
+++ b/benchmarks/appsec_iast_aspects/scenario.py
@@ -11,8 +11,8 @@
         from ddtrace.appsec._iast._iast_request_context import start_iast_context
     except ImportError:
         # Pre 2.15
-        from ddtrace.appsec._iast._taint_tracking import create_context as start_iast_context
-        from ddtrace.appsec._iast._taint_tracking import reset_context as end_iast_context
+        from ddtrace.appsec._iast._taint_tracking._context import create_context as start_iast_context
+        from ddtrace.appsec._iast._taint_tracking._context import reset_context as end_iast_context
 
         set_iast_request_enabled = lambda x: None  # noqa: E731
 
diff --git a/ddtrace/appsec/__init__.py b/ddtrace/appsec/__init__.py
index bc89c0f2127..05d1a852710 100644
--- a/ddtrace/appsec/__init__.py
+++ b/ddtrace/appsec/__init__.py
@@ -18,7 +18,7 @@ def load_appsec():
 
 def load_iast():
     """Lazily load the iast module listeners."""
-    from ddtrace.appsec._iast._iast_request_context import iast_listen
+    from ddtrace.appsec._iast._listener import iast_listen
 
     global _IAST_TO_BE_LOADED
     if _IAST_TO_BE_LOADED:
diff --git a/ddtrace/appsec/_asm_request_context.py b/ddtrace/appsec/_asm_request_context.py
index e3a87672e05..adb78a4447c 100644
--- a/ddtrace/appsec/_asm_request_context.py
+++ b/ddtrace/appsec/_asm_request_context.py
@@ -16,6 +16,12 @@
 from ddtrace.appsec._constants import APPSEC
 from ddtrace.appsec._constants import EXPLOIT_PREVENTION
 from ddtrace.appsec._constants import SPAN_DATA_NAMES
+from ddtrace.appsec._iast._iast_request_context import is_iast_request_enabled
+from ddtrace.appsec._iast._metrics import _set_metric_iast_instrumented_source
+from ddtrace.appsec._iast._taint_tracking import OriginType
+from ddtrace.appsec._iast._taint_tracking._taint_objects import taint_pyobject
+from ddtrace.appsec._iast._taint_utils import taint_structure
+from ddtrace.appsec._iast._utils import _is_iast_enabled
 from ddtrace.appsec._utils import add_context_log
 from ddtrace.appsec._utils import get_triggers
 from ddtrace.internal import core
@@ -488,13 +494,8 @@ def _on_wrapped_view(kwargs):
             return_value[0] = callback_block
 
     # If IAST is enabled, taint the Flask function kwargs (path parameters)
-    from ddtrace.appsec._iast._utils import _is_iast_enabled
 
     if _is_iast_enabled() and kwargs:
-        from ddtrace.appsec._iast._iast_request_context import is_iast_request_enabled
-        from ddtrace.appsec._iast._taint_tracking import OriginType
-        from ddtrace.appsec._iast._taint_tracking import taint_pyobject
-
         if not is_iast_request_enabled():
             return return_value
 
@@ -511,11 +512,6 @@ def _on_set_request_tags(request, span, flask_config):
     from ddtrace.appsec._iast._utils import _is_iast_enabled
 
     if _is_iast_enabled():
-        from ddtrace.appsec._iast._iast_request_context import is_iast_request_enabled
-        from ddtrace.appsec._iast._metrics import _set_metric_iast_instrumented_source
-        from ddtrace.appsec._iast._taint_tracking import OriginType
-        from ddtrace.appsec._iast._taint_utils import taint_structure
-
         _set_metric_iast_instrumented_source(OriginType.COOKIE_NAME)
         _set_metric_iast_instrumented_source(OriginType.COOKIE)
 
diff --git a/ddtrace/appsec/_common_module_patches.py b/ddtrace/appsec/_common_module_patches.py
index e7ce12d13e9..215d8b05ee6 100644
--- a/ddtrace/appsec/_common_module_patches.py
+++ b/ddtrace/appsec/_common_module_patches.py
@@ -14,6 +14,7 @@
 import ddtrace
 from ddtrace.appsec._asm_request_context import get_blocked
 from ddtrace.appsec._constants import WAF_ACTIONS
+from ddtrace.appsec._iast._iast_request_context import is_iast_request_enabled
 from ddtrace.appsec._iast._metrics import _set_metric_iast_instrumented_sink
 from ddtrace.appsec._iast.constants import VULN_PATH_TRAVERSAL
 from ddtrace.internal import core
@@ -60,14 +61,12 @@ def wrapped_read_F3E51D71B4EC16EF(original_read_callable, instance, args, kwargs
     """
     wrapper for _io.BytesIO and _io.StringIO read function
     """
-    from ddtrace.appsec._iast._iast_request_context import is_iast_request_enabled
-
     result = original_read_callable(*args, **kwargs)
     if asm_config._iast_enabled and is_iast_request_enabled():
         from ddtrace.appsec._iast._taint_tracking import OriginType
         from ddtrace.appsec._iast._taint_tracking import Source
-        from ddtrace.appsec._iast._taint_tracking import get_tainted_ranges
-        from ddtrace.appsec._iast._taint_tracking import taint_pyobject
+        from ddtrace.appsec._iast._taint_tracking._taint_objects import get_tainted_ranges
+        from ddtrace.appsec._iast._taint_tracking._taint_objects import taint_pyobject
 
         ranges = get_tainted_ranges(instance)
         if len(ranges) > 0:
@@ -89,8 +88,6 @@ def wrapped_open_CFDDB7ABBA9081B6(original_open_callable, instance, args, kwargs
     """
     wrapper for open file function
     """
-    from ddtrace.appsec._iast._iast_request_context import is_iast_request_enabled
-
     if asm_config._iast_enabled and is_iast_request_enabled():
         try:
             from ddtrace.appsec._iast.taint_sinks.path_traversal import check_and_report_path_traversal
@@ -180,8 +177,6 @@ def wrapped_request_D8CB81E472AF98A2(original_request_callable, instance, args,
     wrapper for third party requests.request function
     https://requests.readthedocs.io
     """
-    from ddtrace.appsec._iast._iast_request_context import is_iast_request_enabled
-
     if asm_config._iast_enabled and is_iast_request_enabled():
         from ddtrace.appsec._iast.taint_sinks.ssrf import _iast_report_ssrf
 
@@ -222,8 +217,6 @@ def wrapped_system_5542593D237084A7(original_command_callable, instance, args, k
     """
     command = args[0] if args else kwargs.get("command", None)
     if command is not None:
-        from ddtrace.appsec._iast._iast_request_context import is_iast_request_enabled
-
         if asm_config._iast_enabled and is_iast_request_enabled():
             from ddtrace.appsec._iast.taint_sinks.command_injection import _iast_report_cmdi
 
diff --git a/ddtrace/appsec/_iast/_ast/ast_patching.py b/ddtrace/appsec/_iast/_ast/ast_patching.py
index 7e2258bd556..dbbfd6ee0d9 100644
--- a/ddtrace/appsec/_iast/_ast/ast_patching.py
+++ b/ddtrace/appsec/_iast/_ast/ast_patching.py
@@ -27,6 +27,47 @@
 # Prefixes for modules where IAST patching is allowed
 IAST_ALLOWLIST: Tuple[Text, ...] = ("tests.appsec.iast.",)
 IAST_DENYLIST: Tuple[Text, ...] = (
+    "altgraph.",
+    "dipy.",
+    "black.",
+    "mypy.",
+    "mypy_extensions.",
+    "autopep8.",
+    "pycodestyle.",
+    "pydicom.",
+    "pyinstaller.",
+    "pystray.",
+    "contourpy.",
+    "cx_logging.",
+    "dateutil.",
+    "pytz.",
+    "wcwidth.",
+    "win32ctypes.",
+    "xlib.",
+    "cycler.",
+    "cython.",
+    "dnspython.",
+    "elasticdeform.",
+    "numpy.",
+    "matplotlib.",
+    "skbase.",
+    "scipy.",
+    "networkx.",
+    "imageio.",
+    "fonttools.",
+    "nibabel.",
+    "nilearn.",
+    "gprof2dot.",
+    "h5py.",
+    "kiwisolver.",
+    "pandas.",
+    "pdf2image.",
+    "pefile.",
+    "pil.",
+    "threadpoolctl.",
+    "tifffile.",
+    "tqdm.",
+    "trx.",
     "flask.",
     "werkzeug.",
     "aiohttp._helpers.",
@@ -110,6 +151,7 @@
     "difflib.",
     "dill.info.",
     "dill.settings.",
+    "silk.",  # django-silk package
     "django.apps.config.",
     "django.apps.registry.",
     "django.conf.",
diff --git a/ddtrace/appsec/_iast/_handlers.py b/ddtrace/appsec/_iast/_handlers.py
index 4ba0ecc86e0..2c681e548e9 100644
--- a/ddtrace/appsec/_iast/_handlers.py
+++ b/ddtrace/appsec/_iast/_handlers.py
@@ -5,15 +5,22 @@
 from wrapt import wrap_function_wrapper as _w
 
 from ddtrace.appsec._iast import _is_iast_enabled
+from ddtrace.appsec._iast._iast_request_context import in_iast_context
 from ddtrace.appsec._iast._metrics import _set_metric_iast_instrumented_source
 from ddtrace.appsec._iast._patch import _iast_instrument_starlette_request
 from ddtrace.appsec._iast._patch import _iast_instrument_starlette_request_body
 from ddtrace.appsec._iast._patch import _iast_instrument_starlette_url
 from ddtrace.appsec._iast._patch import _patched_dictionary
 from ddtrace.appsec._iast._patch import try_wrap_function_wrapper
+from ddtrace.appsec._iast._taint_tracking import OriginType
+from ddtrace.appsec._iast._taint_tracking import origin_to_str
+from ddtrace.appsec._iast._taint_tracking._taint_objects import is_pyobject_tainted
 from ddtrace.appsec._iast._taint_utils import taint_structure
 from ddtrace.internal.logger import get_logger
 
+from ._iast_request_context import is_iast_request_enabled
+from ._taint_tracking._taint_objects import taint_pyobject
+
 
 MessageMapContainer = None
 try:
@@ -48,15 +55,9 @@ def _on_set_http_meta_iast(
 
 
 def _on_request_init(wrapped, instance, args, kwargs):
-    from ddtrace.appsec._iast._iast_request_context import in_iast_context
-
     wrapped(*args, **kwargs)
     if _is_iast_enabled() and in_iast_context():
         try:
-            from ddtrace.appsec._iast._taint_tracking import OriginType
-            from ddtrace.appsec._iast._taint_tracking import origin_to_str
-            from ddtrace.appsec._iast._taint_tracking import taint_pyobject
-
             instance.query_string = taint_pyobject(
                 pyobject=instance.query_string,
                 source_name=origin_to_str(OriginType.QUERY),
@@ -75,8 +76,6 @@ def _on_request_init(wrapped, instance, args, kwargs):
 
 def _on_flask_patch(flask_version):
     if _is_iast_enabled():
-        from ddtrace.appsec._iast._taint_tracking import OriginType
-
         try_wrap_function_wrapper(
             "werkzeug.datastructures",
             "Headers.items",
@@ -132,11 +131,7 @@ def _on_flask_patch(flask_version):
 
 
 def _on_wsgi_environ(wrapped, _instance, args, kwargs):
-    from ddtrace.appsec._iast._iast_request_context import in_iast_context
-
     if _is_iast_enabled() and args and in_iast_context():
-        from ddtrace.appsec._iast._taint_tracking import OriginType
-
         return wrapped(*((taint_structure(args[0], OriginType.HEADER_NAME, OriginType.HEADER),) + args[1:]), **kwargs)
 
     return wrapped(*args, **kwargs)
@@ -145,8 +140,6 @@ def _on_wsgi_environ(wrapped, _instance, args, kwargs):
 def _on_django_patch():
     if _is_iast_enabled():
         try:
-            from ddtrace.appsec._iast._taint_tracking import OriginType
-
             # we instrument those sources on _on_django_func_wrapped
             _set_metric_iast_instrumented_source(OriginType.HEADER_NAME)
             _set_metric_iast_instrumented_source(OriginType.HEADER)
@@ -169,15 +162,9 @@ def _on_django_patch():
 
 
 def _on_django_func_wrapped(fn_args, fn_kwargs, first_arg_expected_type, *_):
-    # If IAST is enabled and we're wrapping a Django view call, taint the kwargs (view's
+    # If IAST is enabled, and we're wrapping a Django view call, taint the kwargs (view's
     # path parameters)
     if _is_iast_enabled() and fn_args and isinstance(fn_args[0], first_arg_expected_type):
-        from ddtrace.appsec._iast._iast_request_context import in_iast_context
-        from ddtrace.appsec._iast._taint_tracking import OriginType  # noqa: F401
-        from ddtrace.appsec._iast._taint_tracking import is_pyobject_tainted
-        from ddtrace.appsec._iast._taint_tracking import origin_to_str
-        from ddtrace.appsec._iast._taint_tracking import taint_pyobject
-
         if not in_iast_context():
             return
 
@@ -243,9 +230,6 @@ def _on_django_func_wrapped(fn_args, fn_kwargs, first_arg_expected_type, *_):
 
 
 def _custom_protobuf_getattribute(self, name):
-    from ddtrace.appsec._iast._taint_tracking import OriginType
-    from ddtrace.appsec._iast._taint_tracking import taint_pyobject
-
     ret = type(self).__saved_getattr(self, name)
     if isinstance(ret, (str, bytes, bytearray)):
         ret = taint_pyobject(
@@ -295,9 +279,6 @@ def _on_grpc_response(message):
 
 def if_iast_taint_yield_tuple_for(origins, wrapped, instance, args, kwargs):
     if _is_iast_enabled():
-        from ._iast_request_context import is_iast_request_enabled
-        from ._taint_tracking import taint_pyobject
-
         if not is_iast_request_enabled():
             for key, value in wrapped(*args, **kwargs):
                 yield key, value
@@ -316,17 +297,11 @@ def if_iast_taint_yield_tuple_for(origins, wrapped, instance, args, kwargs):
 
 def if_iast_taint_returned_object_for(origin, wrapped, instance, args, kwargs):
     value = wrapped(*args, **kwargs)
-    from ._iast_request_context import is_iast_request_enabled
 
     if _is_iast_enabled() and is_iast_request_enabled():
         try:
-            from ._taint_tracking import is_pyobject_tainted
-            from ._taint_tracking import taint_pyobject
-
             if not is_pyobject_tainted(value):
                 name = str(args[0]) if len(args) else "http.request.body"
-                from ddtrace.appsec._iast._taint_tracking import OriginType
-
                 if origin == OriginType.HEADER and name.lower() in ["cookie", "cookies"]:
                     origin = OriginType.COOKIE
                 return taint_pyobject(pyobject=value, source_name=name, source_value=value, source_origin=origin)
@@ -336,8 +311,6 @@ def if_iast_taint_returned_object_for(origin, wrapped, instance, args, kwargs):
 
 
 def _on_iast_fastapi_patch():
-    from ddtrace.appsec._iast._taint_tracking import OriginType
-
     # Cookies sources
     try_wrap_function_wrapper(
         "starlette.requests",
diff --git a/ddtrace/appsec/_iast/_iast_request_context.py b/ddtrace/appsec/_iast/_iast_request_context.py
index a28c2d3ff0d..07ad4c9c238 100644
--- a/ddtrace/appsec/_iast/_iast_request_context.py
+++ b/ddtrace/appsec/_iast/_iast_request_context.py
@@ -8,16 +8,11 @@
 from ddtrace.appsec._constants import IAST
 from ddtrace.appsec._iast import _is_iast_enabled
 from ddtrace.appsec._iast import oce
-from ddtrace.appsec._iast._handlers import _on_django_func_wrapped
-from ddtrace.appsec._iast._handlers import _on_django_patch
-from ddtrace.appsec._iast._handlers import _on_flask_patch
-from ddtrace.appsec._iast._handlers import _on_grpc_response
-from ddtrace.appsec._iast._handlers import _on_request_init
-from ddtrace.appsec._iast._handlers import _on_set_http_meta_iast
-from ddtrace.appsec._iast._handlers import _on_wsgi_environ
 from ddtrace.appsec._iast._metrics import _set_metric_iast_request_tainted
 from ddtrace.appsec._iast._metrics import _set_span_tag_iast_executed_sink
 from ddtrace.appsec._iast._metrics import _set_span_tag_iast_request_tainted
+from ddtrace.appsec._iast._taint_tracking._context import create_context as create_propagation_context
+from ddtrace.appsec._iast._taint_tracking._context import reset_context as reset_propagation_context
 from ddtrace.appsec._iast.reporter import IastSpanReporter
 from ddtrace.constants import ORIGIN_KEY
 from ddtrace.internal import core
@@ -63,15 +58,11 @@ def in_iast_context() -> bool:
 
 def start_iast_context():
     if _is_iast_enabled():
-        from ._taint_tracking import create_context as create_propagation_context
-
         create_propagation_context()
         core.set_item(_IAST_CONTEXT, IASTEnvironment())
 
 
 def end_iast_context(span: Optional[Span] = None):
-    from ._taint_tracking import reset_context as reset_propagation_context
-
     env = _get_iast_context()
     if env is not None and env.span is span:
         finalize_iast_env(env)
@@ -190,22 +181,3 @@ def _iast_start_request(span=None, *args, **kwargs):
             set_iast_request_enabled(request_iast_enabled)
     except Exception:
         log.debug("[IAST] Error starting IAST context", exc_info=True)
-
-
-def _on_grpc_server_response(message):
-    _on_grpc_response(message)
-
-
-def iast_listen():
-    core.on("grpc.client.response.message", _on_grpc_response)
-    core.on("grpc.server.response.message", _on_grpc_server_response)
-
-    core.on("set_http_meta_for_asm", _on_set_http_meta_iast)
-    core.on("django.patch", _on_django_patch)
-    core.on("django.wsgi_environ", _on_wsgi_environ, "wrapped_result")
-    core.on("django.func.wrapped", _on_django_func_wrapped)
-    core.on("flask.patch", _on_flask_patch)
-    core.on("flask.request_init", _on_request_init)
-
-    core.on("context.ended.wsgi.__call__", _iast_end_request)
-    core.on("context.ended.asgi.__call__", _iast_end_request)
diff --git a/ddtrace/appsec/_iast/_listener.py b/ddtrace/appsec/_iast/_listener.py
new file mode 100644
index 00000000000..356199a3cad
--- /dev/null
+++ b/ddtrace/appsec/_iast/_listener.py
@@ -0,0 +1,28 @@
+from ddtrace.appsec._iast._handlers import _on_django_func_wrapped
+from ddtrace.appsec._iast._handlers import _on_django_patch
+from ddtrace.appsec._iast._handlers import _on_flask_patch
+from ddtrace.appsec._iast._handlers import _on_grpc_response
+from ddtrace.appsec._iast._handlers import _on_request_init
+from ddtrace.appsec._iast._handlers import _on_set_http_meta_iast
+from ddtrace.appsec._iast._handlers import _on_wsgi_environ
+from ddtrace.appsec._iast._iast_request_context import _iast_end_request
+from ddtrace.internal import core
+
+
+def iast_listen():
+    core.on("grpc.client.response.message", _on_grpc_response)
+    core.on("grpc.server.response.message", _on_grpc_server_response)
+
+    core.on("set_http_meta_for_asm", _on_set_http_meta_iast)
+    core.on("django.patch", _on_django_patch)
+    core.on("django.wsgi_environ", _on_wsgi_environ, "wrapped_result")
+    core.on("django.func.wrapped", _on_django_func_wrapped)
+    core.on("flask.patch", _on_flask_patch)
+    core.on("flask.request_init", _on_request_init)
+
+    core.on("context.ended.wsgi.__call__", _iast_end_request)
+    core.on("context.ended.asgi.__call__", _iast_end_request)
+
+
+def _on_grpc_server_response(message):
+    _on_grpc_response(message)
diff --git a/ddtrace/appsec/_iast/_patch.py b/ddtrace/appsec/_iast/_patch.py
index 92d776c79cb..b1bf1f04989 100644
--- a/ddtrace/appsec/_iast/_patch.py
+++ b/ddtrace/appsec/_iast/_patch.py
@@ -5,10 +5,12 @@
 from wrapt import FunctionWrapper
 
 from ddtrace.appsec._common_module_patches import wrap_object
+from ddtrace.appsec._iast._taint_tracking import OriginType
+from ddtrace.appsec._iast._taint_tracking import origin_to_str
+from ddtrace.appsec._iast._taint_tracking._taint_objects import taint_pyobject
+from ddtrace.appsec._iast._taint_utils import taint_structure
 from ddtrace.internal.logger import get_logger
 
-from ._taint_utils import taint_structure
-
 
 log = get_logger(__name__)
 
@@ -48,10 +50,6 @@ def _patched_dictionary(origin_key, origin_value, original_func, instance, args,
 
 
 def _iast_instrument_starlette_url(wrapped, instance, args, kwargs):
-    from ddtrace.appsec._iast._taint_tracking import OriginType
-    from ddtrace.appsec._iast._taint_tracking import origin_to_str
-    from ddtrace.appsec._iast._taint_tracking import taint_pyobject
-
     def path(self) -> str:
         return taint_pyobject(
             self.components.path,
@@ -65,8 +63,6 @@ def path(self) -> str:
 
 
 def _iast_instrument_starlette_request(wrapped, instance, args, kwargs):
-    from ddtrace.appsec._iast._taint_tracking import OriginType
-
     def receive(self):
         """This pattern comes from a Request._receive property, which returns a callable"""
 
@@ -82,10 +78,6 @@ async def wrapped_property_call():
 
 
 async def _iast_instrument_starlette_request_body(wrapped, instance, args, kwargs):
-    from ddtrace.appsec._iast._taint_tracking import OriginType
-    from ddtrace.appsec._iast._taint_tracking import origin_to_str
-    from ddtrace.appsec._iast._taint_tracking import taint_pyobject
-
     result = await wrapped(*args, **kwargs)
 
     return taint_pyobject(
@@ -94,9 +86,6 @@ async def _iast_instrument_starlette_request_body(wrapped, instance, args, kwarg
 
 
 def _iast_instrument_starlette_scope(scope):
-    from ddtrace.appsec._iast._taint_tracking import OriginType
-    from ddtrace.appsec._iast._taint_tracking import taint_pyobject
-
     if scope.get("path_params"):
         try:
             for k, v in scope["path_params"].items():
diff --git a/ddtrace/appsec/_iast/_patches/json_tainting.py b/ddtrace/appsec/_iast/_patches/json_tainting.py
index 28cfe41e592..44df9847ba1 100644
--- a/ddtrace/appsec/_iast/_patches/json_tainting.py
+++ b/ddtrace/appsec/_iast/_patches/json_tainting.py
@@ -43,8 +43,8 @@ def wrapped_loads(wrapped, instance, args, kwargs):
 
     obj = wrapped(*args, **kwargs)
     if asm_config._iast_enabled and is_iast_request_enabled():
-        from .._taint_tracking import get_tainted_ranges
-        from .._taint_tracking import taint_pyobject
+        from .._taint_tracking._taint_objects import get_tainted_ranges
+        from .._taint_tracking._taint_objects import taint_pyobject
 
         ranges = get_tainted_ranges(args[0])
 
diff --git a/ddtrace/appsec/_iast/_taint_tracking/__init__.py b/ddtrace/appsec/_iast/_taint_tracking/__init__.py
index 839f4b3537f..3dccbd2f345 100644
--- a/ddtrace/appsec/_iast/_taint_tracking/__init__.py
+++ b/ddtrace/appsec/_iast/_taint_tracking/__init__.py
@@ -1,77 +1,49 @@
-from io import BytesIO
-from io import StringIO
-import itertools
-from typing import TYPE_CHECKING  # noqa:F401
-from typing import Any
-from typing import Tuple
-
-
-if TYPE_CHECKING:  # pragma: no cover
-    from typing import Sequence  # noqa:F401
-
-from ddtrace.internal._unpatched import _threading as threading
+from ddtrace.appsec._iast._taint_tracking._native import ops  # noqa: F401
+from ddtrace.appsec._iast._taint_tracking._native.aspect_format import _format_aspect  # noqa: F401
+from ddtrace.appsec._iast._taint_tracking._native.aspect_helpers import _convert_escaped_text_to_tainted_text
+
+# noqa: F401
+from ddtrace.appsec._iast._taint_tracking._native.aspect_helpers import as_formatted_evidence  # noqa: F401
+from ddtrace.appsec._iast._taint_tracking._native.aspect_helpers import common_replace  # noqa: F401
+from ddtrace.appsec._iast._taint_tracking._native.aspect_helpers import parse_params  # noqa: F401
+from ddtrace.appsec._iast._taint_tracking._native.aspect_helpers import set_ranges_on_splitted  # noqa: F401
+from ddtrace.appsec._iast._taint_tracking._native.aspect_split import _aspect_rsplit  # noqa: F401
+from ddtrace.appsec._iast._taint_tracking._native.aspect_split import _aspect_split  # noqa: F401
+from ddtrace.appsec._iast._taint_tracking._native.aspect_split import _aspect_splitlines  # noqa: F401
+from ddtrace.appsec._iast._taint_tracking._native.aspects_ospath import _aspect_ospathbasename  # noqa: F401
+from ddtrace.appsec._iast._taint_tracking._native.aspects_ospath import _aspect_ospathdirname  # noqa: F401
+from ddtrace.appsec._iast._taint_tracking._native.aspects_ospath import _aspect_ospathjoin  # noqa: F401
+from ddtrace.appsec._iast._taint_tracking._native.aspects_ospath import _aspect_ospathnormcase  # noqa: F401
+from ddtrace.appsec._iast._taint_tracking._native.aspects_ospath import _aspect_ospathsplit  # noqa: F401
+from ddtrace.appsec._iast._taint_tracking._native.aspects_ospath import _aspect_ospathsplitdrive  # noqa: F401
+from ddtrace.appsec._iast._taint_tracking._native.aspects_ospath import _aspect_ospathsplitext  # noqa: F401
+from ddtrace.appsec._iast._taint_tracking._native.aspects_ospath import _aspect_ospathsplitroot  # noqa: F401
+from ddtrace.appsec._iast._taint_tracking._native.initializer import active_map_addreses_size  # noqa: F401
+from ddtrace.appsec._iast._taint_tracking._native.initializer import debug_taint_map  # noqa: F401
+from ddtrace.appsec._iast._taint_tracking._native.initializer import initializer_size  # noqa: F401
+from ddtrace.appsec._iast._taint_tracking._native.initializer import num_objects_tainted  # noqa: F401
+from ddtrace.appsec._iast._taint_tracking._native.taint_tracking import OriginType  # noqa: F401
+from ddtrace.appsec._iast._taint_tracking._native.taint_tracking import Source  # noqa: F401
+from ddtrace.appsec._iast._taint_tracking._native.taint_tracking import TagMappingMode  # noqa: F401
+from ddtrace.appsec._iast._taint_tracking._native.taint_tracking import are_all_text_all_ranges  # noqa: F401
+from ddtrace.appsec._iast._taint_tracking._native.taint_tracking import copy_and_shift_ranges_from_strings  # noqa: F401
+from ddtrace.appsec._iast._taint_tracking._native.taint_tracking import copy_ranges_from_strings  # noqa: F401
+from ddtrace.appsec._iast._taint_tracking._native.taint_tracking import get_range_by_hash  # noqa: F401
+from ddtrace.appsec._iast._taint_tracking._native.taint_tracking import get_ranges  # noqa: F401
+from ddtrace.appsec._iast._taint_tracking._native.taint_tracking import is_tainted  # noqa: F401
+from ddtrace.appsec._iast._taint_tracking._native.taint_tracking import origin_to_str  # noqa: F401
+
+# noqa: F401
+from ddtrace.appsec._iast._taint_tracking._native.taint_tracking import set_ranges  # noqa: F401
+from ddtrace.appsec._iast._taint_tracking._native.taint_tracking import shift_taint_range  # noqa: F401
+from ddtrace.appsec._iast._taint_tracking._native.taint_tracking import shift_taint_ranges  # noqa: F401
+from ddtrace.appsec._iast._taint_tracking._native.taint_tracking import str_to_origin  # noqa: F401
+from ddtrace.appsec._iast._taint_tracking._native.taint_tracking import taint_range as TaintRange  # noqa: F401
 from ddtrace.internal.logger import get_logger
 
-from ..._constants import IAST
-from ..._constants import IAST_SPAN_TAGS
-from .._iast_request_context import is_iast_request_enabled
-from .._metrics import _set_iast_error_metric
-from .._metrics import _set_metric_iast_executed_source
-from .._metrics import increment_iast_span_metric
-from .._utils import _is_iast_debug_enabled
-from .._utils import _is_iast_propagation_debug_enabled
-from .._utils import _is_python_version_supported
-
 
 log = get_logger(__name__)
 
-if _is_python_version_supported():
-    from ._native import ops
-    from ._native.aspect_format import _format_aspect
-    from ._native.aspect_helpers import _convert_escaped_text_to_tainted_text
-    from ._native.aspect_helpers import as_formatted_evidence
-    from ._native.aspect_helpers import common_replace
-    from ._native.aspect_helpers import parse_params
-    from ._native.aspect_helpers import set_ranges_on_splitted
-    from ._native.aspect_split import _aspect_rsplit
-    from ._native.aspect_split import _aspect_split
-    from ._native.aspect_split import _aspect_splitlines
-    from ._native.aspects_ospath import _aspect_ospathbasename
-    from ._native.aspects_ospath import _aspect_ospathdirname
-    from ._native.aspects_ospath import _aspect_ospathjoin
-    from ._native.aspects_ospath import _aspect_ospathnormcase
-    from ._native.aspects_ospath import _aspect_ospathsplit
-    from ._native.aspects_ospath import _aspect_ospathsplitdrive
-    from ._native.aspects_ospath import _aspect_ospathsplitext
-    from ._native.aspects_ospath import _aspect_ospathsplitroot
-    from ._native.initializer import active_map_addreses_size
-    from ._native.initializer import create_context
-    from ._native.initializer import debug_taint_map
-    from ._native.initializer import initializer_size
-    from ._native.initializer import num_objects_tainted
-    from ._native.initializer import reset_context
-    from ._native.initializer import reset_contexts
-    from ._native.taint_tracking import OriginType
-    from ._native.taint_tracking import Source
-    from ._native.taint_tracking import TagMappingMode
-    from ._native.taint_tracking import are_all_text_all_ranges
-    from ._native.taint_tracking import copy_and_shift_ranges_from_strings
-    from ._native.taint_tracking import copy_ranges_from_strings
-    from ._native.taint_tracking import get_range_by_hash
-    from ._native.taint_tracking import get_ranges
-    from ._native.taint_tracking import is_notinterned_notfasttainted_unicode
-    from ._native.taint_tracking import is_tainted
-    from ._native.taint_tracking import origin_to_str
-    from ._native.taint_tracking import set_fast_tainted_if_notinterned_unicode
-    from ._native.taint_tracking import set_ranges
-    from ._native.taint_tracking import shift_taint_range
-    from ._native.taint_tracking import shift_taint_ranges
-    from ._native.taint_tracking import str_to_origin
-    from ._native.taint_tracking import taint_range as TaintRange
-
-    new_pyobject_id = ops.new_pyobject_id
-    set_ranges_from_values = ops.set_ranges_from_values
-
 __all__ = [
     "OriginType",
     "Source",
@@ -103,10 +75,9 @@
     "debug_taint_map",
     "get_range_by_hash",
     "get_ranges",
-    "iast_taint_log_error",
     "initializer_size",
+    "is_tainted",
     "is_notinterned_notfasttainted_unicode",
-    "is_pyobject_tainted",
     "modulo_aspect",
     "new_pyobject_id",
     "num_objects_tainted",
@@ -121,198 +92,6 @@
     "shift_taint_range",
     "shift_taint_ranges",
     "str_to_origin",
-    "taint_pyobject",
 ]
-
-
-def iast_taint_log_error(msg):
-    if _is_iast_debug_enabled():
-        import inspect
-
-        stack = inspect.stack()
-        frame_info = "\n".join("%s %s" % (frame_info.filename, frame_info.lineno) for frame_info in stack[:7])
-        log.debug("[IAST] Propagation error. %s:\n%s", msg, frame_info)
-    _set_iast_error_metric("[IAST] Propagation error. %s" % msg)
-
-
-def is_pyobject_tainted(pyobject: Any) -> bool:
-    if not is_iast_request_enabled():
-        return False
-    if not isinstance(pyobject, IAST.TAINTEABLE_TYPES):  # type: ignore[misc]
-        return False
-
-    try:
-        return is_tainted(pyobject)
-    except ValueError as e:
-        iast_taint_log_error("Checking tainted object error: %s" % e)
-    return False
-
-
-def _taint_pyobject_base(pyobject: Any, source_name: Any, source_value: Any, source_origin=None) -> Any:
-    if not is_iast_request_enabled():
-        return pyobject
-
-    if not isinstance(pyobject, IAST.TAINTEABLE_TYPES):  # type: ignore[misc]
-        return pyobject
-    # We need this validation in different condition if pyobject is not a text type and creates a side-effect such as
-    # __len__ magic method call.
-    pyobject_len = 0
-    if isinstance(pyobject, IAST.TEXT_TYPES):
-        pyobject_len = len(pyobject)
-        if pyobject_len == 0:
-            return pyobject
-
-    if isinstance(source_name, (bytes, bytearray)):
-        source_name = str(source_name, encoding="utf8", errors="ignore")
-    if isinstance(source_name, OriginType):
-        source_name = origin_to_str(source_name)
-
-    if isinstance(source_value, (bytes, bytearray)):
-        source_value = str(source_value, encoding="utf8", errors="ignore")
-    if source_origin is None:
-        source_origin = OriginType.PARAMETER
-
-    try:
-        pyobject_newid = set_ranges_from_values(pyobject, pyobject_len, source_name, source_value, source_origin)
-        return pyobject_newid
-    except ValueError as e:
-        log.debug("Tainting object error (pyobject type %s): %s", type(pyobject), e, exc_info=True)
-    return pyobject
-
-
-def taint_pyobject(pyobject: Any, source_name: Any, source_value: Any, source_origin=None) -> Any:
-    try:
-        if source_origin is None:
-            source_origin = OriginType.PARAMETER
-
-        res = _taint_pyobject_base(pyobject, source_name, source_value, source_origin)
-        _set_metric_iast_executed_source(source_origin)
-        increment_iast_span_metric(IAST_SPAN_TAGS.TELEMETRY_EXECUTED_SOURCE, source_origin)
-        return res
-    except ValueError as e:
-        log.debug("Tainting object error (pyobject type %s): %s", type(pyobject), e)
-    return pyobject
-
-
-def taint_pyobject_with_ranges(pyobject: Any, ranges: Tuple) -> bool:
-    if not is_iast_request_enabled():
-        return False
-    if not isinstance(pyobject, IAST.TAINTEABLE_TYPES):  # type: ignore[misc]
-        return False
-    try:
-        set_ranges(pyobject, ranges)
-        return True
-    except ValueError as e:
-        iast_taint_log_error("Tainting object with ranges error (pyobject type %s): %s" % (type(pyobject), e))
-    return False
-
-
-def get_tainted_ranges(pyobject: Any) -> Tuple:
-    if not is_iast_request_enabled():
-        return tuple()
-    if not isinstance(pyobject, IAST.TAINTEABLE_TYPES):  # type: ignore[misc]
-        return tuple()
-    try:
-        return get_ranges(pyobject)
-    except ValueError as e:
-        iast_taint_log_error("Get ranges error (pyobject type %s): %s" % (type(pyobject), e))
-    return tuple()
-
-
-if _is_iast_propagation_debug_enabled():
-    TAINTED_FRAMES = []
-
-    def trace_calls_and_returns(frame, event, arg):
-        co = frame.f_code
-        func_name = co.co_name
-        if func_name == "write":
-            # Ignore write() calls from print statements
-            return
-        if func_name in ("is_pyobject_tainted", "__repr__"):
-            return
-        line_no = frame.f_lineno
-        filename = co.co_filename
-        if "ddtrace" in filename:
-            return
-        if event == "call":
-            f_locals = frame.f_locals
-            try:
-                if any([is_pyobject_tainted(f_locals[arg]) for arg in f_locals]):
-                    TAINTED_FRAMES.append(frame)
-                    log.debug("Call to %s on line %s of %s, args: %s", func_name, line_no, filename, frame.f_locals)
-                    log.debug("Tainted arguments:")
-                    for arg in f_locals:
-                        if is_pyobject_tainted(f_locals[arg]):
-                            log.debug("\t%s: %s", arg, f_locals[arg])
-                    log.debug("-----")
-                return trace_calls_and_returns
-            except AttributeError:
-                pass
-        elif event == "return":
-            if frame in TAINTED_FRAMES:
-                TAINTED_FRAMES.remove(frame)
-                log.debug("Return from %s on line %d of %s, return value: %s", func_name, line_no, filename, arg)
-                if isinstance(arg, (str, bytes, bytearray, BytesIO, StringIO, list, tuple, dict)):
-                    if (
-                        (isinstance(arg, (str, bytes, bytearray, BytesIO, StringIO)) and is_pyobject_tainted(arg))
-                        or (isinstance(arg, (list, tuple)) and any([is_pyobject_tainted(x) for x in arg]))
-                        or (isinstance(arg, dict) and any([is_pyobject_tainted(x) for x in arg.values()]))
-                    ):
-                        log.debug("Return value is tainted")
-                    else:
-                        log.debug("Return value is NOT tainted")
-                log.debug("-----")
-        return
-
-    threading.settrace(trace_calls_and_returns)
-
-
-def copy_ranges_to_string(pyobject, ranges):
-    # type: (str, Sequence[TaintRange]) -> str
-    # NB this function uses comment-based type annotation because TaintRange is conditionally imported
-    if not isinstance(pyobject, IAST.TAINTEABLE_TYPES):  # type: ignore[misc]
-        return pyobject
-
-    for r in ranges:
-        _is_string_in_source_value = False
-        if r.source.value:
-            if isinstance(pyobject, (bytes, bytearray)):
-                pyobject_str = str(pyobject, encoding="utf8", errors="ignore")
-            else:
-                pyobject_str = pyobject
-            _is_string_in_source_value = pyobject_str in r.source.value
-
-        if _is_string_in_source_value:
-            pyobject = _taint_pyobject_base(
-                pyobject=pyobject,
-                source_name=r.source.name,
-                source_value=r.source.value,
-                source_origin=r.source.origin,
-            )
-            break
-    else:
-        # no total match found, maybe partial match, just take the first one
-        pyobject = _taint_pyobject_base(
-            pyobject=pyobject,
-            source_name=ranges[0].source.name,
-            source_value=ranges[0].source.value,
-            source_origin=ranges[0].source.origin,
-        )
-    return pyobject
-
-
-# Given a list of ranges, try to match them with the iterable and return a new iterable with a new range applied that
-# matched the original one Source. If no range matches, take the Source from the first one.
-def copy_ranges_to_iterable_with_strings(iterable, ranges):
-    # type: (Sequence[str], Sequence[TaintRange]) -> Sequence[str]
-    # NB this function uses comment-based type annotation because TaintRange is conditionally imported
-    iterable_type = type(iterable)
-
-    new_result = []
-    # do this so it doesn't consume a potential generator
-    items, items_backup = itertools.tee(iterable)
-    for i in items_backup:
-        i = copy_ranges_to_string(i, ranges)
-        new_result.append(i)
-
-    return iterable_type(new_result)  # type: ignore[call-arg]
+new_pyobject_id = ops.new_pyobject_id
+set_ranges_from_values = ops.set_ranges_from_values
diff --git a/ddtrace/appsec/_iast/_taint_tracking/_context.py b/ddtrace/appsec/_iast/_taint_tracking/_context.py
new file mode 100644
index 00000000000..160d229faec
--- /dev/null
+++ b/ddtrace/appsec/_iast/_taint_tracking/_context.py
@@ -0,0 +1,10 @@
+from ddtrace.appsec._iast._taint_tracking._native.initializer import create_context  # noqa: F401
+from ddtrace.appsec._iast._taint_tracking._native.initializer import reset_context  # noqa: F401
+from ddtrace.appsec._iast._taint_tracking._native.initializer import reset_contexts  # noqa: F401
+
+
+__all__ = [
+    "create_context",
+    "reset_context",
+    "reset_contexts",
+]
diff --git a/ddtrace/appsec/_iast/_taint_tracking/_debug.py b/ddtrace/appsec/_iast/_taint_tracking/_debug.py
new file mode 100644
index 00000000000..6b7e6ec4d3d
--- /dev/null
+++ b/ddtrace/appsec/_iast/_taint_tracking/_debug.py
@@ -0,0 +1,57 @@
+from io import BytesIO
+from io import StringIO
+
+from ddtrace.appsec._iast._taint_tracking._taint_objects import is_pyobject_tainted
+from ddtrace.appsec._iast._utils import _is_iast_propagation_debug_enabled
+from ddtrace.internal._unpatched import _threading as threading
+from ddtrace.internal.logger import get_logger
+
+
+log = get_logger(__name__)
+
+if _is_iast_propagation_debug_enabled():
+    TAINTED_FRAMES = []
+
+    def trace_calls_and_returns(frame, event, arg):
+        co = frame.f_code
+        func_name = co.co_name
+        if func_name == "write":
+            # Ignore write() calls from print statements
+            return
+        if func_name in ("is_pyobject_tainted", "__repr__"):
+            return
+        line_no = frame.f_lineno
+        filename = co.co_filename
+        if "ddtrace" in filename:
+            return
+        if event == "call":
+            f_locals = frame.f_locals
+            try:
+                if any([is_pyobject_tainted(f_locals[arg]) for arg in f_locals]):
+                    TAINTED_FRAMES.append(frame)
+                    log.debug("Call to %s on line %s of %s, args: %s", func_name, line_no, filename, frame.f_locals)
+                    log.debug("Tainted arguments:")
+                    for arg in f_locals:
+                        if is_pyobject_tainted(f_locals[arg]):
+                            log.debug("\t%s: %s", arg, f_locals[arg])
+                    log.debug("-----")
+                return trace_calls_and_returns
+            except AttributeError:
+                pass
+        elif event == "return":
+            if frame in TAINTED_FRAMES:
+                TAINTED_FRAMES.remove(frame)
+                log.debug("Return from %s on line %d of %s, return value: %s", func_name, line_no, filename, arg)
+                if isinstance(arg, (str, bytes, bytearray, BytesIO, StringIO, list, tuple, dict)):
+                    if (
+                        (isinstance(arg, (str, bytes, bytearray, BytesIO, StringIO)) and is_pyobject_tainted(arg))
+                        or (isinstance(arg, (list, tuple)) and any([is_pyobject_tainted(x) for x in arg]))
+                        or (isinstance(arg, dict) and any([is_pyobject_tainted(x) for x in arg.values()]))
+                    ):
+                        log.debug("Return value is tainted")
+                    else:
+                        log.debug("Return value is NOT tainted")
+                log.debug("-----")
+        return
+
+    threading.settrace(trace_calls_and_returns)
diff --git a/ddtrace/appsec/_iast/_taint_tracking/_errors.py b/ddtrace/appsec/_iast/_taint_tracking/_errors.py
new file mode 100644
index 00000000000..0d7c2fb856b
--- /dev/null
+++ b/ddtrace/appsec/_iast/_taint_tracking/_errors.py
@@ -0,0 +1,16 @@
+import inspect
+
+from ddtrace.appsec._iast._metrics import _set_iast_error_metric
+from ddtrace.appsec._iast._utils import _is_iast_debug_enabled
+from ddtrace.internal.logger import get_logger
+
+
+log = get_logger(__name__)
+
+
+def iast_taint_log_error(msg):
+    if _is_iast_debug_enabled():
+        stack = inspect.stack()
+        frame_info = "\n".join("%s %s" % (frame_info.filename, frame_info.lineno) for frame_info in stack[:7])
+        log.debug("[IAST] Propagation error. %s:\n%s", msg, frame_info)
+    _set_iast_error_metric("[IAST] Propagation error. %s" % msg)
diff --git a/ddtrace/appsec/_iast/_taint_tracking/_native.cpp b/ddtrace/appsec/_iast/_taint_tracking/_native.cpp
index 170c12d8429..e0605a853b5 100644
--- a/ddtrace/appsec/_iast/_taint_tracking/_native.cpp
+++ b/ddtrace/appsec/_iast/_taint_tracking/_native.cpp
@@ -64,19 +64,6 @@ static struct PyModuleDef ops = { PyModuleDef_HEAD_INIT,
  */
 PYBIND11_MODULE(_native, m)
 {
-    const char* env_iast_enabled = std::getenv("DD_IAST_ENABLED");
-    if (env_iast_enabled == nullptr) {
-        py::module::import("logging").attr("warning")("IAST not enabled but native module is being loaded");
-    } else {
-        std::string iast_enabled = std::string(env_iast_enabled);
-        std::transform(iast_enabled.begin(), iast_enabled.end(), iast_enabled.begin(), [](unsigned char c) {
-            return std::tolower(c);
-        });
-        if (iast_enabled != "true" && iast_enabled != "1") {
-            py::module::import("logging").attr("warning")("IAST not enabled but native module is being loaded");
-        }
-    }
-
     initializer = make_unique<Initializer>();
 
     // Create a atexit callback to cleanup the Initializer before the interpreter finishes
diff --git a/ddtrace/appsec/_iast/_taint_tracking/_taint_objects.py b/ddtrace/appsec/_iast/_taint_tracking/_taint_objects.py
new file mode 100644
index 00000000000..660e8b8e69b
--- /dev/null
+++ b/ddtrace/appsec/_iast/_taint_tracking/_taint_objects.py
@@ -0,0 +1,154 @@
+import itertools
+from typing import Any
+from typing import Sequence
+from typing import Tuple
+
+from ddtrace.appsec._constants import IAST
+from ddtrace.appsec._constants import IAST_SPAN_TAGS
+from ddtrace.appsec._iast._iast_request_context import is_iast_request_enabled
+from ddtrace.appsec._iast._metrics import _set_metric_iast_executed_source
+from ddtrace.appsec._iast._metrics import increment_iast_span_metric
+from ddtrace.appsec._iast._taint_tracking import OriginType
+from ddtrace.appsec._iast._taint_tracking import TaintRange
+from ddtrace.appsec._iast._taint_tracking import get_ranges
+from ddtrace.appsec._iast._taint_tracking import is_tainted
+from ddtrace.appsec._iast._taint_tracking import origin_to_str
+from ddtrace.appsec._iast._taint_tracking import set_ranges
+from ddtrace.appsec._iast._taint_tracking import set_ranges_from_values
+from ddtrace.appsec._iast._taint_tracking._errors import iast_taint_log_error
+from ddtrace.internal.logger import get_logger
+
+
+log = get_logger(__name__)
+
+
+def is_pyobject_tainted(pyobject: Any) -> bool:
+    if not is_iast_request_enabled():
+        return False
+    if not isinstance(pyobject, IAST.TAINTEABLE_TYPES):  # type: ignore[misc]
+        return False
+
+    try:
+        return is_tainted(pyobject)
+    except ValueError as e:
+        iast_taint_log_error("Checking tainted object error: %s" % e)
+    return False
+
+
+def _taint_pyobject_base(pyobject: Any, source_name: Any, source_value: Any, source_origin=None) -> Any:
+    if not is_iast_request_enabled():
+        return pyobject
+
+    if not isinstance(pyobject, IAST.TAINTEABLE_TYPES):  # type: ignore[misc]
+        return pyobject
+    # We need this validation in different condition if pyobject is not a text type and creates a side-effect such as
+    # __len__ magic method call.
+    pyobject_len = 0
+    if isinstance(pyobject, IAST.TEXT_TYPES):
+        pyobject_len = len(pyobject)
+        if pyobject_len == 0:
+            return pyobject
+
+    if isinstance(source_name, (bytes, bytearray)):
+        source_name = str(source_name, encoding="utf8", errors="ignore")
+    if isinstance(source_name, OriginType):
+        source_name = origin_to_str(source_name)
+
+    if isinstance(source_value, (bytes, bytearray)):
+        source_value = str(source_value, encoding="utf8", errors="ignore")
+    if source_origin is None:
+        source_origin = OriginType.PARAMETER
+
+    try:
+        pyobject_newid = set_ranges_from_values(pyobject, pyobject_len, source_name, source_value, source_origin)
+        return pyobject_newid
+    except ValueError as e:
+        log.debug("Tainting object error (pyobject type %s): %s", type(pyobject), e, exc_info=True)
+    return pyobject
+
+
+def taint_pyobject_with_ranges(pyobject: Any, ranges: Tuple) -> bool:
+    if not is_iast_request_enabled():
+        return False
+    if not isinstance(pyobject, IAST.TAINTEABLE_TYPES):  # type: ignore[misc]
+        return False
+    try:
+        set_ranges(pyobject, ranges)
+        return True
+    except ValueError as e:
+        iast_taint_log_error("Tainting object with ranges error (pyobject type %s): %s" % (type(pyobject), e))
+    return False
+
+
+def get_tainted_ranges(pyobject: Any) -> Tuple:
+    if not is_iast_request_enabled():
+        return tuple()
+    if not isinstance(pyobject, IAST.TAINTEABLE_TYPES):  # type: ignore[misc]
+        return tuple()
+    try:
+        return get_ranges(pyobject)
+    except ValueError as e:
+        iast_taint_log_error("Get ranges error (pyobject type %s): %s" % (type(pyobject), e))
+    return tuple()
+
+
+def taint_pyobject(pyobject: Any, source_name: Any, source_value: Any, source_origin=None) -> Any:
+    try:
+        if source_origin is None:
+            source_origin = OriginType.PARAMETER
+
+        res = _taint_pyobject_base(pyobject, source_name, source_value, source_origin)
+        _set_metric_iast_executed_source(source_origin)
+        increment_iast_span_metric(IAST_SPAN_TAGS.TELEMETRY_EXECUTED_SOURCE, source_origin)
+        return res
+    except ValueError as e:
+        log.debug("Tainting object error (pyobject type %s): %s", type(pyobject), e)
+    return pyobject
+
+
+def copy_ranges_to_string(pyobject: str, ranges: Sequence[TaintRange]) -> str:
+    # NB this function uses comment-based type annotation because TaintRange is conditionally imported
+    if not isinstance(pyobject, IAST.TAINTEABLE_TYPES):  # type: ignore[misc]
+        return pyobject
+
+    for r in ranges:
+        _is_string_in_source_value = False
+        if r.source.value:
+            if isinstance(pyobject, (bytes, bytearray)):
+                pyobject_str = str(pyobject, encoding="utf8", errors="ignore")
+            else:
+                pyobject_str = pyobject
+            _is_string_in_source_value = pyobject_str in r.source.value
+
+        if _is_string_in_source_value:
+            pyobject = _taint_pyobject_base(
+                pyobject=pyobject,
+                source_name=r.source.name,
+                source_value=r.source.value,
+                source_origin=r.source.origin,
+            )
+            break
+    else:
+        # no total match found, maybe partial match, just take the first one
+        pyobject = _taint_pyobject_base(
+            pyobject=pyobject,
+            source_name=ranges[0].source.name,
+            source_value=ranges[0].source.value,
+            source_origin=ranges[0].source.origin,
+        )
+    return pyobject
+
+
+def copy_ranges_to_iterable_with_strings(iterable, ranges):
+    # type: (Sequence[str], Sequence[TaintRange]) -> Sequence[str]
+    # NB this function uses comment-based type annotation because TaintRange is conditionally imported
+    iterable_type = type(iterable)
+
+    new_result = []
+    # do this so it doesn't consume a potential generator
+    items, items_backup = itertools.tee(iterable)
+    for i in items_backup:
+        i = copy_ranges_to_string(i, ranges)
+        new_result.append(i)
+
+    return iterable_type(new_result)  # type: ignore[call-arg]
diff --git a/ddtrace/appsec/_iast/_taint_tracking/aspects.py b/ddtrace/appsec/_iast/_taint_tracking/aspects.py
index d70dc76449c..925cd4a5b9d 100644
--- a/ddtrace/appsec/_iast/_taint_tracking/aspects.py
+++ b/ddtrace/appsec/_iast/_taint_tracking/aspects.py
@@ -19,39 +19,38 @@
 import _io
 
 from ddtrace.appsec._constants import IAST
-
-from .._taint_tracking import TagMappingMode
-from .._taint_tracking import TaintRange
-from .._taint_tracking import _aspect_ospathbasename
-from .._taint_tracking import _aspect_ospathdirname
-from .._taint_tracking import _aspect_ospathjoin
-from .._taint_tracking import _aspect_ospathnormcase
-from .._taint_tracking import _aspect_ospathsplit
-from .._taint_tracking import _aspect_ospathsplitdrive
-from .._taint_tracking import _aspect_ospathsplitext
-from .._taint_tracking import _aspect_ospathsplitroot
-from .._taint_tracking import _aspect_rsplit
-from .._taint_tracking import _aspect_split
-from .._taint_tracking import _aspect_splitlines
-from .._taint_tracking import _convert_escaped_text_to_tainted_text
-from .._taint_tracking import _format_aspect
-from .._taint_tracking import are_all_text_all_ranges
-from .._taint_tracking import as_formatted_evidence
-from .._taint_tracking import common_replace
-from .._taint_tracking import copy_and_shift_ranges_from_strings
-from .._taint_tracking import copy_ranges_from_strings
-from .._taint_tracking import copy_ranges_to_iterable_with_strings
-from .._taint_tracking import copy_ranges_to_string
-from .._taint_tracking import get_ranges
-from .._taint_tracking import get_tainted_ranges
-from .._taint_tracking import iast_taint_log_error
-from .._taint_tracking import is_pyobject_tainted
-from .._taint_tracking import new_pyobject_id
-from .._taint_tracking import parse_params
-from .._taint_tracking import set_ranges
-from .._taint_tracking import shift_taint_range
-from .._taint_tracking import taint_pyobject_with_ranges
-from .._taint_tracking._native import aspects  # noqa: F401
+from ddtrace.appsec._iast._taint_tracking import TagMappingMode
+from ddtrace.appsec._iast._taint_tracking import TaintRange
+from ddtrace.appsec._iast._taint_tracking import _aspect_ospathbasename
+from ddtrace.appsec._iast._taint_tracking import _aspect_ospathdirname
+from ddtrace.appsec._iast._taint_tracking import _aspect_ospathjoin
+from ddtrace.appsec._iast._taint_tracking import _aspect_ospathnormcase
+from ddtrace.appsec._iast._taint_tracking import _aspect_ospathsplit
+from ddtrace.appsec._iast._taint_tracking import _aspect_ospathsplitdrive
+from ddtrace.appsec._iast._taint_tracking import _aspect_ospathsplitext
+from ddtrace.appsec._iast._taint_tracking import _aspect_ospathsplitroot
+from ddtrace.appsec._iast._taint_tracking import _aspect_rsplit
+from ddtrace.appsec._iast._taint_tracking import _aspect_split
+from ddtrace.appsec._iast._taint_tracking import _aspect_splitlines
+from ddtrace.appsec._iast._taint_tracking import _convert_escaped_text_to_tainted_text
+from ddtrace.appsec._iast._taint_tracking import _format_aspect
+from ddtrace.appsec._iast._taint_tracking import are_all_text_all_ranges
+from ddtrace.appsec._iast._taint_tracking import as_formatted_evidence
+from ddtrace.appsec._iast._taint_tracking import common_replace
+from ddtrace.appsec._iast._taint_tracking import copy_and_shift_ranges_from_strings
+from ddtrace.appsec._iast._taint_tracking import copy_ranges_from_strings
+from ddtrace.appsec._iast._taint_tracking import get_ranges
+from ddtrace.appsec._iast._taint_tracking import new_pyobject_id
+from ddtrace.appsec._iast._taint_tracking import parse_params
+from ddtrace.appsec._iast._taint_tracking import set_ranges
+from ddtrace.appsec._iast._taint_tracking import shift_taint_range
+from ddtrace.appsec._iast._taint_tracking._errors import iast_taint_log_error
+from ddtrace.appsec._iast._taint_tracking._native import aspects  # noqa: F401
+from ddtrace.appsec._iast._taint_tracking._taint_objects import copy_ranges_to_iterable_with_strings
+from ddtrace.appsec._iast._taint_tracking._taint_objects import copy_ranges_to_string
+from ddtrace.appsec._iast._taint_tracking._taint_objects import get_tainted_ranges
+from ddtrace.appsec._iast._taint_tracking._taint_objects import is_pyobject_tainted
+from ddtrace.appsec._iast._taint_tracking._taint_objects import taint_pyobject_with_ranges
 
 
 TEXT_TYPES = Union[str, bytes, bytearray]
diff --git a/ddtrace/appsec/_iast/_taint_utils.py b/ddtrace/appsec/_iast/_taint_utils.py
index 8b5e1b97caa..524e8279d2b 100644
--- a/ddtrace/appsec/_iast/_taint_utils.py
+++ b/ddtrace/appsec/_iast/_taint_utils.py
@@ -5,6 +5,8 @@
 from typing import Optional
 from typing import Union
 
+from ddtrace.appsec._iast._taint_tracking._taint_objects import is_pyobject_tainted
+from ddtrace.appsec._iast._taint_tracking._taint_objects import taint_pyobject
 from ddtrace.appsec._iast.constants import DBAPI_INTEGRATIONS
 from ddtrace.internal.logger import get_logger
 from ddtrace.settings.asm import config as asm_config
@@ -87,9 +89,6 @@ def taint_structure(main_obj, source_key, source_value, override_pyobject_tainte
     use a queue like mechanism to avoid recursion
     Best effort: mutate mutable structures and rebuild immutable ones if possible
     """
-    from ._taint_tracking import is_pyobject_tainted
-    from ._taint_tracking import taint_pyobject
-
     if not main_obj:
         return main_obj
 
@@ -164,9 +163,6 @@ def __init__(self, original_list, origins=(0, 0), override_pyobject_tainted=Fals
     def _taint(self, value):
         if value:
             if isinstance(value, (str, bytes, bytearray)):
-                from ._taint_tracking import is_pyobject_tainted
-                from ._taint_tracking import taint_pyobject
-
                 if not is_pyobject_tainted(value) or self._override_pyobject_tainted:
                     try:
                         # TODO: migrate this part to shift ranges instead of creating a new one
@@ -348,9 +344,6 @@ def _taint(self, value, key, origin=None):
             origin = self._origin_value
         if value:
             if isinstance(value, (str, bytes, bytearray)):
-                from ._taint_tracking import is_pyobject_tainted
-                from ._taint_tracking import taint_pyobject
-
                 if not is_pyobject_tainted(value) or self._override_pyobject_tainted:
                     try:
                         # TODO: migrate this part to shift ranges instead of creating a new one
@@ -529,8 +522,6 @@ def supported_dbapi_integration(integration_name):
 
 def check_tainted_dbapi_args(args, kwargs, tracer, integration_name, method):
     if supported_dbapi_integration(integration_name) and method.__name__ == "execute":
-        from ._taint_tracking import is_pyobject_tainted
-
         return len(args) and args[0] and is_pyobject_tainted(args[0])
 
     return False
diff --git a/ddtrace/appsec/_iast/_utils.py b/ddtrace/appsec/_iast/_utils.py
index c1ae2d82be4..fda05a8b8e5 100644
--- a/ddtrace/appsec/_iast/_utils.py
+++ b/ddtrace/appsec/_iast/_utils.py
@@ -8,8 +8,8 @@
 
 @lru_cache(maxsize=1)
 def _is_python_version_supported() -> bool:
-    # IAST supports Python versions 3.6 to 3.12
-    return (3, 6, 0) <= sys.version_info < (3, 13, 0)
+    # IAST supports Python versions 3.6 to 3.13
+    return (3, 6, 0) <= sys.version_info < (3, 14, 0)
 
 
 def _is_iast_enabled():
diff --git a/ddtrace/appsec/_iast/reporter.py b/ddtrace/appsec/_iast/reporter.py
index 62cc2ee8d65..ffdd786fc28 100644
--- a/ddtrace/appsec/_iast/reporter.py
+++ b/ddtrace/appsec/_iast/reporter.py
@@ -218,7 +218,7 @@ def taint_ranges_as_evidence_info(pyobject: Any) -> Tuple[List[Source], List[Dic
         Returns:
         - Tuple[Set[Source], List[Dict]]: Set of Source objects and list of tainted ranges as dictionaries.
         """
-        from ddtrace.appsec._iast._taint_tracking import get_tainted_ranges
+        from ddtrace.appsec._iast._taint_tracking._taint_objects import get_tainted_ranges
 
         sources = list()
         tainted_ranges = get_tainted_ranges(pyobject)
diff --git a/ddtrace/appsec/_iast/taint_sinks/command_injection.py b/ddtrace/appsec/_iast/taint_sinks/command_injection.py
index 0cfd48a5816..ee22b294bfc 100644
--- a/ddtrace/appsec/_iast/taint_sinks/command_injection.py
+++ b/ddtrace/appsec/_iast/taint_sinks/command_injection.py
@@ -3,17 +3,19 @@
 from typing import List
 from typing import Union
 
+from ddtrace.appsec._common_module_patches import try_unwrap
+from ddtrace.appsec._constants import IAST_SPAN_TAGS
+from ddtrace.appsec._iast import oce
+from ddtrace.appsec._iast._iast_request_context import is_iast_request_enabled
+from ddtrace.appsec._iast._metrics import _set_metric_iast_executed_sink
+from ddtrace.appsec._iast._metrics import _set_metric_iast_instrumented_sink
+from ddtrace.appsec._iast._metrics import increment_iast_span_metric
+from ddtrace.appsec._iast._patch import try_wrap_function_wrapper
+from ddtrace.appsec._iast._taint_tracking._taint_objects import is_pyobject_tainted
+from ddtrace.appsec._iast.constants import VULN_CMDI
 from ddtrace.internal.logger import get_logger
 from ddtrace.settings.asm import config as asm_config
 
-from ..._common_module_patches import try_unwrap
-from ..._constants import IAST_SPAN_TAGS
-from .. import oce
-from .._iast_request_context import is_iast_request_enabled
-from .._metrics import _set_metric_iast_instrumented_sink
-from .._metrics import increment_iast_span_metric
-from .._patch import try_wrap_function_wrapper
-from ..constants import VULN_CMDI
 from ._base import VulnerabilityBase
 
 
@@ -75,13 +77,11 @@ class CommandInjection(VulnerabilityBase):
 
 def _iast_report_cmdi(shell_args: Union[str, List[str]]) -> None:
     report_cmdi = ""
-    from .._metrics import _set_metric_iast_executed_sink
 
     increment_iast_span_metric(IAST_SPAN_TAGS.TELEMETRY_EXECUTED_SINK, CommandInjection.vulnerability_type)
     _set_metric_iast_executed_sink(CommandInjection.vulnerability_type)
 
     if is_iast_request_enabled() and CommandInjection.has_quota():
-        from .._taint_tracking import is_pyobject_tainted
         from .._taint_tracking.aspects import join_aspect
 
         if isinstance(shell_args, (list, tuple)):
diff --git a/ddtrace/appsec/_iast/taint_sinks/header_injection.py b/ddtrace/appsec/_iast/taint_sinks/header_injection.py
index 4d56986c2d0..730e9f05490 100644
--- a/ddtrace/appsec/_iast/taint_sinks/header_injection.py
+++ b/ddtrace/appsec/_iast/taint_sinks/header_injection.py
@@ -2,20 +2,22 @@
 
 from wrapt.importer import when_imported
 
+from ddtrace.appsec._common_module_patches import try_unwrap
+from ddtrace.appsec._constants import IAST_SPAN_TAGS
+from ddtrace.appsec._iast import oce
+from ddtrace.appsec._iast._iast_request_context import is_iast_request_enabled
+from ddtrace.appsec._iast._metrics import _set_metric_iast_executed_sink
+from ddtrace.appsec._iast._metrics import _set_metric_iast_instrumented_sink
+from ddtrace.appsec._iast._metrics import increment_iast_span_metric
+from ddtrace.appsec._iast._patch import set_and_check_module_is_patched
+from ddtrace.appsec._iast._patch import set_module_unpatched
+from ddtrace.appsec._iast._patch import try_wrap_function_wrapper
+from ddtrace.appsec._iast._taint_tracking._taint_objects import is_pyobject_tainted
+from ddtrace.appsec._iast.constants import HEADER_NAME_VALUE_SEPARATOR
+from ddtrace.appsec._iast.constants import VULN_HEADER_INJECTION
 from ddtrace.internal.logger import get_logger
 from ddtrace.settings.asm import config as asm_config
 
-from ..._common_module_patches import try_unwrap
-from ..._constants import IAST_SPAN_TAGS
-from .. import oce
-from .._iast_request_context import is_iast_request_enabled
-from .._metrics import _set_metric_iast_instrumented_sink
-from .._metrics import increment_iast_span_metric
-from .._patch import set_and_check_module_is_patched
-from .._patch import set_module_unpatched
-from .._patch import try_wrap_function_wrapper
-from ..constants import HEADER_NAME_VALUE_SEPARATOR
-from ..constants import VULN_HEADER_INJECTION
 from ._base import VulnerabilityBase
 
 
@@ -97,9 +99,7 @@ class HeaderInjection(VulnerabilityBase):
 
 
 def _iast_report_header_injection(headers_args) -> None:
-    from .._metrics import _set_metric_iast_executed_sink
-    from .._taint_tracking import is_pyobject_tainted
-    from .._taint_tracking.aspects import add_aspect
+    from ddtrace.appsec._iast._taint_tracking.aspects import add_aspect
 
     header_name, header_value = headers_args
     for header_to_exclude in HEADER_INJECTION_EXCLUSIONS:
diff --git a/ddtrace/appsec/_iast/taint_sinks/insecure_cookie.py b/ddtrace/appsec/_iast/taint_sinks/insecure_cookie.py
index f4cb00fc433..3e9c05c451c 100644
--- a/ddtrace/appsec/_iast/taint_sinks/insecure_cookie.py
+++ b/ddtrace/appsec/_iast/taint_sinks/insecure_cookie.py
@@ -7,7 +7,7 @@
 from .._iast_request_context import is_iast_request_enabled
 from .._metrics import _set_metric_iast_executed_sink
 from .._metrics import increment_iast_span_metric
-from .._taint_tracking import iast_taint_log_error
+from .._taint_tracking._errors import iast_taint_log_error
 from ..constants import VULN_INSECURE_COOKIE
 from ..constants import VULN_NO_HTTPONLY_COOKIE
 from ..constants import VULN_NO_SAMESITE_COOKIE
diff --git a/ddtrace/appsec/_iast/taint_sinks/path_traversal.py b/ddtrace/appsec/_iast/taint_sinks/path_traversal.py
index 1fd9cff8956..42c1045c7ce 100644
--- a/ddtrace/appsec/_iast/taint_sinks/path_traversal.py
+++ b/ddtrace/appsec/_iast/taint_sinks/path_traversal.py
@@ -1,12 +1,14 @@
 from typing import Any
 
+from ddtrace.appsec._constants import IAST_SPAN_TAGS
+from ddtrace.appsec._iast import oce
+from ddtrace.appsec._iast._iast_request_context import is_iast_request_enabled
+from ddtrace.appsec._iast._metrics import _set_metric_iast_executed_sink
+from ddtrace.appsec._iast._metrics import increment_iast_span_metric
+from ddtrace.appsec._iast._taint_tracking._taint_objects import is_pyobject_tainted
+from ddtrace.appsec._iast.constants import VULN_PATH_TRAVERSAL
 from ddtrace.internal.logger import get_logger
 
-from ..._constants import IAST_SPAN_TAGS
-from .. import oce
-from .._iast_request_context import is_iast_request_enabled
-from .._metrics import increment_iast_span_metric
-from ..constants import VULN_PATH_TRAVERSAL
 from ._base import VulnerabilityBase
 
 
@@ -21,9 +23,6 @@ class PathTraversal(VulnerabilityBase):
 def check_and_report_path_traversal(*args: Any, **kwargs: Any) -> None:
     if is_iast_request_enabled() and PathTraversal.has_quota():
         try:
-            from .._metrics import _set_metric_iast_executed_sink
-            from .._taint_tracking import is_pyobject_tainted
-
             increment_iast_span_metric(IAST_SPAN_TAGS.TELEMETRY_EXECUTED_SINK, PathTraversal.vulnerability_type)
             _set_metric_iast_executed_sink(PathTraversal.vulnerability_type)
             filename_arg = args[0] if args else kwargs.get("file", None)
diff --git a/ddtrace/appsec/_iast/taint_sinks/ssrf.py b/ddtrace/appsec/_iast/taint_sinks/ssrf.py
index 7233aa54cec..5090e73bc76 100644
--- a/ddtrace/appsec/_iast/taint_sinks/ssrf.py
+++ b/ddtrace/appsec/_iast/taint_sinks/ssrf.py
@@ -1,15 +1,17 @@
 from typing import Callable
 
+from ddtrace.appsec._constants import IAST_SPAN_TAGS
+from ddtrace.appsec._iast import oce
+from ddtrace.appsec._iast._iast_request_context import is_iast_request_enabled
+from ddtrace.appsec._iast._metrics import _set_metric_iast_executed_sink
+from ddtrace.appsec._iast._metrics import increment_iast_span_metric
+from ddtrace.appsec._iast._taint_tracking._taint_objects import is_pyobject_tainted
+from ddtrace.appsec._iast.constants import VULN_SSRF
 from ddtrace.internal.logger import get_logger
 from ddtrace.internal.utils import ArgumentError
 from ddtrace.internal.utils import get_argument_value
 from ddtrace.internal.utils.importlib import func_name
 
-from ..._constants import IAST_SPAN_TAGS
-from .. import oce
-from .._iast_request_context import is_iast_request_enabled
-from .._metrics import increment_iast_span_metric
-from ..constants import VULN_SSRF
 from ._base import VulnerabilityBase
 
 
@@ -46,14 +48,10 @@ def _iast_report_ssrf(func: Callable, *args, **kwargs):
         return
 
     if report_ssrf:
-        from .._metrics import _set_metric_iast_executed_sink
-
         _set_metric_iast_executed_sink(SSRF.vulnerability_type)
         increment_iast_span_metric(IAST_SPAN_TAGS.TELEMETRY_EXECUTED_SINK, SSRF.vulnerability_type)
         if is_iast_request_enabled() and SSRF.has_quota():
             try:
-                from .._taint_tracking import is_pyobject_tainted
-
                 if is_pyobject_tainted(report_ssrf):
                     SSRF.report(evidence_value=report_ssrf)
             except Exception:
diff --git a/ddtrace/contrib/internal/botocore/services/bedrock.py b/ddtrace/contrib/internal/botocore/services/bedrock.py
index 7c5f26b07a5..00e9aa5756f 100644
--- a/ddtrace/contrib/internal/botocore/services/bedrock.py
+++ b/ddtrace/contrib/internal/botocore/services/bedrock.py
@@ -24,6 +24,17 @@
 _META = "meta"
 _STABILITY = "stability"
 
+_MODEL_TYPE_IDENTIFIERS = (
+    "foundation-model/",
+    "custom-model/",
+    "provisioned-model/",
+    "imported-model/",
+    "prompt/",
+    "endpoint/",
+    "inference-profile/",
+    "default-prompt-router/",
+)
+
 
 class TracedBotocoreStreamingBody(wrapt.ObjectProxy):
     """
@@ -320,14 +331,45 @@ def handle_bedrock_response(
     return result
 
 
+def _parse_model_id(model_id: str):
+    """Best effort to extract the model provider and model name from the bedrock model ID.
+    model_id can be a 1/2 period-separated string or a full AWS ARN, based on the following formats:
+    1. Base model: "{model_provider}.{model_name}"
+    2. Cross-region model: "{region}.{model_provider}.{model_name}"
+    3. Other: Prefixed by AWS ARN "arn:aws{+region?}:bedrock:{region}:{account-id}:"
+        a. Foundation model: ARN prefix + "foundation-model/{region?}.{model_provider}.{model_name}"
+        b. Custom model: ARN prefix + "custom-model/{model_provider}.{model_name}"
+        c. Provisioned model: ARN prefix + "provisioned-model/{model-id}"
+        d. Imported model: ARN prefix + "imported-module/{model-id}"
+        e. Prompt management: ARN prefix + "prompt/{prompt-id}"
+        f. Sagemaker: ARN prefix + "endpoint/{model-id}"
+        g. Inference profile: ARN prefix + "{application-?}inference-profile/{model-id}"
+        h. Default prompt router: ARN prefix + "default-prompt-router/{prompt-id}"
+    If model provider cannot be inferred from the model_id formatting, then default to "custom"
+    """
+    if not model_id.startswith("arn:aws"):
+        model_meta = model_id.split(".")
+        if len(model_meta) < 2:
+            return "custom", model_meta[0]
+        return model_meta[-2], model_meta[-1]
+    for identifier in _MODEL_TYPE_IDENTIFIERS:
+        if identifier not in model_id:
+            continue
+        model_id = model_id.rsplit(identifier, 1)[-1]
+        if identifier in ("foundation-model/", "custom-model/"):
+            model_meta = model_id.split(".")
+            if len(model_meta) < 2:
+                return "custom", model_id
+            return model_meta[-2], model_meta[-1]
+        return "custom", model_id
+    return "custom", "custom"
+
+
 def patched_bedrock_api_call(original_func, instance, args, kwargs, function_vars):
     params = function_vars.get("params")
     pin = function_vars.get("pin")
-    model_meta = params.get("modelId").split(".")
-    if len(model_meta) == 2:
-        model_provider, model_name = model_meta
-    else:
-        _, model_provider, model_name = model_meta  # cross-region inference
+    model_id = params.get("modelId")
+    model_provider, model_name = _parse_model_id(model_id)
     integration = function_vars.get("integration")
     submit_to_llmobs = integration.llmobs_enabled and "embed" not in model_name
     with core.context_with_data(
diff --git a/ddtrace/contrib/internal/langchain/patch.py b/ddtrace/contrib/internal/langchain/patch.py
index fa2332d70f2..b7513539da7 100644
--- a/ddtrace/contrib/internal/langchain/patch.py
+++ b/ddtrace/contrib/internal/langchain/patch.py
@@ -1406,8 +1406,8 @@ def unpatch():
 
 def taint_outputs(instance, inputs, outputs):
     from ddtrace.appsec._iast._metrics import _set_iast_error_metric
-    from ddtrace.appsec._iast._taint_tracking import get_tainted_ranges
-    from ddtrace.appsec._iast._taint_tracking import taint_pyobject
+    from ddtrace.appsec._iast._taint_tracking._taint_objects import get_tainted_ranges
+    from ddtrace.appsec._iast._taint_tracking._taint_objects import taint_pyobject
 
     try:
         ranges = None
@@ -1429,8 +1429,8 @@ def taint_outputs(instance, inputs, outputs):
 
 def taint_parser_output(func, instance, args, kwargs):
     from ddtrace.appsec._iast._metrics import _set_iast_error_metric
-    from ddtrace.appsec._iast._taint_tracking import get_tainted_ranges
-    from ddtrace.appsec._iast._taint_tracking import taint_pyobject
+    from ddtrace.appsec._iast._taint_tracking._taint_objects import get_tainted_ranges
+    from ddtrace.appsec._iast._taint_tracking._taint_objects import taint_pyobject
 
     result = func(*args, **kwargs)
     try:
diff --git a/ddtrace/internal/compat.py b/ddtrace/internal/compat.py
index 457618dc393..6ebe450583e 100644
--- a/ddtrace/internal/compat.py
+++ b/ddtrace/internal/compat.py
@@ -56,32 +56,16 @@
 def ensure_text(s, encoding="utf-8", errors="ignore") -> str:
     if isinstance(s, str):
         return s
-
     if isinstance(s, bytes):
         return s.decode(encoding, errors)
-
-    # Skip the check for Mock objects as they are used in tests
-    from unittest.mock import Mock
-
-    if isinstance(s, Mock):
-        return str(s)
-
     raise TypeError("Expected str or bytes but received %r" % (s.__class__))
 
 
 def ensure_binary(s, encoding="utf-8", errors="ignore") -> bytes:
     if isinstance(s, bytes):
         return s
-
-    # Skip the check for Mock objects as they are used in tests
-    from unittest.mock import Mock
-
-    if isinstance(s, Mock):
-        return bytes(s)
-
     if not isinstance(s, str):
         raise TypeError("Expected str or bytes but received %r" % (s.__class__))
-
     return s.encode(encoding, errors)
 
 
diff --git a/ddtrace/profiling/collector/_memalloc.c b/ddtrace/profiling/collector/_memalloc.c
index 3b7f7db293f..f3de61a7b2c 100644
--- a/ddtrace/profiling/collector/_memalloc.c
+++ b/ddtrace/profiling/collector/_memalloc.c
@@ -42,47 +42,120 @@ static PyObject* object_string = NULL;
 
 #define ALLOC_TRACKER_MAX_COUNT UINT64_MAX
 
+// The data coordination primitives in this and related files are related to a crash we started seeing.
+// We don't have a precise understanding of the causal factors within the runtime that lead to this condition,
+// since the GIL alone was sufficient in the past for preventing this issue.
+// We add an option here to _add_ a crash, in order to observe this condition in a future diagnostic iteration.
+// **This option is _intended_ to crash the Python process** do not use without a good reason!
+static char g_crash_on_mutex_pass_str[] = "_DD_PROFILING_MEMALLOC_CRASH_ON_MUTEX_PASS";
+static const char* g_truthy_values[] = { "1", "true", "yes", "on", "enable", "enabled", NULL }; // NB the sentinel NULL
+static memlock_t g_memalloc_lock;
+
 static alloc_tracker_t* global_alloc_tracker;
 
+// This is a multiplatform way to define an operation to happen at static initialization time
+static void
+memalloc_init(void);
+
+static void
+memalloc_prefork(void)
+{
+    // Lock the mutex prior to forking. This ensures that the memory profiler
+    // data structures will be in a consistent state in the child process.
+    // The rest of the memalloc calls do trylock so we don't run the risk
+    // of deadlocking if some other fork handler allocates
+    memlock_lock(&g_memalloc_lock);
+}
+
+static void
+memalloc_postfork_parent(void)
+{
+    memlock_unlock(&g_memalloc_lock);
+}
+
+static void
+memalloc_postfork_child(void)
+{
+    memlock_unlock(&g_memalloc_lock);
+}
+
+#ifdef _MSC_VER
+#pragma section(".CRT$XCU", read)
+__declspec(allocate(".CRT$XCU")) void (*memalloc_init_func)(void) = memalloc_init;
+
+#elif defined(__GNUC__) || defined(__clang__)
+__attribute__((constructor))
+#else
+#error Unsupported compiler
+#endif
+static void
+memalloc_init()
+{
+    // Check if we should crash the process on mutex pass
+    char* crash_on_mutex_pass_str = getenv(g_crash_on_mutex_pass_str);
+    bool crash_on_mutex_pass = false;
+    if (crash_on_mutex_pass_str) {
+        for (int i = 0; g_truthy_values[i]; i++) {
+            if (strcmp(crash_on_mutex_pass_str, g_truthy_values[i]) == 0) {
+                crash_on_mutex_pass = true;
+                break;
+            }
+        }
+    }
+    memlock_init(&g_memalloc_lock, crash_on_mutex_pass);
+#ifndef _WIN32
+    pthread_atfork(memalloc_prefork, memalloc_postfork_parent, memalloc_postfork_child);
+#endif
+}
+
 static void
 memalloc_add_event(memalloc_context_t* ctx, void* ptr, size_t size)
 {
-    /* Do not overflow; just ignore the new events if we ever reach that point */
-    if (global_alloc_tracker->alloc_count >= ALLOC_TRACKER_MAX_COUNT)
+    uint64_t alloc_count = atomic_add_clamped(&global_alloc_tracker->alloc_count, 1, ALLOC_TRACKER_MAX_COUNT);
+
+    /* Return if we've reached the maximum number of allocations */
+    if (alloc_count == 0)
         return;
 
-    global_alloc_tracker->alloc_count++;
+    // Return if we can't take the guard
+    if (!memalloc_take_guard()) {
+        return;
+    }
 
-    /* Avoid loops */
-    if (memalloc_get_reentrant())
+    // In this implementation, the `global_alloc_tracker` isn't intrinsically protected.  Before we read or modify,
+    // take the lock.  The count of allocations is already forward-attributed elsewhere, so if we can't take the lock
+    // there's nothing to do.
+    if (!memlock_trylock(&g_memalloc_lock)) {
         return;
+    }
 
     /* Determine if we can capture or if we need to sample */
     if (global_alloc_tracker->allocs.count < ctx->max_events) {
-        /* set a barrier so we don't loop as getting a traceback allocates memory */
-        memalloc_set_reentrant(true);
         /* Buffer is not full, fill it */
         traceback_t* tb = memalloc_get_traceback(ctx->max_nframe, ptr, size, ctx->domain);
-        memalloc_set_reentrant(false);
-        if (tb)
+        if (tb) {
             traceback_array_append(&global_alloc_tracker->allocs, tb);
+        }
     } else {
         /* Sampling mode using a reservoir sampling algorithm: replace a random
          * traceback with this one */
-        uint64_t r = random_range(global_alloc_tracker->alloc_count);
+        uint64_t r = random_range(alloc_count);
 
-        if (r < ctx->max_events) {
-            /* set a barrier so we don't loop as getting a traceback allocates memory */
-            memalloc_set_reentrant(true);
+        // In addition to event size, need to check that the tab is in a good state
+        if (r < ctx->max_events && global_alloc_tracker->allocs.tab != NULL) {
             /* Replace a random traceback with this one */
             traceback_t* tb = memalloc_get_traceback(ctx->max_nframe, ptr, size, ctx->domain);
-            memalloc_set_reentrant(false);
+
+            // Need to check not only that the tb returned
             if (tb) {
                 traceback_free(global_alloc_tracker->allocs.tab[r]);
                 global_alloc_tracker->allocs.tab[r] = tb;
             }
         }
     }
+
+    memlock_unlock(&g_memalloc_lock);
+    memalloc_yield_guard();
 }
 
 static void
@@ -98,12 +171,6 @@ memalloc_free(void* ctx, void* ptr)
     alloc->free(alloc->ctx, ptr);
 }
 
-#ifdef _PY37_AND_LATER
-Py_tss_t memalloc_reentrant_key = Py_tss_NEEDS_INIT;
-#else
-int memalloc_reentrant_key = -1;
-#endif
-
 static void*
 memalloc_alloc(int use_calloc, void* ctx, size_t nelem, size_t elsize)
 {
@@ -233,7 +300,10 @@ memalloc_start(PyObject* Py_UNUSED(module), PyObject* args)
 
     global_memalloc_ctx.domain = PYMEM_DOMAIN_OBJ;
 
-    global_alloc_tracker = alloc_tracker_new();
+    if (memlock_trylock(&g_memalloc_lock)) {
+        global_alloc_tracker = alloc_tracker_new();
+        memlock_unlock(&g_memalloc_lock);
+    }
 
     PyMem_GetAllocator(PYMEM_DOMAIN_OBJ, &global_memalloc_ctx.pymem_allocator_obj);
     PyMem_SetAllocator(PYMEM_DOMAIN_OBJ, &alloc);
@@ -258,8 +328,11 @@ memalloc_stop(PyObject* Py_UNUSED(module), PyObject* Py_UNUSED(args))
 
     PyMem_SetAllocator(PYMEM_DOMAIN_OBJ, &global_memalloc_ctx.pymem_allocator_obj);
     memalloc_tb_deinit();
-    alloc_tracker_free(global_alloc_tracker);
-    global_alloc_tracker = NULL;
+    if (memlock_trylock(&g_memalloc_lock)) {
+        alloc_tracker_free(global_alloc_tracker);
+        global_alloc_tracker = NULL;
+        memlock_unlock(&g_memalloc_lock);
+    }
 
     memalloc_heap_tracker_deinit();
 
@@ -310,9 +383,15 @@ iterevents_new(PyTypeObject* type, PyObject* Py_UNUSED(args), PyObject* Py_UNUSE
     if (!iestate)
         return NULL;
 
-    iestate->alloc_tracker = global_alloc_tracker;
     /* reset the current traceback list */
-    global_alloc_tracker = alloc_tracker_new();
+    if (memlock_trylock(&g_memalloc_lock)) {
+        iestate->alloc_tracker = global_alloc_tracker;
+        global_alloc_tracker = alloc_tracker_new();
+        memlock_unlock(&g_memalloc_lock);
+    } else {
+        Py_TYPE(iestate)->tp_free(iestate);
+        return NULL;
+    }
     iestate->seq_index = 0;
 
     PyObject* iter_and_count = PyTuple_New(3);
@@ -326,8 +405,11 @@ iterevents_new(PyTypeObject* type, PyObject* Py_UNUSED(args), PyObject* Py_UNUSE
 static void
 iterevents_dealloc(IterEventsState* iestate)
 {
-    alloc_tracker_free(iestate->alloc_tracker);
-    Py_TYPE(iestate)->tp_free(iestate);
+    if (memlock_trylock(&g_memalloc_lock)) {
+        alloc_tracker_free(iestate->alloc_tracker);
+        Py_TYPE(iestate)->tp_free(iestate);
+        memlock_unlock(&g_memalloc_lock);
+    }
 }
 
 static PyObject*
@@ -442,20 +524,6 @@ PyInit__memalloc(void)
         return NULL;
     }
 
-#ifdef _PY37_AND_LATER
-    if (PyThread_tss_create(&memalloc_reentrant_key) != 0) {
-#else
-    memalloc_reentrant_key = PyThread_create_key();
-    if (memalloc_reentrant_key == -1) {
-#endif
-#ifdef MS_WINDOWS
-        PyErr_SetFromWindowsErr(0);
-#else
-        PyErr_SetFromErrno(PyExc_OSError);
-#endif
-        return NULL;
-    }
-
     if (PyType_Ready(&MemallocIterEvents_Type) < 0)
         return NULL;
     Py_INCREF((PyObject*)&MemallocIterEvents_Type);
diff --git a/ddtrace/profiling/collector/_memalloc_heap.c b/ddtrace/profiling/collector/_memalloc_heap.c
index d6531d7b095..11e0d8dba8e 100644
--- a/ddtrace/profiling/collector/_memalloc_heap.c
+++ b/ddtrace/profiling/collector/_memalloc_heap.c
@@ -9,13 +9,13 @@
 typedef struct
 {
     /* Granularity of the heap profiler in bytes */
-    uint32_t sample_size;
+    uint64_t sample_size;
     /* Current sample size of the heap profiler in bytes */
-    uint32_t current_sample_size;
+    uint64_t current_sample_size;
     /* Tracked allocations */
     traceback_array_t allocs;
     /* Allocated memory counter in bytes */
-    uint32_t allocated_memory;
+    uint64_t allocated_memory;
     /* True if the heap tracker is frozen */
     bool frozen;
     /* Contains the ongoing heap allocation/deallocation while frozen */
@@ -26,8 +26,64 @@ typedef struct
     } freezer;
 } heap_tracker_t;
 
+static char g_crash_on_mutex_pass_str[] = "_DD_PROFILING_MEMHEAP_CRASH_ON_MUTEX_PASS";
+static const char* g_truthy_values[] = { "1", "true", "yes", "on", "enable", "enabled", NULL }; // NB the sentinel NULL
+static memlock_t g_memheap_lock;
+
 static heap_tracker_t global_heap_tracker;
 
+// This is a multiplatform way to define an operation to happen at static initialization time
+static void
+memheap_init(void);
+
+static void
+memheap_prefork(void)
+{
+    // See memalloc_prefork for an explanation of why this is here
+    memlock_lock(&g_memheap_lock);
+}
+
+static void
+memheap_postfork_parent(void)
+{
+    memlock_unlock(&g_memheap_lock);
+}
+
+static void
+memheap_postfork_child(void)
+{
+    memlock_unlock(&g_memheap_lock);
+}
+
+#ifdef _MSC_VER
+#pragma section(".CRT$XCU", read)
+__declspec(allocate(".CRT$XCU")) void (*memheap_init_func)(void) = memheap_init;
+
+#elif defined(__GNUC__) || defined(__clang__)
+__attribute__((constructor))
+#else
+#error Unsupported compiler
+#endif
+static void
+memheap_init()
+{
+    // Check if we should crash the process on mutex pass
+    char* crash_on_mutex_pass_str = getenv(g_crash_on_mutex_pass_str);
+    bool crash_on_mutex_pass = false;
+    if (crash_on_mutex_pass_str) {
+        for (int i = 0; g_truthy_values[i]; i++) {
+            if (strcmp(crash_on_mutex_pass_str, g_truthy_values[i]) == 0) {
+                crash_on_mutex_pass = true;
+                break;
+            }
+        }
+    }
+    memlock_init(&g_memheap_lock, crash_on_mutex_pass);
+#ifndef _WIN32
+    pthread_atfork(memheap_prefork, memheap_postfork_parent, memheap_postfork_child);
+#endif
+}
+
 static uint32_t
 heap_tracker_next_sample_size(uint32_t sample_size)
 {
@@ -119,20 +175,30 @@ heap_tracker_thaw(heap_tracker_t* heap_tracker)
 void
 memalloc_heap_tracker_init(uint32_t sample_size)
 {
-    heap_tracker_init(&global_heap_tracker);
-    global_heap_tracker.sample_size = sample_size;
-    global_heap_tracker.current_sample_size = heap_tracker_next_sample_size(sample_size);
+
+    if (memlock_trylock(&g_memheap_lock)) {
+        heap_tracker_init(&global_heap_tracker);
+        global_heap_tracker.sample_size = sample_size;
+        global_heap_tracker.current_sample_size = heap_tracker_next_sample_size(sample_size);
+        memlock_unlock(&g_memheap_lock);
+    }
 }
 
 void
 memalloc_heap_tracker_deinit(void)
 {
-    heap_tracker_wipe(&global_heap_tracker);
+    if (memlock_trylock(&g_memheap_lock)) {
+        heap_tracker_wipe(&global_heap_tracker);
+        memlock_unlock(&g_memheap_lock);
+    }
 }
 
 void
 memalloc_heap_untrack(void* ptr)
 {
+    if (!memlock_trylock(&g_memheap_lock)) {
+        return;
+    }
     if (global_heap_tracker.frozen) {
         /* Check that we still have space to store the free. If we don't have
            enough space, we ignore the untrack. That's sad as there is a change
@@ -144,6 +210,8 @@ memalloc_heap_untrack(void* ptr)
             ptr_array_append(&global_heap_tracker.freezer.frees, ptr);
     } else
         heap_tracker_untrack_thawed(&global_heap_tracker, ptr);
+
+    memlock_unlock(&g_memheap_lock);
 }
 
 /* Track a memory allocation in the heap profiler.
@@ -157,26 +225,36 @@ memalloc_heap_track(uint16_t max_nframe, void* ptr, size_t size, PyMemAllocatorD
         return false;
 
     /* Check for overflow */
-    global_heap_tracker.allocated_memory = Py_MIN(global_heap_tracker.allocated_memory + size, MAX_HEAP_SAMPLE_SIZE);
+    uint64_t res = atomic_add_clamped(&global_heap_tracker.allocated_memory, size, MAX_HEAP_SAMPLE_SIZE);
+    if (0 == res)
+        return false;
+
+    // Take the lock
+    if (!memlock_trylock(&g_memheap_lock)) {
+        return false;
+    }
 
     /* Check if we have enough sample or not */
-    if (global_heap_tracker.allocated_memory < global_heap_tracker.current_sample_size)
+    if (global_heap_tracker.allocated_memory < global_heap_tracker.current_sample_size) {
+        memlock_unlock(&g_memheap_lock);
         return false;
+    }
 
     /* Check if we can add more samples: the sum of the freezer + alloc tracker
      cannot be greater than what the alloc tracker can handle: when the alloc
      tracker is thawed, all the allocs in the freezer will be moved there!*/
-    if ((global_heap_tracker.freezer.allocs.count + global_heap_tracker.allocs.count) >= TRACEBACK_ARRAY_MAX_COUNT)
+    if (global_heap_tracker.freezer.allocs.count + global_heap_tracker.allocs.count >= TRACEBACK_ARRAY_MAX_COUNT) {
+        memlock_unlock(&g_memheap_lock);
         return false;
+    }
 
     /* Avoid loops */
-    if (memalloc_get_reentrant())
+    if (!memalloc_take_guard()) {
+        memlock_unlock(&g_memheap_lock);
         return false;
+    }
 
-    memalloc_set_reentrant(true);
     traceback_t* tb = memalloc_get_traceback(max_nframe, ptr, global_heap_tracker.allocated_memory, domain);
-    memalloc_set_reentrant(false);
-
     if (tb) {
         if (global_heap_tracker.frozen)
             traceback_array_append(&global_heap_tracker.freezer.allocs, tb);
@@ -189,15 +267,23 @@ memalloc_heap_track(uint16_t max_nframe, void* ptr, size_t size, PyMemAllocatorD
         /* Compute the new target sample size */
         global_heap_tracker.current_sample_size = heap_tracker_next_sample_size(global_heap_tracker.sample_size);
 
+        memalloc_yield_guard();
+        memlock_unlock(&g_memheap_lock);
         return true;
     }
 
+    memalloc_yield_guard();
+    memlock_unlock(&g_memheap_lock);
     return false;
 }
 
 PyObject*
 memalloc_heap()
 {
+    if (!memlock_trylock(&g_memheap_lock)) {
+        return NULL;
+    }
+
     heap_tracker_freeze(&global_heap_tracker);
 
     PyObject* heap_list = PyList_New(global_heap_tracker.allocs.count);
@@ -213,5 +299,6 @@ memalloc_heap()
 
     heap_tracker_thaw(&global_heap_tracker);
 
+    memlock_unlock(&g_memheap_lock);
     return heap_list;
 }
diff --git a/ddtrace/profiling/collector/_memalloc_reentrant.c b/ddtrace/profiling/collector/_memalloc_reentrant.c
new file mode 100644
index 00000000000..d360d19fb30
--- /dev/null
+++ b/ddtrace/profiling/collector/_memalloc_reentrant.c
@@ -0,0 +1,3 @@
+#include "_memalloc_reentrant.h"
+
+bool _MEMALLOC_ON_THREAD = false;
diff --git a/ddtrace/profiling/collector/_memalloc_reentrant.h b/ddtrace/profiling/collector/_memalloc_reentrant.h
index 5c8a552294e..54a07320236 100644
--- a/ddtrace/profiling/collector/_memalloc_reentrant.h
+++ b/ddtrace/profiling/collector/_memalloc_reentrant.h
@@ -1,50 +1,188 @@
 #ifndef _DDTRACE_MEMALLOC_REENTRANT_H
 #define _DDTRACE_MEMALLOC_REENTRANT_H
 
-#include "_pymacro.h"
+#ifdef _WIN32
+#include <windows.h>
+#else
+#define _POSIX_C_SOURCE 200809L
+#include <errno.h>
+#include <pthread.h>
+#include <stdatomic.h>
+#include <time.h>
+#include <unistd.h>
+#endif
 #include <stdbool.h>
+#include <stdint.h>
+#include <stdlib.h>
 
-#ifndef _PY37_AND_LATER
-#include <pythread.h>
+// Cross-platform macro for defining thread-local storage
+// NB - we use dynamic-global on Linux because the others are problematic
+#if defined(_MSC_VER) // Check for MSVC compiler
+#define MEMALLOC_TLS __declspec(thread)
+#elif defined(__GNUC__) || defined(__clang__) // GCC or Clang
+#define MEMALLOC_TLS __attribute__((tls_model("global-dynamic"))) __thread
+#else
+#error "Unsupported compiler for thread-local storage"
 #endif
+extern bool _MEMALLOC_ON_THREAD;
 
-#ifdef _PY37_AND_LATER
-extern Py_tss_t memalloc_reentrant_key;
+// This is a saturating atomic add for 32- and 64-bit platforms.
+// In order to implement the saturation logic, use a CAS loop.
+// From the GCC docs:
+// "‘__atomic’ builtins can be used with any integral scalar or pointer type that is 1, 2, 4, or 8 bytes in length"
+// From the MSVC docs:
+// "_InterlockedCompareExchange64 is available on x86 systems running on any Pentium architecture; it is not
+// available on 386 or 486 architectures."
+static inline uint64_t
+atomic_add_clamped(uint64_t* target, uint64_t amount, uint64_t max)
+{
+    // In reality, there's virtually no scenario in which this deadlocks.  Just the same, give it some arbitrarily high
+    // limit in order to prevent unpredicted deadlocks.  96 is chosen since it's the number of cores on the largest
+    // consumer CPU generally used by our customers.
+    int attempts = 96;
+    while (attempts--) {
+        uint64_t old_val = (volatile uint64_t) * target;
+
+        // CAS loop + saturation check
+        uint64_t new_val = old_val + amount;
+        if (new_val > max || new_val < old_val) {
+            return 0;
+        }
+#if defined(_MSC_VER)
+        uint64_t prev_val =
+          (uint64_t)InterlockedCompareExchange64((volatile LONG64*)target, (LONG64)new_val, (LONG64)old_val);
+        if (prev_val == old_val) {
+            return new_val;
+        }
+#elif defined(__clang__) || defined(__GNUC__)
+        if (atomic_compare_exchange_strong_explicit(
+              (_Atomic uint64_t*)target, &old_val, new_val, memory_order_seq_cst, memory_order_seq_cst)) {
+            return new_val;
+        }
 #else
-extern int memalloc_reentrant_key;
+#error "Unsupported compiler for atomic operations"
 #endif
+        // If we reach here, CAS failed; another thread changed `target`
+        // Retry until success or until we detect max.
+    }
 
-/* Any non-NULL pointer can be used */
-#define _MEMALLOC_REENTRANT_VALUE Py_True
+    return 0;
+}
 
-static inline void
-memalloc_set_reentrant(bool reentrant)
+// Opaque lock type
+typedef struct
+{
+#ifdef _WIN32
+    HANDLE mutex;
+#else
+    pthread_mutex_t mutex;
+#endif
+} memlock_t;
+
+// Global setting; if a lock fails to be acquired, crash
+static bool g_crash_on_mutex_pass = false;
+
+// Generic initializer
+static inline bool
+memlock_init(memlock_t* lock, bool crash_on_pass)
 {
-    if (reentrant)
-#ifdef _PY37_AND_LATER
-        PyThread_tss_set(&memalloc_reentrant_key, _MEMALLOC_REENTRANT_VALUE);
+    if (!lock)
+        return false;
+
+    g_crash_on_mutex_pass = crash_on_pass;
+
+#ifdef _WIN32
+    lock->mutex = CreateMutex(NULL, FALSE, NULL);
+    return lock->mutex != NULL;
 #else
-        PyThread_set_key_value(memalloc_reentrant_key, _MEMALLOC_REENTRANT_VALUE);
+    // For POSIX systems, we make sure to use an ERRORCHECK type mutex, since it pushes some of the state checking
+    // down to the implementation.
+    pthread_mutexattr_t attr;
+    pthread_mutexattr_init(&attr);
+    pthread_mutexattr_settype(&attr, PTHREAD_MUTEX_ERRORCHECK);
+    return pthread_mutex_init(&lock->mutex, NULL) == 0;
 #endif
-    else
-#ifdef _PY37_AND_LATER
-        PyThread_tss_set(&memalloc_reentrant_key, NULL);
+}
+
+// Unlock function
+static inline bool
+memlock_unlock(memlock_t* lock)
+{
+    if (!lock)
+        return false;
+
+#ifdef _WIN32
+    return ReleaseMutex(lock->mutex);
 #else
-        PyThread_set_key_value(memalloc_reentrant_key, NULL);
+    return pthread_mutex_unlock(&lock->mutex) == 0;
 #endif
 }
 
+// trylock function
 static inline bool
-memalloc_get_reentrant(void)
+memlock_trylock(memlock_t* lock)
 {
-#ifdef _PY37_AND_LATER
-    if (PyThread_tss_get(&memalloc_reentrant_key))
+    if (!lock)
+        return false;
+
+#ifdef _WIN32
+    bool result = WAIT_OBJECT_0 == WaitForSingleObject(lock->mutex, 0); // 0ms timeout -> no wait
 #else
-    if (PyThread_get_key_value(memalloc_reentrant_key))
+    bool result = 0 == pthread_mutex_trylock(&lock->mutex);
 #endif
-        return true;
+    if (!result && g_crash_on_mutex_pass) {
+        // segfault
+        int* p = NULL;
+        *p = 0;
+        abort(); // should never reach here
+    }
 
-    return false;
+    return result;
+}
+
+static inline void
+memlock_lock(memlock_t* lock)
+{
+    if (!lock)
+        return;
+
+#ifdef _WIN32
+    WaitForSingleObject(lock->mutex, INFINITE);
+#else
+    pthread_mutex_lock(&lock->mutex);
+#endif
+}
+
+// Cleanup function
+static inline bool
+memlock_destroy(memlock_t* lock)
+{
+    if (!lock)
+        return false;
+
+#ifdef _WIN32
+    return CloseHandle(lock->mutex);
+#else
+    return 0 == pthread_mutex_destroy(&lock->mutex);
+#endif
+}
+
+static inline bool
+memalloc_take_guard()
+{
+    // Ordinarilly, a process-wide semaphore would require a CAS, but since this is thread-local we can just set it.
+    if (_MEMALLOC_ON_THREAD)
+        return false;
+    _MEMALLOC_ON_THREAD = true;
+    return true;
+}
+
+static inline void
+memalloc_yield_guard(void)
+{
+    // Ideally, we'd actually capture the old state within an object and restore it, but since this is
+    // a coarse-grained lock, we just set it to false.
+    _MEMALLOC_ON_THREAD = false;
 }
 
 #endif
diff --git a/ddtrace/profiling/collector/_memalloc_tb.c b/ddtrace/profiling/collector/_memalloc_tb.c
index ba79021f719..bb265fe08d5 100644
--- a/ddtrace/profiling/collector/_memalloc_tb.c
+++ b/ddtrace/profiling/collector/_memalloc_tb.c
@@ -87,6 +87,9 @@ memalloc_tb_deinit(void)
 void
 traceback_free(traceback_t* tb)
 {
+    if (!tb)
+        return;
+
     for (uint16_t nframe = 0; nframe < tb->nframe; nframe++) {
         Py_DECREF(tb->frames[nframe].filename);
         Py_DECREF(tb->frames[nframe].name);
@@ -197,11 +200,7 @@ memalloc_get_traceback(uint16_t max_nframe, void* ptr, size_t size, PyMemAllocat
     traceback->size = size;
     traceback->ptr = ptr;
 
-#ifdef _PY37_AND_LATER
     traceback->thread_id = PyThread_get_thread_ident();
-#else
-    traceback->thread_id = tstate->thread_id;
-#endif
 
     traceback->domain = domain;
 
diff --git a/ddtrace/profiling/collector/_pymacro.h b/ddtrace/profiling/collector/_pymacro.h
index e71ed6888b9..aa31c3d4cc1 100644
--- a/ddtrace/profiling/collector/_pymacro.h
+++ b/ddtrace/profiling/collector/_pymacro.h
@@ -13,8 +13,4 @@
 #define _PY38
 #endif
 
-#if PY_VERSION_HEX >= 0x03070000
-#define _PY37_AND_LATER
-#endif
-
 #endif
diff --git a/docs/spelling_wordlist.txt b/docs/spelling_wordlist.txt
index 6bfa3f90bc1..3de01707d81 100644
--- a/docs/spelling_wordlist.txt
+++ b/docs/spelling_wordlist.txt
@@ -29,6 +29,8 @@ autopatching
 autoreload
 autoreloading
 aws
+AWS
+ARN
 backend
 backends
 backport
diff --git a/releasenotes/notes/denylist-extend-more-f0d96917c50d43cf.yaml b/releasenotes/notes/denylist-extend-more-f0d96917c50d43cf.yaml
new file mode 100644
index 00000000000..b0c378dadaa
--- /dev/null
+++ b/releasenotes/notes/denylist-extend-more-f0d96917c50d43cf.yaml
@@ -0,0 +1,4 @@
+---
+fixes:
+  - |
+    Add more modules to the IAST patching denylist to improve startup time
diff --git a/releasenotes/notes/fix-bedrock-model-id-parsing-611aea2ca2e00656.yaml b/releasenotes/notes/fix-bedrock-model-id-parsing-611aea2ca2e00656.yaml
new file mode 100644
index 00000000000..c3e13ea3d38
--- /dev/null
+++ b/releasenotes/notes/fix-bedrock-model-id-parsing-611aea2ca2e00656.yaml
@@ -0,0 +1,4 @@
+---
+fixes:
+  - |
+    botocore: Resolves formatting errors in the bedrock integration when parsing request model IDs, which can now accept AWS ARNs. 
diff --git a/releasenotes/notes/fix-profiling-memalloc-segfault-5593ad951405a75d.yaml b/releasenotes/notes/fix-profiling-memalloc-segfault-5593ad951405a75d.yaml
new file mode 100644
index 00000000000..8632b62af50
--- /dev/null
+++ b/releasenotes/notes/fix-profiling-memalloc-segfault-5593ad951405a75d.yaml
@@ -0,0 +1,5 @@
+---
+fixes:
+  - |
+    Fixes an issue where the memory allocation profiler can cause a segmentation fault due to
+    data races when accessing its own global data structures from multiple threads.
diff --git a/releasenotes/notes/profiling-remove-getpid-from-memalloc-74f54043accdfc9e.yaml b/releasenotes/notes/profiling-remove-getpid-from-memalloc-74f54043accdfc9e.yaml
new file mode 100644
index 00000000000..1680dba0673
--- /dev/null
+++ b/releasenotes/notes/profiling-remove-getpid-from-memalloc-74f54043accdfc9e.yaml
@@ -0,0 +1,5 @@
+---
+fixes:
+  - |
+    profiling: Removed a system call from the memory allocation profiler, used to detect forks,
+    which ran on every allocation and resulted in a significant slowdown.
diff --git a/releasenotes/notes/resolves-gevent-asyncio-incompatiblities-246028676b10bea9.yaml b/releasenotes/notes/resolves-gevent-asyncio-incompatiblities-246028676b10bea9.yaml
new file mode 100644
index 00000000000..08a5448b3dc
--- /dev/null
+++ b/releasenotes/notes/resolves-gevent-asyncio-incompatiblities-246028676b10bea9.yaml
@@ -0,0 +1,4 @@
+---
+fixes:
+  - |
+    asyncio: Resolves an issue where asyncio event loops fail to register when ``ddtrace-run``/``import ddtrace.auto`` is used and gevent is installed.
diff --git a/riotfile.py b/riotfile.py
index 6db9102786f..5d44c657fb2 100644
--- a/riotfile.py
+++ b/riotfile.py
@@ -473,7 +473,8 @@ def select_pys(min_version: str = MIN_PYTHON_VERSION, max_version: str = MAX_PYT
                         Venv(
                             pys="3.9",
                             pkgs={
-                                "gevent": ["~=21.1.0", latest],
+                                # https://github.com/gevent/gevent/issues/2076
+                                "gevent": ["~=21.1.0", "<21.8.0"],
                                 "greenlet": "~=1.0",
                             },
                         ),
@@ -805,6 +806,7 @@ def select_pys(min_version: str = MIN_PYTHON_VERSION, max_version: str = MAX_PYT
                 "django-q": latest,
                 "spyne": latest,
                 "zeep": latest,
+                "bcrypt": "==4.2.1",
             },
             env={
                 "DD_CIVISIBILITY_ITR_ENABLED": "0",
@@ -2869,6 +2871,17 @@ def select_pys(min_version: str = MIN_PYTHON_VERSION, max_version: str = MAX_PYT
             env={
                 "DD_AGENT_PORT": "9126",
             },
+            venvs=[
+                # Python 3.8
+                Venv(
+                    pys=["3.8"],
+                    pkgs={"greenlet": "==3.1.0"},
+                ),
+                # Python 3.9+
+                Venv(
+                    pys=select_pys(min_version="3.9"),
+                ),
+            ],
         ),
         Venv(
             name="subprocess",
diff --git a/scripts/iast/leak_functions.py b/scripts/iast/leak_functions.py
index 55fdcb0bbaa..ebac2253858 100644
--- a/scripts/iast/leak_functions.py
+++ b/scripts/iast/leak_functions.py
@@ -13,7 +13,7 @@
 from ddtrace.appsec._iast._iast_request_context import set_iast_request_enabled
 from ddtrace.appsec._iast._iast_request_context import start_iast_context
 from ddtrace.appsec._iast._taint_tracking import active_map_addreses_size
-from ddtrace.appsec._iast._taint_tracking import is_pyobject_tainted
+from ddtrace.appsec._iast._taint_tracking._taint_objects import is_pyobject_tainted
 from tests.utils import override_env
 
 
diff --git a/scripts/iast/mod_leak_functions.py b/scripts/iast/mod_leak_functions.py
index 40e7e5a99b7..bf96d93c497 100644
--- a/scripts/iast/mod_leak_functions.py
+++ b/scripts/iast/mod_leak_functions.py
@@ -13,8 +13,8 @@
 import requests
 
 from ddtrace.appsec._iast._taint_tracking import OriginType
-from ddtrace.appsec._iast._taint_tracking import is_pyobject_tainted
-from ddtrace.appsec._iast._taint_tracking import taint_pyobject
+from ddtrace.appsec._iast._taint_tracking._taint_objects import is_pyobject_tainted
+from ddtrace.appsec._iast._taint_tracking._taint_objects import taint_pyobject
 
 
 v = SchemaValidator(
diff --git a/scripts/iast/test_references.py b/scripts/iast/test_references.py
index d4cdd2fcc16..8fce6e0cdd7 100644
--- a/scripts/iast/test_references.py
+++ b/scripts/iast/test_references.py
@@ -4,9 +4,9 @@
 
 from mod_leak_functions import test_doit
 
-from ddtrace.appsec._iast._taint_tracking import create_context
-from ddtrace.appsec._iast._taint_tracking import is_pyobject_tainted
-from ddtrace.appsec._iast._taint_tracking import reset_context
+from ddtrace.appsec._iast._taint_tracking._context import create_context
+from ddtrace.appsec._iast._taint_tracking._context import reset_context
+from ddtrace.appsec._iast._taint_tracking._taint_objects import is_pyobject_tainted
 
 
 async def test_main():
diff --git a/setup.py b/setup.py
index 74e8f8187d7..dfaa5f6bf97 100644
--- a/setup.py
+++ b/setup.py
@@ -510,8 +510,11 @@ def get_exts_for(name):
                 "ddtrace/profiling/collector/_memalloc.c",
                 "ddtrace/profiling/collector/_memalloc_tb.c",
                 "ddtrace/profiling/collector/_memalloc_heap.c",
+                "ddtrace/profiling/collector/_memalloc_reentrant.c",
             ],
-            extra_compile_args=debug_compile_args,
+            extra_compile_args=debug_compile_args + ["-D_POSIX_C_SOURCE=200809L", "-std=c11"]
+            if CURRENT_OS != "Windows"
+            else ["/std:c11"],
         ),
         Extension(
             "ddtrace.internal._threads",
diff --git a/tests/appsec/app.py b/tests/appsec/app.py
index 103341c752a..eb5beb666cf 100644
--- a/tests/appsec/app.py
+++ b/tests/appsec/app.py
@@ -239,7 +239,7 @@ def iast_ast_patching_io_bytes_io_untainted():
         changed = BytesIO(bytes_filename)
     resp = Response("Fail")
     try:
-        from ddtrace.appsec._iast._taint_tracking import is_pyobject_tainted
+        from ddtrace.appsec._iast._taint_tracking._taint_objects import is_pyobject_tainted
 
         if not is_pyobject_tainted(changed):
             resp = Response("OK")
@@ -270,7 +270,7 @@ def iast_ast_patching_io_string_io_untainted():
         changed = StringIO(filename)
     resp = Response("Fail")
     try:
-        from ddtrace.appsec._iast._taint_tracking import is_pyobject_tainted
+        from ddtrace.appsec._iast._taint_tracking._taint_objects import is_pyobject_tainted
 
         if not is_pyobject_tainted(changed):
             resp = Response("OK")
@@ -302,7 +302,7 @@ def iast_ast_patching_io_bytes_io_read_untainted():
         changed = BytesIO(bytes_filename)
     resp = Response("Fail")
     try:
-        from ddtrace.appsec._iast._taint_tracking import is_pyobject_tainted
+        from ddtrace.appsec._iast._taint_tracking._taint_objects import is_pyobject_tainted
 
         if not is_pyobject_tainted(changed.read(4)):
             resp = Response("OK")
@@ -333,7 +333,7 @@ def iast_ast_patching_io_string_io_read_untainted():
         changed = StringIO(filename)
     resp = Response("Fail")
     try:
-        from ddtrace.appsec._iast._taint_tracking import is_pyobject_tainted
+        from ddtrace.appsec._iast._taint_tracking._taint_objects import is_pyobject_tainted
 
         if not is_pyobject_tainted(changed.read(4)):
             resp = Response("OK")
@@ -365,7 +365,7 @@ def iast_ast_patching_io_bytes_io():
         changed = BytesIO(bytes_filename)
     resp = Response("Fail")
     try:
-        from ddtrace.appsec._iast._taint_tracking import is_pyobject_tainted
+        from ddtrace.appsec._iast._taint_tracking._taint_objects import is_pyobject_tainted
 
         if is_pyobject_tainted(changed):
             resp = Response("OK")
@@ -396,7 +396,7 @@ def iast_ast_patching_io_string_io():
         changed = StringIO(filename)
     resp = Response("Fail")
     try:
-        from ddtrace.appsec._iast._taint_tracking import is_pyobject_tainted
+        from ddtrace.appsec._iast._taint_tracking._taint_objects import is_pyobject_tainted
 
         if is_pyobject_tainted(changed):
             resp = Response("OK")
@@ -428,7 +428,7 @@ def iast_ast_patching_io_bytes_io_read():
         changed = BytesIO(bytes_filename)
     resp = Response("Fail")
     try:
-        from ddtrace.appsec._iast._taint_tracking import is_pyobject_tainted
+        from ddtrace.appsec._iast._taint_tracking._taint_objects import is_pyobject_tainted
 
         if is_pyobject_tainted(changed.read(4)):
             resp = Response("OK")
@@ -459,7 +459,7 @@ def iast_ast_patching_io_string_io_read():
         changed = StringIO(filename)
     resp = Response("Fail")
     try:
-        from ddtrace.appsec._iast._taint_tracking import is_pyobject_tainted
+        from ddtrace.appsec._iast._taint_tracking._taint_objects import is_pyobject_tainted
 
         if is_pyobject_tainted(changed.read(4)):
             resp = Response("OK")
@@ -479,7 +479,7 @@ def iast_ast_patching_re_sub():
         changed = pattern.sub(" ", filename)
     resp = Response("Fail")
     try:
-        from ddtrace.appsec._iast._taint_tracking import is_pyobject_tainted
+        from ddtrace.appsec._iast._taint_tracking._taint_objects import is_pyobject_tainted
 
         if is_pyobject_tainted(changed):
             resp = Response("OK")
@@ -501,7 +501,7 @@ def iast_ast_patching_non_re_sub():
         changed = pattern.sub(" ", filename)
     resp = Response("OK")
     try:
-        from ddtrace.appsec._iast._taint_tracking import is_pyobject_tainted
+        from ddtrace.appsec._iast._taint_tracking._taint_objects import is_pyobject_tainted
 
         if is_pyobject_tainted(changed):
             resp = Response("Fail")
@@ -521,7 +521,7 @@ def iast_ast_patching_re_subn():
         changed, number = pattern.subn(" ", filename)
     resp = Response("Fail")
     try:
-        from ddtrace.appsec._iast._taint_tracking import is_pyobject_tainted
+        from ddtrace.appsec._iast._taint_tracking._taint_objects import is_pyobject_tainted
 
         if is_pyobject_tainted(changed):
             resp = Response("OK")
@@ -543,7 +543,7 @@ def iast_ast_patching_non_re_subn():
         changed, number = pattern.subn(" ", filename)
     resp = Response("OK")
     try:
-        from ddtrace.appsec._iast._taint_tracking import is_pyobject_tainted
+        from ddtrace.appsec._iast._taint_tracking._taint_objects import is_pyobject_tainted
 
         if is_pyobject_tainted(changed):
             resp = Response("Fail")
@@ -563,7 +563,7 @@ def iast_ast_patching_re_split():
         result = pattern.split(filename)
     resp = Response("Fail")
     try:
-        from ddtrace.appsec._iast._taint_tracking import is_pyobject_tainted
+        from ddtrace.appsec._iast._taint_tracking._taint_objects import is_pyobject_tainted
 
         if all(map(is_pyobject_tainted, result)):
             resp = Response("OK")
@@ -585,7 +585,7 @@ def iast_ast_patching_non_re_split():
         result = pattern.split(filename)
     resp = Response("OK")
     try:
-        from ddtrace.appsec._iast._taint_tracking import is_pyobject_tainted
+        from ddtrace.appsec._iast._taint_tracking._taint_objects import is_pyobject_tainted
 
         if any(map(is_pyobject_tainted, result)):
             resp = Response("Fail")
@@ -605,7 +605,7 @@ def iast_ast_patching_re_findall():
         result = pattern.findall(filename)
     resp = Response("Fail")
     try:
-        from ddtrace.appsec._iast._taint_tracking import is_pyobject_tainted
+        from ddtrace.appsec._iast._taint_tracking._taint_objects import is_pyobject_tainted
 
         if all(map(is_pyobject_tainted, result)):
             resp = Response("OK")
@@ -627,7 +627,7 @@ def iast_ast_patching_non_re_findall():
         result = pattern.findall(filename)
     resp = Response("OK")
     try:
-        from ddtrace.appsec._iast._taint_tracking import is_pyobject_tainted
+        from ddtrace.appsec._iast._taint_tracking._taint_objects import is_pyobject_tainted
 
         if any(map(is_pyobject_tainted, result)):
             resp = Response("Fail")
@@ -647,7 +647,7 @@ def iast_ast_patching_re_finditer():
         result = pattern.finditer(filename)
     resp = Response("Fail")
     try:
-        from ddtrace.appsec._iast._taint_tracking import is_pyobject_tainted
+        from ddtrace.appsec._iast._taint_tracking._taint_objects import is_pyobject_tainted
 
         if all(map(is_pyobject_tainted, result)):
             resp = Response("OK")
@@ -669,7 +669,7 @@ def iast_ast_patching_non_re_finditer():
         result = pattern.finditer(filename)
     resp = Response("OK")
     try:
-        from ddtrace.appsec._iast._taint_tracking import is_pyobject_tainted
+        from ddtrace.appsec._iast._taint_tracking._taint_objects import is_pyobject_tainted
 
         if any(map(is_pyobject_tainted, result)):
             resp = Response("Fail")
@@ -697,7 +697,7 @@ def iast_ast_patching_re_groups():
             result = []
     resp = Response("Fail")
     try:
-        from ddtrace.appsec._iast._taint_tracking import is_pyobject_tainted
+        from ddtrace.appsec._iast._taint_tracking._taint_objects import is_pyobject_tainted
 
         if result and all(map(is_pyobject_tainted, result)):
             resp = Response("OK")
@@ -727,7 +727,7 @@ def iast_ast_patching_non_re_groups():
             result = []
     resp = Response("OK")
     try:
-        from ddtrace.appsec._iast._taint_tracking import is_pyobject_tainted
+        from ddtrace.appsec._iast._taint_tracking._taint_objects import is_pyobject_tainted
 
         if not result or any(map(is_pyobject_tainted, result)):
             resp = Response("Fail")
@@ -755,7 +755,7 @@ def iast_ast_patching_re_string():
             result = None
     resp = Response("Fail")
     try:
-        from ddtrace.appsec._iast._taint_tracking import is_pyobject_tainted
+        from ddtrace.appsec._iast._taint_tracking._taint_objects import is_pyobject_tainted
 
         if result and is_pyobject_tainted(result):
             resp = Response("OK")
@@ -785,7 +785,7 @@ def iast_ast_patching_non_re_string():
             result = None
     resp = Response("OK")
     try:
-        from ddtrace.appsec._iast._taint_tracking import is_pyobject_tainted
+        from ddtrace.appsec._iast._taint_tracking._taint_objects import is_pyobject_tainted
 
         if not result or is_pyobject_tainted(result):
             resp = Response("Fail")
@@ -813,7 +813,7 @@ def iast_ast_patching_re_fullmatch():
             result = []
     resp = Response("Fail")
     try:
-        from ddtrace.appsec._iast._taint_tracking import is_pyobject_tainted
+        from ddtrace.appsec._iast._taint_tracking._taint_objects import is_pyobject_tainted
 
         if result and all(map(is_pyobject_tainted, result)):
             resp = Response("OK")
@@ -843,7 +843,7 @@ def iast_ast_patching_non_re_fullmatch():
             result = []
     resp = Response("OK")
     try:
-        from ddtrace.appsec._iast._taint_tracking import is_pyobject_tainted
+        from ddtrace.appsec._iast._taint_tracking._taint_objects import is_pyobject_tainted
 
         if not result or any(map(is_pyobject_tainted, result)):
             resp = Response("Fail")
@@ -871,7 +871,7 @@ def iast_ast_patching_re_expand():
             result = None
     resp = Response("Fail")
     try:
-        from ddtrace.appsec._iast._taint_tracking import is_pyobject_tainted
+        from ddtrace.appsec._iast._taint_tracking._taint_objects import is_pyobject_tainted
 
         if result and is_pyobject_tainted(result):
             resp = Response("OK")
@@ -901,7 +901,7 @@ def iast_ast_patching_non_re_expand():
             result = None
     resp = Response("OK")
     try:
-        from ddtrace.appsec._iast._taint_tracking import is_pyobject_tainted
+        from ddtrace.appsec._iast._taint_tracking._taint_objects import is_pyobject_tainted
 
         if not result or is_pyobject_tainted(result):
             resp = Response("Fail")
@@ -929,7 +929,7 @@ def iast_ast_patching_re_search():
             result = []
     resp = Response("Fail")
     try:
-        from ddtrace.appsec._iast._taint_tracking import is_pyobject_tainted
+        from ddtrace.appsec._iast._taint_tracking._taint_objects import is_pyobject_tainted
 
         if result and all(map(is_pyobject_tainted, result)):
             resp = Response("OK")
@@ -959,7 +959,7 @@ def iast_ast_patching_non_re_search():
             result = []
     resp = Response("OK")
     try:
-        from ddtrace.appsec._iast._taint_tracking import is_pyobject_tainted
+        from ddtrace.appsec._iast._taint_tracking._taint_objects import is_pyobject_tainted
 
         if not result or any(map(is_pyobject_tainted, result)):
             resp = Response("Fail")
diff --git a/tests/appsec/iast/aspects/aspect_utils.py b/tests/appsec/iast/aspects/aspect_utils.py
index e62625e256b..0467915e672 100644
--- a/tests/appsec/iast/aspects/aspect_utils.py
+++ b/tests/appsec/iast/aspects/aspect_utils.py
@@ -11,7 +11,7 @@
 from ddtrace.appsec._iast._taint_tracking import TaintRange
 from ddtrace.appsec._iast._taint_tracking import as_formatted_evidence
 from ddtrace.appsec._iast._taint_tracking import set_ranges
-from ddtrace.appsec._iast._taint_tracking import taint_pyobject_with_ranges
+from ddtrace.appsec._iast._taint_tracking._taint_objects import taint_pyobject_with_ranges
 from tests.appsec.iast.aspects.conftest import _iast_patched_module
 
 
diff --git a/tests/appsec/iast/aspects/test_add_aspect.py b/tests/appsec/iast/aspects/test_add_aspect.py
index f9f86a4413c..a2e4558198f 100644
--- a/tests/appsec/iast/aspects/test_add_aspect.py
+++ b/tests/appsec/iast/aspects/test_add_aspect.py
@@ -5,12 +5,12 @@
 import pytest
 
 from ddtrace.appsec._iast._taint_tracking import OriginType
-from ddtrace.appsec._iast._taint_tracking import create_context
-from ddtrace.appsec._iast._taint_tracking import get_tainted_ranges
-from ddtrace.appsec._iast._taint_tracking import is_pyobject_tainted
-from ddtrace.appsec._iast._taint_tracking import reset_context
-from ddtrace.appsec._iast._taint_tracking import taint_pyobject
+from ddtrace.appsec._iast._taint_tracking._context import create_context
+from ddtrace.appsec._iast._taint_tracking._context import reset_context
 from ddtrace.appsec._iast._taint_tracking._native.taint_tracking import TaintRange_
+from ddtrace.appsec._iast._taint_tracking._taint_objects import get_tainted_ranges
+from ddtrace.appsec._iast._taint_tracking._taint_objects import is_pyobject_tainted
+from ddtrace.appsec._iast._taint_tracking._taint_objects import taint_pyobject
 import ddtrace.appsec._iast._taint_tracking.aspects as ddtrace_aspects
 from ddtrace.appsec._iast._taint_tracking.aspects import add_aspect
 from tests.appsec.iast.conftest import _end_iast_context_and_oce
diff --git a/tests/appsec/iast/aspects/test_add_aspect_fixtures.py b/tests/appsec/iast/aspects/test_add_aspect_fixtures.py
index 19a6a97dae7..854cbea2032 100644
--- a/tests/appsec/iast/aspects/test_add_aspect_fixtures.py
+++ b/tests/appsec/iast/aspects/test_add_aspect_fixtures.py
@@ -4,8 +4,8 @@
 import pytest
 
 from ddtrace.appsec._iast._taint_tracking import OriginType
-from ddtrace.appsec._iast._taint_tracking import get_tainted_ranges
-from ddtrace.appsec._iast._taint_tracking import taint_pyobject
+from ddtrace.appsec._iast._taint_tracking._taint_objects import get_tainted_ranges
+from ddtrace.appsec._iast._taint_tracking._taint_objects import taint_pyobject
 from tests.appsec.iast.aspects.conftest import _iast_patched_module
 
 
diff --git a/tests/appsec/iast/aspects/test_add_inplace_aspect.py b/tests/appsec/iast/aspects/test_add_inplace_aspect.py
index b6d2b22dce8..babe9bae651 100644
--- a/tests/appsec/iast/aspects/test_add_inplace_aspect.py
+++ b/tests/appsec/iast/aspects/test_add_inplace_aspect.py
@@ -5,10 +5,10 @@
 import pytest
 
 from ddtrace.appsec._iast._taint_tracking import OriginType
-from ddtrace.appsec._iast._taint_tracking import get_tainted_ranges
-from ddtrace.appsec._iast._taint_tracking import is_pyobject_tainted
-from ddtrace.appsec._iast._taint_tracking import taint_pyobject
 from ddtrace.appsec._iast._taint_tracking._native.taint_tracking import TaintRange_
+from ddtrace.appsec._iast._taint_tracking._taint_objects import get_tainted_ranges
+from ddtrace.appsec._iast._taint_tracking._taint_objects import is_pyobject_tainted
+from ddtrace.appsec._iast._taint_tracking._taint_objects import taint_pyobject
 import ddtrace.appsec._iast._taint_tracking.aspects as ddtrace_aspects
 
 
diff --git a/tests/appsec/iast/aspects/test_add_inplace_aspect_fixtures.py b/tests/appsec/iast/aspects/test_add_inplace_aspect_fixtures.py
index 1d59ba41dbc..4fc96486be0 100644
--- a/tests/appsec/iast/aspects/test_add_inplace_aspect_fixtures.py
+++ b/tests/appsec/iast/aspects/test_add_inplace_aspect_fixtures.py
@@ -4,8 +4,8 @@
 import pytest
 
 from ddtrace.appsec._iast._taint_tracking import OriginType
-from ddtrace.appsec._iast._taint_tracking import get_tainted_ranges
-from ddtrace.appsec._iast._taint_tracking import taint_pyobject
+from ddtrace.appsec._iast._taint_tracking._taint_objects import get_tainted_ranges
+from ddtrace.appsec._iast._taint_tracking._taint_objects import taint_pyobject
 from tests.appsec.iast.aspects.conftest import _iast_patched_module
 
 
diff --git a/tests/appsec/iast/aspects/test_asyncio.py b/tests/appsec/iast/aspects/test_asyncio.py
index e01627819b3..1bd8bd7b45a 100644
--- a/tests/appsec/iast/aspects/test_asyncio.py
+++ b/tests/appsec/iast/aspects/test_asyncio.py
@@ -5,9 +5,9 @@
 import pytest
 
 from ddtrace.appsec._iast._taint_tracking import OriginType
-from ddtrace.appsec._iast._taint_tracking import get_tainted_ranges
-from ddtrace.appsec._iast._taint_tracking import is_pyobject_tainted
-from ddtrace.appsec._iast._taint_tracking import taint_pyobject
+from ddtrace.appsec._iast._taint_tracking._taint_objects import get_tainted_ranges
+from ddtrace.appsec._iast._taint_tracking._taint_objects import is_pyobject_tainted
+from ddtrace.appsec._iast._taint_tracking._taint_objects import taint_pyobject
 from tests.appsec.iast.aspects.conftest import _iast_patched_module
 
 
diff --git a/tests/appsec/iast/aspects/test_bytearray_extend_aspect.py b/tests/appsec/iast/aspects/test_bytearray_extend_aspect.py
index e746800cd3f..41047e47203 100644
--- a/tests/appsec/iast/aspects/test_bytearray_extend_aspect.py
+++ b/tests/appsec/iast/aspects/test_bytearray_extend_aspect.py
@@ -6,10 +6,10 @@
 from ddtrace.appsec._iast._taint_tracking import OriginType
 from ddtrace.appsec._iast._taint_tracking import Source
 from ddtrace.appsec._iast._taint_tracking import TaintRange
-from ddtrace.appsec._iast._taint_tracking import create_context
-from ddtrace.appsec._iast._taint_tracking import get_tainted_ranges
-from ddtrace.appsec._iast._taint_tracking import reset_context
-from ddtrace.appsec._iast._taint_tracking import taint_pyobject
+from ddtrace.appsec._iast._taint_tracking._context import create_context
+from ddtrace.appsec._iast._taint_tracking._context import reset_context
+from ddtrace.appsec._iast._taint_tracking._taint_objects import get_tainted_ranges
+from ddtrace.appsec._iast._taint_tracking._taint_objects import taint_pyobject
 from tests.appsec.iast.aspects.conftest import _iast_patched_module
 from tests.utils import override_global_config
 
diff --git a/tests/appsec/iast/aspects/test_common_replace_aspects.py b/tests/appsec/iast/aspects/test_common_replace_aspects.py
index f858c065aa1..7054b34e83b 100644
--- a/tests/appsec/iast/aspects/test_common_replace_aspects.py
+++ b/tests/appsec/iast/aspects/test_common_replace_aspects.py
@@ -3,8 +3,8 @@
 from ddtrace.appsec._iast._taint_tracking import OriginType
 from ddtrace.appsec._iast._taint_tracking import Source
 from ddtrace.appsec._iast._taint_tracking import TaintRange
-from ddtrace.appsec._iast._taint_tracking import get_tainted_ranges
-from ddtrace.appsec._iast._taint_tracking import taint_pyobject
+from ddtrace.appsec._iast._taint_tracking._taint_objects import get_tainted_ranges
+from ddtrace.appsec._iast._taint_tracking._taint_objects import taint_pyobject
 from tests.appsec.iast.aspects.conftest import _iast_patched_module
 
 
diff --git a/tests/appsec/iast/aspects/test_encode_decode_aspect.py b/tests/appsec/iast/aspects/test_encode_decode_aspect.py
index 6e994f6e9fa..a5da649c1fe 100644
--- a/tests/appsec/iast/aspects/test_encode_decode_aspect.py
+++ b/tests/appsec/iast/aspects/test_encode_decode_aspect.py
@@ -3,8 +3,8 @@
 import pytest
 
 from ddtrace.appsec._iast._taint_tracking import OriginType
-from ddtrace.appsec._iast._taint_tracking import get_tainted_ranges
-from ddtrace.appsec._iast._taint_tracking import taint_pyobject
+from ddtrace.appsec._iast._taint_tracking._taint_objects import get_tainted_ranges
+from ddtrace.appsec._iast._taint_tracking._taint_objects import taint_pyobject
 import ddtrace.appsec._iast._taint_tracking.aspects as ddtrace_aspects
 from tests.appsec.iast.aspects.conftest import _iast_patched_module
 
diff --git a/tests/appsec/iast/aspects/test_format_aspect_fixtures.py b/tests/appsec/iast/aspects/test_format_aspect_fixtures.py
index a35a424d67b..b401589af92 100644
--- a/tests/appsec/iast/aspects/test_format_aspect_fixtures.py
+++ b/tests/appsec/iast/aspects/test_format_aspect_fixtures.py
@@ -9,10 +9,10 @@
 
 from ddtrace.appsec._iast._taint_tracking import OriginType
 from ddtrace.appsec._iast._taint_tracking import as_formatted_evidence
-from ddtrace.appsec._iast._taint_tracking import create_context
-from ddtrace.appsec._iast._taint_tracking import get_tainted_ranges
-from ddtrace.appsec._iast._taint_tracking import reset_context
-from ddtrace.appsec._iast._taint_tracking import taint_pyobject
+from ddtrace.appsec._iast._taint_tracking._context import create_context
+from ddtrace.appsec._iast._taint_tracking._context import reset_context
+from ddtrace.appsec._iast._taint_tracking._taint_objects import get_tainted_ranges
+from ddtrace.appsec._iast._taint_tracking._taint_objects import taint_pyobject
 from tests.appsec.iast.aspects.aspect_utils import BaseReplacement
 from tests.appsec.iast.aspects.aspect_utils import create_taint_range_with_format
 from tests.appsec.iast.aspects.conftest import _iast_patched_module
diff --git a/tests/appsec/iast/aspects/test_index_aspect_fixtures.py b/tests/appsec/iast/aspects/test_index_aspect_fixtures.py
index 0542cd636c8..8ab46d9bf45 100644
--- a/tests/appsec/iast/aspects/test_index_aspect_fixtures.py
+++ b/tests/appsec/iast/aspects/test_index_aspect_fixtures.py
@@ -4,10 +4,10 @@
 import pytest
 
 from ddtrace.appsec._iast._taint_tracking import OriginType
-from ddtrace.appsec._iast._taint_tracking import create_context
-from ddtrace.appsec._iast._taint_tracking import get_tainted_ranges
-from ddtrace.appsec._iast._taint_tracking import reset_context
-from ddtrace.appsec._iast._taint_tracking import taint_pyobject
+from ddtrace.appsec._iast._taint_tracking._context import create_context
+from ddtrace.appsec._iast._taint_tracking._context import reset_context
+from ddtrace.appsec._iast._taint_tracking._taint_objects import get_tainted_ranges
+from ddtrace.appsec._iast._taint_tracking._taint_objects import taint_pyobject
 from tests.appsec.iast.aspects.conftest import _iast_patched_module
 from tests.utils import override_global_config
 
diff --git a/tests/appsec/iast/aspects/test_io_aspects.py b/tests/appsec/iast/aspects/test_io_aspects.py
index ea74825895d..177e0742674 100644
--- a/tests/appsec/iast/aspects/test_io_aspects.py
+++ b/tests/appsec/iast/aspects/test_io_aspects.py
@@ -3,9 +3,9 @@
 
 from ddtrace.appsec._common_module_patches import patch_common_modules
 from ddtrace.appsec._iast._taint_tracking import OriginType
-from ddtrace.appsec._iast._taint_tracking import get_tainted_ranges
-from ddtrace.appsec._iast._taint_tracking import is_pyobject_tainted
-from ddtrace.appsec._iast._taint_tracking import taint_pyobject
+from ddtrace.appsec._iast._taint_tracking._taint_objects import get_tainted_ranges
+from ddtrace.appsec._iast._taint_tracking._taint_objects import is_pyobject_tainted
+from ddtrace.appsec._iast._taint_tracking._taint_objects import taint_pyobject
 from ddtrace.appsec._iast._taint_tracking.aspects import add_aspect
 from ddtrace.appsec._iast._taint_tracking.aspects import bytesio_aspect
 from ddtrace.appsec._iast._taint_tracking.aspects import stringio_aspect
diff --git a/tests/appsec/iast/aspects/test_join_aspect_fixtures.py b/tests/appsec/iast/aspects/test_join_aspect_fixtures.py
index 8692485f295..d4c896786f6 100644
--- a/tests/appsec/iast/aspects/test_join_aspect_fixtures.py
+++ b/tests/appsec/iast/aspects/test_join_aspect_fixtures.py
@@ -5,10 +5,10 @@
 import pytest
 
 from ddtrace.appsec._iast._taint_tracking import OriginType
-from ddtrace.appsec._iast._taint_tracking import create_context
-from ddtrace.appsec._iast._taint_tracking import get_tainted_ranges
-from ddtrace.appsec._iast._taint_tracking import reset_context
-from ddtrace.appsec._iast._taint_tracking import taint_pyobject
+from ddtrace.appsec._iast._taint_tracking._context import create_context
+from ddtrace.appsec._iast._taint_tracking._context import reset_context
+from ddtrace.appsec._iast._taint_tracking._taint_objects import get_tainted_ranges
+from ddtrace.appsec._iast._taint_tracking._taint_objects import taint_pyobject
 from tests.appsec.iast.aspects.conftest import _iast_patched_module
 from tests.utils import override_global_config
 
diff --git a/tests/appsec/iast/aspects/test_modulo_aspect_fixtures.py b/tests/appsec/iast/aspects/test_modulo_aspect_fixtures.py
index 80ca12a2db8..175b5bf9439 100644
--- a/tests/appsec/iast/aspects/test_modulo_aspect_fixtures.py
+++ b/tests/appsec/iast/aspects/test_modulo_aspect_fixtures.py
@@ -11,8 +11,8 @@
 from ddtrace.appsec._iast._taint_tracking import OriginType
 from ddtrace.appsec._iast._taint_tracking import as_formatted_evidence
 from ddtrace.appsec._iast._taint_tracking import get_ranges
-from ddtrace.appsec._iast._taint_tracking import get_tainted_ranges
-from ddtrace.appsec._iast._taint_tracking import taint_pyobject
+from ddtrace.appsec._iast._taint_tracking._taint_objects import get_tainted_ranges
+from ddtrace.appsec._iast._taint_tracking._taint_objects import taint_pyobject
 from tests.appsec.iast.aspects.aspect_utils import BaseReplacement
 from tests.appsec.iast.aspects.conftest import _iast_patched_module
 
diff --git a/tests/appsec/iast/aspects/test_ospath_aspects.py b/tests/appsec/iast/aspects/test_ospath_aspects.py
index 976327cdd2c..9e1b5eee93f 100644
--- a/tests/appsec/iast/aspects/test_ospath_aspects.py
+++ b/tests/appsec/iast/aspects/test_ospath_aspects.py
@@ -18,8 +18,8 @@
     from ddtrace.appsec._iast._taint_tracking.aspects import ospathsplitdrive_aspect
 if sys.version_info >= (3, 12):
     from ddtrace.appsec._iast._taint_tracking.aspects import ospathsplitroot_aspect
-from ddtrace.appsec._iast._taint_tracking import get_tainted_ranges
-from ddtrace.appsec._iast._taint_tracking import taint_pyobject
+from ddtrace.appsec._iast._taint_tracking._taint_objects import get_tainted_ranges
+from ddtrace.appsec._iast._taint_tracking._taint_objects import taint_pyobject
 
 
 def test_ospathjoin_first_arg_nottainted_noslash():
diff --git a/tests/appsec/iast/aspects/test_ospath_aspects_fixtures.py b/tests/appsec/iast/aspects/test_ospath_aspects_fixtures.py
index 68ac2cba76e..7cd2069dbfd 100644
--- a/tests/appsec/iast/aspects/test_ospath_aspects_fixtures.py
+++ b/tests/appsec/iast/aspects/test_ospath_aspects_fixtures.py
@@ -8,10 +8,10 @@
 from ddtrace.appsec._iast._taint_tracking import OriginType
 from ddtrace.appsec._iast._taint_tracking import Source
 from ddtrace.appsec._iast._taint_tracking import TaintRange
-from ddtrace.appsec._iast._taint_tracking import create_context
-from ddtrace.appsec._iast._taint_tracking import get_tainted_ranges
-from ddtrace.appsec._iast._taint_tracking import reset_context
-from ddtrace.appsec._iast._taint_tracking import taint_pyobject
+from ddtrace.appsec._iast._taint_tracking._context import create_context
+from ddtrace.appsec._iast._taint_tracking._context import reset_context
+from ddtrace.appsec._iast._taint_tracking._taint_objects import get_tainted_ranges
+from ddtrace.appsec._iast._taint_tracking._taint_objects import taint_pyobject
 from tests.appsec.iast.aspects.conftest import _iast_patched_module
 from tests.utils import override_global_config
 
diff --git a/tests/appsec/iast/aspects/test_other_patching.py b/tests/appsec/iast/aspects/test_other_patching.py
index d392fdb7c4b..a7b620a1792 100644
--- a/tests/appsec/iast/aspects/test_other_patching.py
+++ b/tests/appsec/iast/aspects/test_other_patching.py
@@ -5,8 +5,8 @@
 from ddtrace.appsec._iast._taint_tracking import OriginType
 from ddtrace.appsec._iast._taint_tracking import Source
 from ddtrace.appsec._iast._taint_tracking import TaintRange
-from ddtrace.appsec._iast._taint_tracking import get_tainted_ranges
-from ddtrace.appsec._iast._taint_tracking import taint_pyobject
+from ddtrace.appsec._iast._taint_tracking._taint_objects import get_tainted_ranges
+from ddtrace.appsec._iast._taint_tracking._taint_objects import taint_pyobject
 from tests.appsec.iast.aspects.conftest import _iast_patched_module
 
 
diff --git a/tests/appsec/iast/aspects/test_re_aspects.py b/tests/appsec/iast/aspects/test_re_aspects.py
index b5069948a89..55d2ea81f03 100644
--- a/tests/appsec/iast/aspects/test_re_aspects.py
+++ b/tests/appsec/iast/aspects/test_re_aspects.py
@@ -6,9 +6,9 @@
 from ddtrace.appsec._iast._taint_tracking import OriginType
 from ddtrace.appsec._iast._taint_tracking import Source
 from ddtrace.appsec._iast._taint_tracking import TaintRange
-from ddtrace.appsec._iast._taint_tracking import get_tainted_ranges
-from ddtrace.appsec._iast._taint_tracking import is_pyobject_tainted
-from ddtrace.appsec._iast._taint_tracking import taint_pyobject
+from ddtrace.appsec._iast._taint_tracking._taint_objects import get_tainted_ranges
+from ddtrace.appsec._iast._taint_tracking._taint_objects import is_pyobject_tainted
+from ddtrace.appsec._iast._taint_tracking._taint_objects import taint_pyobject
 from ddtrace.appsec._iast._taint_tracking.aspects import add_aspect
 from ddtrace.appsec._iast._taint_tracking.aspects import index_aspect
 from ddtrace.appsec._iast._taint_tracking.aspects import re_expand_aspect
diff --git a/tests/appsec/iast/aspects/test_replace_aspect.py b/tests/appsec/iast/aspects/test_replace_aspect.py
index b30fa7cdede..b929817e3eb 100644
--- a/tests/appsec/iast/aspects/test_replace_aspect.py
+++ b/tests/appsec/iast/aspects/test_replace_aspect.py
@@ -7,9 +7,9 @@
 from ddtrace.appsec._iast._taint_tracking import Source
 from ddtrace.appsec._iast._taint_tracking import TaintRange
 from ddtrace.appsec._iast._taint_tracking import as_formatted_evidence
-from ddtrace.appsec._iast._taint_tracking import is_pyobject_tainted
 from ddtrace.appsec._iast._taint_tracking import set_ranges
-from ddtrace.appsec._iast._taint_tracking import taint_pyobject
+from ddtrace.appsec._iast._taint_tracking._taint_objects import is_pyobject_tainted
+from ddtrace.appsec._iast._taint_tracking._taint_objects import taint_pyobject
 import ddtrace.appsec._iast._taint_tracking.aspects as ddtrace_aspects
 from ddtrace.internal.compat import PYTHON_VERSION_INFO
 
diff --git a/tests/appsec/iast/aspects/test_side_effects.py b/tests/appsec/iast/aspects/test_side_effects.py
index 0c019f9994b..120b8f88a05 100644
--- a/tests/appsec/iast/aspects/test_side_effects.py
+++ b/tests/appsec/iast/aspects/test_side_effects.py
@@ -3,9 +3,9 @@
 import pytest
 
 from ddtrace.appsec._iast._taint_tracking import OriginType
-from ddtrace.appsec._iast._taint_tracking import get_tainted_ranges
-from ddtrace.appsec._iast._taint_tracking import taint_pyobject
-from ddtrace.appsec._iast._taint_tracking import taint_pyobject_with_ranges
+from ddtrace.appsec._iast._taint_tracking._taint_objects import get_tainted_ranges
+from ddtrace.appsec._iast._taint_tracking._taint_objects import taint_pyobject
+from ddtrace.appsec._iast._taint_tracking._taint_objects import taint_pyobject_with_ranges
 import ddtrace.appsec._iast._taint_tracking.aspects as ddtrace_aspects
 from tests.appsec.iast.aspects.conftest import _iast_patched_module
 from tests.appsec.iast.iast_utils_side_effects import MagicMethodsException
diff --git a/tests/appsec/iast/aspects/test_slice_aspect_fixtures.py b/tests/appsec/iast/aspects/test_slice_aspect_fixtures.py
index bd42b136e06..6869fbbd15c 100644
--- a/tests/appsec/iast/aspects/test_slice_aspect_fixtures.py
+++ b/tests/appsec/iast/aspects/test_slice_aspect_fixtures.py
@@ -5,10 +5,10 @@
 import pytest
 
 from ddtrace.appsec._iast._taint_tracking import OriginType
-from ddtrace.appsec._iast._taint_tracking import create_context
-from ddtrace.appsec._iast._taint_tracking import get_tainted_ranges
-from ddtrace.appsec._iast._taint_tracking import reset_context
-from ddtrace.appsec._iast._taint_tracking import taint_pyobject
+from ddtrace.appsec._iast._taint_tracking._context import create_context
+from ddtrace.appsec._iast._taint_tracking._context import reset_context
+from ddtrace.appsec._iast._taint_tracking._taint_objects import get_tainted_ranges
+from ddtrace.appsec._iast._taint_tracking._taint_objects import taint_pyobject
 from tests.appsec.iast.aspects.conftest import _iast_patched_module
 from tests.utils import override_global_config
 
diff --git a/tests/appsec/iast/aspects/test_split_aspect.py b/tests/appsec/iast/aspects/test_split_aspect.py
index 30f4fe121ca..faee670d12e 100644
--- a/tests/appsec/iast/aspects/test_split_aspect.py
+++ b/tests/appsec/iast/aspects/test_split_aspect.py
@@ -9,11 +9,11 @@
 from ddtrace.appsec._iast._taint_tracking import _aspect_rsplit
 from ddtrace.appsec._iast._taint_tracking import _aspect_split
 from ddtrace.appsec._iast._taint_tracking import _aspect_splitlines
-from ddtrace.appsec._iast._taint_tracking import create_context
 from ddtrace.appsec._iast._taint_tracking import get_ranges
-from ddtrace.appsec._iast._taint_tracking import reset_context
 from ddtrace.appsec._iast._taint_tracking import set_ranges
-from ddtrace.appsec._iast._taint_tracking import taint_pyobject
+from ddtrace.appsec._iast._taint_tracking._context import create_context
+from ddtrace.appsec._iast._taint_tracking._context import reset_context
+from ddtrace.appsec._iast._taint_tracking._taint_objects import taint_pyobject
 from tests.appsec.iast.aspects.test_aspect_helpers import _build_sample_range
 from tests.utils import override_global_config
 
diff --git a/tests/appsec/iast/aspects/test_str_aspect.py b/tests/appsec/iast/aspects/test_str_aspect.py
index ba32fa970b5..c036a5fbbe3 100644
--- a/tests/appsec/iast/aspects/test_str_aspect.py
+++ b/tests/appsec/iast/aspects/test_str_aspect.py
@@ -6,9 +6,9 @@
 from ddtrace.appsec._iast._taint_tracking import Source
 from ddtrace.appsec._iast._taint_tracking import TaintRange
 from ddtrace.appsec._iast._taint_tracking import as_formatted_evidence
-from ddtrace.appsec._iast._taint_tracking import get_tainted_ranges
-from ddtrace.appsec._iast._taint_tracking import is_pyobject_tainted
-from ddtrace.appsec._iast._taint_tracking import taint_pyobject
+from ddtrace.appsec._iast._taint_tracking._taint_objects import get_tainted_ranges
+from ddtrace.appsec._iast._taint_tracking._taint_objects import is_pyobject_tainted
+from ddtrace.appsec._iast._taint_tracking._taint_objects import taint_pyobject
 import ddtrace.appsec._iast._taint_tracking.aspects as ddtrace_aspects
 from tests.appsec.iast.aspects.aspect_utils import BaseReplacement
 from tests.appsec.iast.aspects.aspect_utils import create_taint_range_with_format
diff --git a/tests/appsec/iast/fixtures/entrypoint/views.py b/tests/appsec/iast/fixtures/entrypoint/views.py
index 58baf906c53..3359e5c0366 100644
--- a/tests/appsec/iast/fixtures/entrypoint/views.py
+++ b/tests/appsec/iast/fixtures/entrypoint/views.py
@@ -3,9 +3,9 @@
 
 def add_test():
     from ddtrace.appsec._iast._taint_tracking import OriginType
-    from ddtrace.appsec._iast._taint_tracking import create_context
-    from ddtrace.appsec._iast._taint_tracking import get_tainted_ranges
-    from ddtrace.appsec._iast._taint_tracking import taint_pyobject
+    from ddtrace.appsec._iast._taint_tracking._context import create_context
+    from ddtrace.appsec._iast._taint_tracking._taint_objects import get_tainted_ranges
+    from ddtrace.appsec._iast._taint_tracking._taint_objects import taint_pyobject
 
     string_to_taint = "abc"
     create_context()
diff --git a/tests/appsec/iast/fixtures/taint_sinks/sql_injection_psycopg2.py b/tests/appsec/iast/fixtures/taint_sinks/sql_injection_psycopg2.py
index 3411509c956..69994a20fe1 100644
--- a/tests/appsec/iast/fixtures/taint_sinks/sql_injection_psycopg2.py
+++ b/tests/appsec/iast/fixtures/taint_sinks/sql_injection_psycopg2.py
@@ -3,8 +3,8 @@
 import psycopg2
 from psycopg2.errors import DuplicateTable
 
-from ddtrace.appsec._iast._taint_tracking import get_tainted_ranges
-from ddtrace.appsec._iast._taint_tracking import is_pyobject_tainted
+from ddtrace.appsec._iast._taint_tracking._taint_objects import get_tainted_ranges
+from ddtrace.appsec._iast._taint_tracking._taint_objects import is_pyobject_tainted
 
 
 POSTGRES_HOST = os.getenv("TEST_POSTGRES_HOST", "127.0.0.1")
diff --git a/tests/appsec/iast/fixtures/taint_sinks/sql_injection_sqlalchemy.py b/tests/appsec/iast/fixtures/taint_sinks/sql_injection_sqlalchemy.py
index f8910b6b5cd..29b014ee364 100644
--- a/tests/appsec/iast/fixtures/taint_sinks/sql_injection_sqlalchemy.py
+++ b/tests/appsec/iast/fixtures/taint_sinks/sql_injection_sqlalchemy.py
@@ -2,8 +2,8 @@
 from sqlalchemy import text
 from sqlalchemy.exc import ProgrammingError
 
-from ddtrace.appsec._iast._taint_tracking import get_tainted_ranges
-from ddtrace.appsec._iast._taint_tracking import is_pyobject_tainted
+from ddtrace.appsec._iast._taint_tracking._taint_objects import get_tainted_ranges
+from ddtrace.appsec._iast._taint_tracking._taint_objects import is_pyobject_tainted
 
 
 def sqli_simple(table):
diff --git a/tests/appsec/iast/fixtures/taint_sinks/sql_injection_sqlite3.py b/tests/appsec/iast/fixtures/taint_sinks/sql_injection_sqlite3.py
index 08d98abf24d..3d8ee69f8b3 100644
--- a/tests/appsec/iast/fixtures/taint_sinks/sql_injection_sqlite3.py
+++ b/tests/appsec/iast/fixtures/taint_sinks/sql_injection_sqlite3.py
@@ -1,7 +1,7 @@
 import sqlite3
 
-from ddtrace.appsec._iast._taint_tracking import get_tainted_ranges
-from ddtrace.appsec._iast._taint_tracking import is_pyobject_tainted
+from ddtrace.appsec._iast._taint_tracking._taint_objects import get_tainted_ranges
+from ddtrace.appsec._iast._taint_tracking._taint_objects import is_pyobject_tainted
 
 
 def sqli_simple(table):
diff --git a/tests/appsec/iast/taint_sinks/test_command_injection.py b/tests/appsec/iast/taint_sinks/test_command_injection.py
index a18fac45de1..b716f594e85 100644
--- a/tests/appsec/iast/taint_sinks/test_command_injection.py
+++ b/tests/appsec/iast/taint_sinks/test_command_injection.py
@@ -7,8 +7,8 @@
 
 from ddtrace.appsec._iast._iast_request_context import get_iast_reporter
 from ddtrace.appsec._iast._taint_tracking import OriginType
-from ddtrace.appsec._iast._taint_tracking import is_pyobject_tainted
-from ddtrace.appsec._iast._taint_tracking import taint_pyobject
+from ddtrace.appsec._iast._taint_tracking._taint_objects import is_pyobject_tainted
+from ddtrace.appsec._iast._taint_tracking._taint_objects import taint_pyobject
 from ddtrace.appsec._iast._taint_tracking.aspects import add_aspect
 from ddtrace.appsec._iast.constants import VULN_CMDI
 from ddtrace.appsec._iast.taint_sinks.command_injection import patch
diff --git a/tests/appsec/iast/taint_sinks/test_command_injection_redacted.py b/tests/appsec/iast/taint_sinks/test_command_injection_redacted.py
index f1e2b98089c..4c25cda8dc2 100644
--- a/tests/appsec/iast/taint_sinks/test_command_injection_redacted.py
+++ b/tests/appsec/iast/taint_sinks/test_command_injection_redacted.py
@@ -3,7 +3,7 @@
 
 from ddtrace.appsec._iast._taint_tracking import origin_to_str
 from ddtrace.appsec._iast._taint_tracking import str_to_origin
-from ddtrace.appsec._iast._taint_tracking import taint_pyobject
+from ddtrace.appsec._iast._taint_tracking._taint_objects import taint_pyobject
 from ddtrace.appsec._iast._taint_tracking.aspects import add_aspect
 from ddtrace.appsec._iast.constants import VULN_CMDI
 from ddtrace.appsec._iast.reporter import Evidence
diff --git a/tests/appsec/iast/taint_sinks/test_header_injection_redacted.py b/tests/appsec/iast/taint_sinks/test_header_injection_redacted.py
index d47433f7745..61a3aa83a49 100644
--- a/tests/appsec/iast/taint_sinks/test_header_injection_redacted.py
+++ b/tests/appsec/iast/taint_sinks/test_header_injection_redacted.py
@@ -2,10 +2,10 @@
 import pytest
 
 from ddtrace.appsec._iast._taint_tracking import OriginType
-from ddtrace.appsec._iast._taint_tracking import is_pyobject_tainted
 from ddtrace.appsec._iast._taint_tracking import origin_to_str
 from ddtrace.appsec._iast._taint_tracking import str_to_origin
-from ddtrace.appsec._iast._taint_tracking import taint_pyobject
+from ddtrace.appsec._iast._taint_tracking._taint_objects import is_pyobject_tainted
+from ddtrace.appsec._iast._taint_tracking._taint_objects import taint_pyobject
 from ddtrace.appsec._iast._taint_tracking.aspects import add_aspect
 from ddtrace.appsec._iast.constants import VULN_HEADER_INJECTION
 from ddtrace.appsec._iast.reporter import Evidence
diff --git a/tests/appsec/iast/taint_sinks/test_path_traversal.py b/tests/appsec/iast/taint_sinks/test_path_traversal.py
index b195edc2427..cc016eb29fb 100644
--- a/tests/appsec/iast/taint_sinks/test_path_traversal.py
+++ b/tests/appsec/iast/taint_sinks/test_path_traversal.py
@@ -4,7 +4,7 @@
 import pytest
 
 from ddtrace.appsec._iast._taint_tracking import OriginType
-from ddtrace.appsec._iast._taint_tracking import taint_pyobject
+from ddtrace.appsec._iast._taint_tracking._taint_objects import taint_pyobject
 from ddtrace.appsec._iast.constants import DEFAULT_PATH_TRAVERSAL_FUNCTIONS
 from ddtrace.appsec._iast.constants import VULN_PATH_TRAVERSAL
 from tests.appsec.iast.aspects.conftest import _iast_patched_module
diff --git a/tests/appsec/iast/taint_sinks/test_path_traversal_redacted.py b/tests/appsec/iast/taint_sinks/test_path_traversal_redacted.py
index 181af423c9c..996bc2ee356 100644
--- a/tests/appsec/iast/taint_sinks/test_path_traversal_redacted.py
+++ b/tests/appsec/iast/taint_sinks/test_path_traversal_redacted.py
@@ -4,7 +4,7 @@
 import pytest
 
 from ddtrace.appsec._iast._taint_tracking import OriginType
-from ddtrace.appsec._iast._taint_tracking import taint_pyobject
+from ddtrace.appsec._iast._taint_tracking._taint_objects import taint_pyobject
 from ddtrace.appsec._iast.constants import VULN_PATH_TRAVERSAL
 from ddtrace.appsec._iast.reporter import Evidence
 from ddtrace.appsec._iast.reporter import IastSpanReporter
diff --git a/tests/appsec/iast/taint_sinks/test_sql_injection.py b/tests/appsec/iast/taint_sinks/test_sql_injection.py
index d8fe767efb6..bf2190cdf99 100644
--- a/tests/appsec/iast/taint_sinks/test_sql_injection.py
+++ b/tests/appsec/iast/taint_sinks/test_sql_injection.py
@@ -1,8 +1,8 @@
 import pytest
 
 from ddtrace.appsec._iast._taint_tracking import OriginType
-from ddtrace.appsec._iast._taint_tracking import is_pyobject_tainted
-from ddtrace.appsec._iast._taint_tracking import taint_pyobject
+from ddtrace.appsec._iast._taint_tracking._taint_objects import is_pyobject_tainted
+from ddtrace.appsec._iast._taint_tracking._taint_objects import taint_pyobject
 from ddtrace.appsec._iast.constants import VULN_SQL_INJECTION
 from ddtrace.appsec._iast.taint_sinks._base import VulnerabilityBase
 from tests.appsec.iast.aspects.conftest import _iast_patched_module
diff --git a/tests/appsec/iast/taint_sinks/test_sql_injection_redacted.py b/tests/appsec/iast/taint_sinks/test_sql_injection_redacted.py
index ba6675e7531..01645cf1d39 100644
--- a/tests/appsec/iast/taint_sinks/test_sql_injection_redacted.py
+++ b/tests/appsec/iast/taint_sinks/test_sql_injection_redacted.py
@@ -1,10 +1,10 @@
 import pytest
 
 from ddtrace.appsec._iast._taint_tracking import OriginType
-from ddtrace.appsec._iast._taint_tracking import is_pyobject_tainted
 from ddtrace.appsec._iast._taint_tracking import origin_to_str
 from ddtrace.appsec._iast._taint_tracking import str_to_origin
-from ddtrace.appsec._iast._taint_tracking import taint_pyobject
+from ddtrace.appsec._iast._taint_tracking._taint_objects import is_pyobject_tainted
+from ddtrace.appsec._iast._taint_tracking._taint_objects import taint_pyobject
 from ddtrace.appsec._iast._taint_tracking.aspects import add_aspect
 from ddtrace.appsec._iast.constants import VULN_SQL_INJECTION
 from ddtrace.appsec._iast.reporter import Evidence
diff --git a/tests/appsec/iast/taint_sinks/test_ssrf.py b/tests/appsec/iast/taint_sinks/test_ssrf.py
index 8b35013b873..f6f3ea0fb58 100644
--- a/tests/appsec/iast/taint_sinks/test_ssrf.py
+++ b/tests/appsec/iast/taint_sinks/test_ssrf.py
@@ -1,5 +1,5 @@
 from ddtrace.appsec._iast._taint_tracking import OriginType
-from ddtrace.appsec._iast._taint_tracking import taint_pyobject
+from ddtrace.appsec._iast._taint_tracking._taint_objects import taint_pyobject
 from ddtrace.appsec._iast._taint_tracking.aspects import add_aspect
 from ddtrace.appsec._iast.constants import VULN_SSRF
 from ddtrace.contrib.httplib.patch import patch as httplib_patch
diff --git a/tests/appsec/iast/taint_sinks/test_ssrf_redacted.py b/tests/appsec/iast/taint_sinks/test_ssrf_redacted.py
index aa316ab3b02..d5f60e8878e 100644
--- a/tests/appsec/iast/taint_sinks/test_ssrf_redacted.py
+++ b/tests/appsec/iast/taint_sinks/test_ssrf_redacted.py
@@ -4,7 +4,7 @@
 
 from ddtrace.appsec._iast._taint_tracking import origin_to_str
 from ddtrace.appsec._iast._taint_tracking import str_to_origin
-from ddtrace.appsec._iast._taint_tracking import taint_pyobject
+from ddtrace.appsec._iast._taint_tracking._taint_objects import taint_pyobject
 from ddtrace.appsec._iast._taint_tracking.aspects import add_aspect
 from ddtrace.appsec._iast.constants import VULN_SSRF
 from ddtrace.appsec._iast.reporter import Evidence
diff --git a/tests/appsec/iast/taint_tracking/test_native_taint_range.py b/tests/appsec/iast/taint_tracking/test_native_taint_range.py
index 00079d7772b..d1b862b73a3 100644
--- a/tests/appsec/iast/taint_tracking/test_native_taint_range.py
+++ b/tests/appsec/iast/taint_tracking/test_native_taint_range.py
@@ -14,19 +14,19 @@
 from ddtrace.appsec._iast._taint_tracking import Source
 from ddtrace.appsec._iast._taint_tracking import TaintRange
 from ddtrace.appsec._iast._taint_tracking import are_all_text_all_ranges
-from ddtrace.appsec._iast._taint_tracking import create_context
 from ddtrace.appsec._iast._taint_tracking import debug_taint_map
 from ddtrace.appsec._iast._taint_tracking import get_range_by_hash
 from ddtrace.appsec._iast._taint_tracking import get_ranges
-from ddtrace.appsec._iast._taint_tracking import is_notinterned_notfasttainted_unicode
 from ddtrace.appsec._iast._taint_tracking import num_objects_tainted
-from ddtrace.appsec._iast._taint_tracking import reset_context
-from ddtrace.appsec._iast._taint_tracking import reset_contexts
-from ddtrace.appsec._iast._taint_tracking import set_fast_tainted_if_notinterned_unicode
 from ddtrace.appsec._iast._taint_tracking import set_ranges
 from ddtrace.appsec._iast._taint_tracking import shift_taint_range
 from ddtrace.appsec._iast._taint_tracking import shift_taint_ranges
-from ddtrace.appsec._iast._taint_tracking import taint_pyobject
+from ddtrace.appsec._iast._taint_tracking._context import create_context
+from ddtrace.appsec._iast._taint_tracking._context import reset_context
+from ddtrace.appsec._iast._taint_tracking._context import reset_contexts
+from ddtrace.appsec._iast._taint_tracking._native.taint_tracking import is_notinterned_notfasttainted_unicode
+from ddtrace.appsec._iast._taint_tracking._native.taint_tracking import set_fast_tainted_if_notinterned_unicode
+from ddtrace.appsec._iast._taint_tracking._taint_objects import taint_pyobject
 from ddtrace.appsec._iast._taint_tracking.aspects import add_aspect
 from ddtrace.appsec._iast._taint_tracking.aspects import bytearray_extend_aspect as extend_aspect
 from ddtrace.appsec._iast._taint_tracking.aspects import format_aspect
diff --git a/tests/appsec/iast/taint_tracking/test_taint_tracking.py b/tests/appsec/iast/taint_tracking/test_taint_tracking.py
index ac3d009633f..0844b24fbd8 100644
--- a/tests/appsec/iast/taint_tracking/test_taint_tracking.py
+++ b/tests/appsec/iast/taint_tracking/test_taint_tracking.py
@@ -13,9 +13,9 @@
     from ddtrace.appsec._iast._taint_tracking import OriginType
     from ddtrace.appsec._iast._taint_tracking import TaintRange
     from ddtrace.appsec._iast._taint_tracking import num_objects_tainted
-    from ddtrace.appsec._iast._taint_tracking import reset_context
     from ddtrace.appsec._iast._taint_tracking import set_ranges
-    from ddtrace.appsec._iast._taint_tracking import taint_pyobject
+    from ddtrace.appsec._iast._taint_tracking._context import reset_context
+    from ddtrace.appsec._iast._taint_tracking._taint_objects import taint_pyobject
     from ddtrace.appsec._iast._taint_tracking.aspects import add_aspect
 
 
diff --git a/tests/appsec/iast/test_env_var.py b/tests/appsec/iast/test_env_var.py
index 57604815aac..18fe79229ed 100644
--- a/tests/appsec/iast/test_env_var.py
+++ b/tests/appsec/iast/test_env_var.py
@@ -127,13 +127,6 @@ def test_env_var_iast_disabled_parametrized(capfd, configuration_endpoint, env_v
     assert "IAST enabled" not in captured.err
 
 
-@pytest.mark.subprocess(
-    env=dict(DD_IAST_ENABLED="False"), err=b"WARNING:root:IAST not enabled but native module is being loaded\n"
-)
-def test_env_var_iast_disabled_native_module_warning():
-    import ddtrace.appsec._iast._taint_tracking._native  # noqa: F401
-
-
 @pytest.mark.subprocess(env=dict(DD_IAST_ENABLED="True"), err=None)
 def test_env_var_iast_enabled_no__native_module_warning():
     import ddtrace.appsec._iast._taint_tracking._native  # noqa: F401
diff --git a/tests/appsec/iast/test_grpc_iast.py b/tests/appsec/iast/test_grpc_iast.py
index 47104e0915e..ba7b6027759 100644
--- a/tests/appsec/iast/test_grpc_iast.py
+++ b/tests/appsec/iast/test_grpc_iast.py
@@ -28,7 +28,7 @@ def iast_c_context():
 
 
 def _check_test_range(value):
-    from ddtrace.appsec._iast._taint_tracking import get_tainted_ranges
+    from ddtrace.appsec._iast._taint_tracking._taint_objects import get_tainted_ranges
 
     ranges = get_tainted_ranges(value)
     assert len(ranges) == 1, f"found {len(ranges)} ranges"
diff --git a/tests/appsec/iast/test_iast_propagation_path.py b/tests/appsec/iast/test_iast_propagation_path.py
index c9c32b7258e..229e3abbc55 100644
--- a/tests/appsec/iast/test_iast_propagation_path.py
+++ b/tests/appsec/iast/test_iast_propagation_path.py
@@ -2,7 +2,7 @@
 import pytest
 
 from ddtrace.appsec._iast._taint_tracking import OriginType
-from ddtrace.appsec._iast._taint_tracking import taint_pyobject
+from ddtrace.appsec._iast._taint_tracking._taint_objects import taint_pyobject
 from ddtrace.appsec._iast.constants import VULN_PATH_TRAVERSAL
 from tests.appsec.iast.aspects.conftest import _iast_patched_module
 from tests.appsec.iast.iast_utils import get_line_and_hash
diff --git a/tests/appsec/iast/test_json_tainting.py b/tests/appsec/iast/test_json_tainting.py
index 2678fd70487..43c9370f306 100644
--- a/tests/appsec/iast/test_json_tainting.py
+++ b/tests/appsec/iast/test_json_tainting.py
@@ -3,9 +3,9 @@
 import pytest
 
 from ddtrace.appsec._iast._taint_tracking import OriginType
-from ddtrace.appsec._iast._taint_tracking import create_context
-from ddtrace.appsec._iast._taint_tracking import is_pyobject_tainted
-from ddtrace.appsec._iast._taint_tracking import taint_pyobject
+from ddtrace.appsec._iast._taint_tracking._context import create_context
+from ddtrace.appsec._iast._taint_tracking._taint_objects import is_pyobject_tainted
+from ddtrace.appsec._iast._taint_tracking._taint_objects import taint_pyobject
 from ddtrace.appsec._iast._taint_utils import LazyTaintDict
 from ddtrace.appsec._iast._taint_utils import LazyTaintList
 from tests.utils import override_global_config
diff --git a/tests/appsec/iast/test_taint_utils.py b/tests/appsec/iast/test_taint_utils.py
index 6749c2788ec..9e32b0e4049 100644
--- a/tests/appsec/iast/test_taint_utils.py
+++ b/tests/appsec/iast/test_taint_utils.py
@@ -2,8 +2,8 @@
 import pytest
 
 from ddtrace.appsec._iast._taint_tracking import OriginType
-from ddtrace.appsec._iast._taint_tracking import is_pyobject_tainted
-from ddtrace.appsec._iast._taint_tracking import taint_pyobject
+from ddtrace.appsec._iast._taint_tracking._taint_objects import is_pyobject_tainted
+from ddtrace.appsec._iast._taint_tracking._taint_objects import taint_pyobject
 from ddtrace.appsec._iast._taint_utils import LazyTaintDict
 from ddtrace.appsec._iast._taint_utils import LazyTaintList
 from ddtrace.appsec._iast._taint_utils import check_tainted_dbapi_args
diff --git a/tests/appsec/iast/test_telemetry.py b/tests/appsec/iast/test_telemetry.py
index 95b9b8aeb45..dc07754bdc5 100644
--- a/tests/appsec/iast/test_telemetry.py
+++ b/tests/appsec/iast/test_telemetry.py
@@ -14,7 +14,7 @@
 from ddtrace.appsec._iast._patch_modules import patch_iast
 from ddtrace.appsec._iast._taint_tracking import OriginType
 from ddtrace.appsec._iast._taint_tracking import origin_to_str
-from ddtrace.appsec._iast._taint_tracking import taint_pyobject
+from ddtrace.appsec._iast._taint_tracking._taint_objects import taint_pyobject
 from ddtrace.appsec._iast.constants import VULN_CMDI
 from ddtrace.appsec._iast.constants import VULN_HEADER_INJECTION
 from ddtrace.appsec._iast.constants import VULN_PATH_TRAVERSAL
diff --git a/tests/appsec/iast_memcheck/test_iast_mem_check.py b/tests/appsec/iast_memcheck/test_iast_mem_check.py
index d427f124aae..c049dd3c572 100644
--- a/tests/appsec/iast_memcheck/test_iast_mem_check.py
+++ b/tests/appsec/iast_memcheck/test_iast_mem_check.py
@@ -7,12 +7,12 @@
 from ddtrace.appsec._iast._stacktrace import get_info_frame
 from ddtrace.appsec._iast._taint_tracking import OriginType
 from ddtrace.appsec._iast._taint_tracking import active_map_addreses_size
-from ddtrace.appsec._iast._taint_tracking import create_context
-from ddtrace.appsec._iast._taint_tracking import get_tainted_ranges
 from ddtrace.appsec._iast._taint_tracking import initializer_size
 from ddtrace.appsec._iast._taint_tracking import num_objects_tainted
-from ddtrace.appsec._iast._taint_tracking import reset_context
-from ddtrace.appsec._iast._taint_tracking import taint_pyobject
+from ddtrace.appsec._iast._taint_tracking._context import create_context
+from ddtrace.appsec._iast._taint_tracking._context import reset_context
+from ddtrace.appsec._iast._taint_tracking._taint_objects import get_tainted_ranges
+from ddtrace.appsec._iast._taint_tracking._taint_objects import taint_pyobject
 from tests.appsec.iast.aspects.conftest import _iast_patched_module
 from tests.appsec.iast.taint_sinks.conftest import _get_span_report
 from tests.appsec.iast_memcheck._stacktrace_py import get_info_frame as get_info_frame_py
diff --git a/tests/appsec/iast_packages/packages/pkg_attrs.py b/tests/appsec/iast_packages/packages/pkg_attrs.py
index 2d32ce4b7a2..fb38d8e3237 100644
--- a/tests/appsec/iast_packages/packages/pkg_attrs.py
+++ b/tests/appsec/iast_packages/packages/pkg_attrs.py
@@ -37,7 +37,7 @@ class User:
 def pkg_attrs_propagation_view():
     import attrs
 
-    from ddtrace.appsec._iast._taint_tracking import is_pyobject_tainted
+    from ddtrace.appsec._iast._taint_tracking._taint_objects import is_pyobject_tainted
 
     response = ResultResponse(request.args.get("package_param"))
     if not is_pyobject_tainted(response.package_param):
diff --git a/tests/appsec/iast_packages/packages/pkg_beautifulsoup4.py b/tests/appsec/iast_packages/packages/pkg_beautifulsoup4.py
index b6c55056165..d99f5f63eb2 100644
--- a/tests/appsec/iast_packages/packages/pkg_beautifulsoup4.py
+++ b/tests/appsec/iast_packages/packages/pkg_beautifulsoup4.py
@@ -30,7 +30,7 @@ def pkg_beautifulsoup4_view():
 def pkg_beautifulsoup4_propagation_view():
     from bs4 import BeautifulSoup
 
-    from ddtrace.appsec._iast._taint_tracking import is_pyobject_tainted
+    from ddtrace.appsec._iast._taint_tracking._taint_objects import is_pyobject_tainted
 
     response = ResultResponse(request.args.get("package_param"))
     if not is_pyobject_tainted(response.package_param):
diff --git a/tests/appsec/iast_packages/packages/pkg_cachetools.py b/tests/appsec/iast_packages/packages/pkg_cachetools.py
index 53805009867..5c3ef483f10 100644
--- a/tests/appsec/iast_packages/packages/pkg_cachetools.py
+++ b/tests/appsec/iast_packages/packages/pkg_cachetools.py
@@ -50,7 +50,7 @@ def expensive_function(key):
 def pkg_cachetools_propagation_view():
     import cachetools
 
-    from ddtrace.appsec._iast._taint_tracking import is_pyobject_tainted
+    from ddtrace.appsec._iast._taint_tracking._taint_objects import is_pyobject_tainted
 
     response = ResultResponse(request.args.get("package_param"))
 
diff --git a/tests/appsec/iast_packages/packages/pkg_chartset_normalizer.py b/tests/appsec/iast_packages/packages/pkg_chartset_normalizer.py
index e98d3547ad3..073ec6dd1f9 100644
--- a/tests/appsec/iast_packages/packages/pkg_chartset_normalizer.py
+++ b/tests/appsec/iast_packages/packages/pkg_chartset_normalizer.py
@@ -25,7 +25,7 @@ def pkg_charset_normalizer_view():
 def pkg_charset_normalizer_propagation_view():
     from charset_normalizer import from_bytes
 
-    from ddtrace.appsec._iast._taint_tracking import is_pyobject_tainted
+    from ddtrace.appsec._iast._taint_tracking._taint_objects import is_pyobject_tainted
 
     response = ResultResponse(request.args.get("package_param"))
     if not is_pyobject_tainted(response.package_param):
diff --git a/tests/appsec/iast_packages/packages/pkg_cryptography.py b/tests/appsec/iast_packages/packages/pkg_cryptography.py
index cf34079fce7..79e020e5863 100644
--- a/tests/appsec/iast_packages/packages/pkg_cryptography.py
+++ b/tests/appsec/iast_packages/packages/pkg_cryptography.py
@@ -41,7 +41,7 @@ def pkg_cryptography_view():
 def pkg_cryptography_propagation_view():
     from cryptography.fernet import Fernet
 
-    from ddtrace.appsec._iast._taint_tracking import is_pyobject_tainted
+    from ddtrace.appsec._iast._taint_tracking._taint_objects import is_pyobject_tainted
 
     response = ResultResponse(request.args.get("package_param"))
     if not is_pyobject_tainted(response.package_param):
diff --git a/tests/appsec/iast_packages/packages/pkg_docutils.py b/tests/appsec/iast_packages/packages/pkg_docutils.py
index 971fbacdd50..ff218f8fc17 100644
--- a/tests/appsec/iast_packages/packages/pkg_docutils.py
+++ b/tests/appsec/iast_packages/packages/pkg_docutils.py
@@ -43,7 +43,7 @@ def pkg_docutils_view():
 def pkg_docutils_propagation_view():
     import docutils.core
 
-    from ddtrace.appsec._iast._taint_tracking import is_pyobject_tainted
+    from ddtrace.appsec._iast._taint_tracking._taint_objects import is_pyobject_tainted
 
     response = ResultResponse(request.args.get("package_param"))
 
diff --git a/tests/appsec/iast_packages/packages/pkg_exceptiongroup.py b/tests/appsec/iast_packages/packages/pkg_exceptiongroup.py
index 4f1786237e2..2aa092304c3 100644
--- a/tests/appsec/iast_packages/packages/pkg_exceptiongroup.py
+++ b/tests/appsec/iast_packages/packages/pkg_exceptiongroup.py
@@ -46,7 +46,7 @@ def raise_exceptions(param):
 def pkg_exceptiongroup_propagation_view():
     from exceptiongroup import ExceptionGroup
 
-    from ddtrace.appsec._iast._taint_tracking import is_pyobject_tainted
+    from ddtrace.appsec._iast._taint_tracking._taint_objects import is_pyobject_tainted
 
     response = ResultResponse(request.args.get("package_param"))
     try:
diff --git a/tests/appsec/iast_packages/packages/pkg_idna.py b/tests/appsec/iast_packages/packages/pkg_idna.py
index 1421d5c2dcf..19ace566034 100644
--- a/tests/appsec/iast_packages/packages/pkg_idna.py
+++ b/tests/appsec/iast_packages/packages/pkg_idna.py
@@ -27,7 +27,7 @@ def pkg_idna_view():
 def pkg_idna_propagation_view():
     import idna
 
-    from ddtrace.appsec._iast._taint_tracking import is_pyobject_tainted
+    from ddtrace.appsec._iast._taint_tracking._taint_objects import is_pyobject_tainted
 
     response = ResultResponse(request.args.get("package_param"))
     if not is_pyobject_tainted(response.package_param):
diff --git a/tests/appsec/iast_packages/packages/pkg_iniconfig.py b/tests/appsec/iast_packages/packages/pkg_iniconfig.py
index 4f204d7ee54..8ecf2c52b98 100644
--- a/tests/appsec/iast_packages/packages/pkg_iniconfig.py
+++ b/tests/appsec/iast_packages/packages/pkg_iniconfig.py
@@ -50,7 +50,7 @@ def pkg_iniconfig_view():
 def pkg_iniconfig_propagation_view():
     import iniconfig
 
-    from ddtrace.appsec._iast._taint_tracking import is_pyobject_tainted
+    from ddtrace.appsec._iast._taint_tracking._taint_objects import is_pyobject_tainted
 
     response = ResultResponse(request.args.get("package_param"))
     try:
diff --git a/tests/appsec/iast_packages/packages/pkg_jinja2.py b/tests/appsec/iast_packages/packages/pkg_jinja2.py
index acedfff0d1e..4699d2f85a2 100644
--- a/tests/appsec/iast_packages/packages/pkg_jinja2.py
+++ b/tests/appsec/iast_packages/packages/pkg_jinja2.py
@@ -36,7 +36,7 @@ def pkg_jinja2_view():
 def pkg_jinja2_propagation_view():
     from jinja2 import Template
 
-    from ddtrace.appsec._iast._taint_tracking import is_pyobject_tainted
+    from ddtrace.appsec._iast._taint_tracking._taint_objects import is_pyobject_tainted
 
     response = ResultResponse(request.args.get("package_param"))
     if not is_pyobject_tainted(response.package_param):
diff --git a/tests/appsec/iast_packages/packages/pkg_lxml.py b/tests/appsec/iast_packages/packages/pkg_lxml.py
index 3309731f197..81a59e5758b 100644
--- a/tests/appsec/iast_packages/packages/pkg_lxml.py
+++ b/tests/appsec/iast_packages/packages/pkg_lxml.py
@@ -39,7 +39,7 @@ def pkg_lxml_view():
 def pkg_lxml_propagation_view():
     from lxml import etree
 
-    from ddtrace.appsec._iast._taint_tracking import is_pyobject_tainted
+    from ddtrace.appsec._iast._taint_tracking._taint_objects import is_pyobject_tainted
 
     response = ResultResponse(request.args.get("package_param"))
     if not is_pyobject_tainted(response.package_param):
diff --git a/tests/appsec/iast_packages/packages/pkg_multidict.py b/tests/appsec/iast_packages/packages/pkg_multidict.py
index f0cbe10f028..b07a5c69731 100644
--- a/tests/appsec/iast_packages/packages/pkg_multidict.py
+++ b/tests/appsec/iast_packages/packages/pkg_multidict.py
@@ -36,7 +36,7 @@ def pkg_multidict_view():
 def pkg_multidict_propagation_view():
     from multidict import MultiDict
 
-    from ddtrace.appsec._iast._taint_tracking import is_pyobject_tainted
+    from ddtrace.appsec._iast._taint_tracking._taint_objects import is_pyobject_tainted
 
     response = ResultResponse(request.args.get("package_param"))
     if not is_pyobject_tainted(response.package_param):
diff --git a/tests/appsec/iast_packages/packages/pkg_platformdirs.py b/tests/appsec/iast_packages/packages/pkg_platformdirs.py
index 838c0a20e01..325a0177cbf 100644
--- a/tests/appsec/iast_packages/packages/pkg_platformdirs.py
+++ b/tests/appsec/iast_packages/packages/pkg_platformdirs.py
@@ -47,7 +47,7 @@ def pkg_platformdirs_view():
 def pkg_platformdirs_propagation_view():
     from platformdirs import user_data_dir
 
-    from ddtrace.appsec._iast._taint_tracking import is_pyobject_tainted
+    from ddtrace.appsec._iast._taint_tracking._taint_objects import is_pyobject_tainted
 
     response = ResultResponse(request.args.get("package_param"))
     if not is_pyobject_tainted(response.package_param):
diff --git a/tests/appsec/iast_packages/packages/pkg_pyasn1.py b/tests/appsec/iast_packages/packages/pkg_pyasn1.py
index 8e64024ad3c..3f870889f07 100644
--- a/tests/appsec/iast_packages/packages/pkg_pyasn1.py
+++ b/tests/appsec/iast_packages/packages/pkg_pyasn1.py
@@ -52,7 +52,7 @@ def pkg_pyasn1_propagation_view():
     from pyasn1.type import namedtype
     from pyasn1.type import univ
 
-    from ddtrace.appsec._iast._taint_tracking import is_pyobject_tainted
+    from ddtrace.appsec._iast._taint_tracking._taint_objects import is_pyobject_tainted
 
     response = ResultResponse(request.args.get("package_param"))
     if not is_pyobject_tainted(response.package_param):
diff --git a/tests/appsec/iast_packages/packages/pkg_pygments.py b/tests/appsec/iast_packages/packages/pkg_pygments.py
index 6cde162a6bd..8466cb40333 100644
--- a/tests/appsec/iast_packages/packages/pkg_pygments.py
+++ b/tests/appsec/iast_packages/packages/pkg_pygments.py
@@ -45,7 +45,7 @@ def pkg_pygments_propagation_view():
     from pygments.formatters import HtmlFormatter
     from pygments.lexers import PythonLexer
 
-    from ddtrace.appsec._iast._taint_tracking import is_pyobject_tainted
+    from ddtrace.appsec._iast._taint_tracking._taint_objects import is_pyobject_tainted
 
     response = ResultResponse(request.args.get("package_param"))
 
diff --git a/tests/appsec/iast_packages/packages/pkg_pynacl.py b/tests/appsec/iast_packages/packages/pkg_pynacl.py
index 78c8baadb3a..1e8435d050f 100644
--- a/tests/appsec/iast_packages/packages/pkg_pynacl.py
+++ b/tests/appsec/iast_packages/packages/pkg_pynacl.py
@@ -53,7 +53,7 @@ def pkg_pynacl_propagation_view():
     from nacl import secret
     from nacl import utils
 
-    from ddtrace.appsec._iast._taint_tracking import is_pyobject_tainted
+    from ddtrace.appsec._iast._taint_tracking._taint_objects import is_pyobject_tainted
 
     response = ResultResponse(request.args.get("package_param"))
 
diff --git a/tests/appsec/iast_packages/packages/pkg_pyparsing.py b/tests/appsec/iast_packages/packages/pkg_pyparsing.py
index bcc1647adb7..b5defd3c2ec 100644
--- a/tests/appsec/iast_packages/packages/pkg_pyparsing.py
+++ b/tests/appsec/iast_packages/packages/pkg_pyparsing.py
@@ -47,7 +47,7 @@ def pkg_pyparsing_view():
 def pkg_pyparsing_propagation_view():
     import pyparsing as pp
 
-    from ddtrace.appsec._iast._taint_tracking import is_pyobject_tainted
+    from ddtrace.appsec._iast._taint_tracking._taint_objects import is_pyobject_tainted
 
     response = ResultResponse(request.args.get("package_param"))
 
diff --git a/tests/appsec/iast_packages/packages/pkg_python_multipart.py b/tests/appsec/iast_packages/packages/pkg_python_multipart.py
index b8fab3ec159..0f0b79e5b85 100644
--- a/tests/appsec/iast_packages/packages/pkg_python_multipart.py
+++ b/tests/appsec/iast_packages/packages/pkg_python_multipart.py
@@ -33,7 +33,7 @@ def pkg_multipart_view():
 def pkg_multipart_propagation_view():
     from multipart.multipart import parse_options_header
 
-    from ddtrace.appsec._iast._taint_tracking import is_pyobject_tainted
+    from ddtrace.appsec._iast._taint_tracking._taint_objects import is_pyobject_tainted
 
     response = ResultResponse(request.args.get("package_param"))
     if not is_pyobject_tainted(response.package_param):
diff --git a/tests/appsec/iast_packages/packages/pkg_pyyaml.py b/tests/appsec/iast_packages/packages/pkg_pyyaml.py
index 7d394c998f3..93a37976ed1 100644
--- a/tests/appsec/iast_packages/packages/pkg_pyyaml.py
+++ b/tests/appsec/iast_packages/packages/pkg_pyyaml.py
@@ -30,7 +30,7 @@ def pkg_pyyaml_view():
 def pkg_pyyaml_propagation_view():
     import yaml
 
-    from ddtrace.appsec._iast._taint_tracking import is_pyobject_tainted
+    from ddtrace.appsec._iast._taint_tracking._taint_objects import is_pyobject_tainted
 
     response = ResultResponse(request.args.get("package_param"))
     if not is_pyobject_tainted(response.package_param):
diff --git a/tests/appsec/iast_packages/packages/pkg_rsa.py b/tests/appsec/iast_packages/packages/pkg_rsa.py
index 209b2aef783..b921f18c33a 100644
--- a/tests/appsec/iast_packages/packages/pkg_rsa.py
+++ b/tests/appsec/iast_packages/packages/pkg_rsa.py
@@ -36,7 +36,7 @@ def pkg_rsa_view():
 def pkg_rsa_propagation_view():
     import rsa
 
-    from ddtrace.appsec._iast._taint_tracking import is_pyobject_tainted
+    from ddtrace.appsec._iast._taint_tracking._taint_objects import is_pyobject_tainted
 
     response = ResultResponse(request.args.get("package_param"))
     if not is_pyobject_tainted(response.package_param):
diff --git a/tests/appsec/iast_packages/packages/pkg_soupsieve.py b/tests/appsec/iast_packages/packages/pkg_soupsieve.py
index a4017bdcde2..eba3539e318 100644
--- a/tests/appsec/iast_packages/packages/pkg_soupsieve.py
+++ b/tests/appsec/iast_packages/packages/pkg_soupsieve.py
@@ -43,7 +43,7 @@ def pkg_soupsieve_propagation_view():
     from bs4 import BeautifulSoup
     import soupsieve as sv
 
-    from ddtrace.appsec._iast._taint_tracking import is_pyobject_tainted
+    from ddtrace.appsec._iast._taint_tracking._taint_objects import is_pyobject_tainted
 
     response = ResultResponse(request.args.get("package_param"))
     if not is_pyobject_tainted(response.package_param):
diff --git a/tests/appsec/iast_packages/packages/pkg_sqlalchemy.py b/tests/appsec/iast_packages/packages/pkg_sqlalchemy.py
index 09fe47336fb..17daa4b5405 100644
--- a/tests/appsec/iast_packages/packages/pkg_sqlalchemy.py
+++ b/tests/appsec/iast_packages/packages/pkg_sqlalchemy.py
@@ -58,7 +58,7 @@ def pkg_sqlalchemy_propagation_view():
     from sqlalchemy import create_engine
     from sqlalchemy.orm import declarative_base
 
-    from ddtrace.appsec._iast._taint_tracking import is_pyobject_tainted
+    from ddtrace.appsec._iast._taint_tracking._taint_objects import is_pyobject_tainted
 
     response = ResultResponse(request.args.get("package_param"))
     if not is_pyobject_tainted(response.package_param):
diff --git a/tests/appsec/iast_packages/packages/pkg_tomli.py b/tests/appsec/iast_packages/packages/pkg_tomli.py
index 7741aeea8bc..f21aa2e8a54 100644
--- a/tests/appsec/iast_packages/packages/pkg_tomli.py
+++ b/tests/appsec/iast_packages/packages/pkg_tomli.py
@@ -38,7 +38,7 @@ def pkg_tomli_view():
 def pkg_tomli_propagation_view():
     import tomli
 
-    from ddtrace.appsec._iast._taint_tracking import is_pyobject_tainted
+    from ddtrace.appsec._iast._taint_tracking._taint_objects import is_pyobject_tainted
 
     response = ResultResponse(request.args.get("package_param"))
     if not is_pyobject_tainted(response.package_param):
diff --git a/tests/appsec/iast_packages/packages/pkg_wrapt.py b/tests/appsec/iast_packages/packages/pkg_wrapt.py
index be624bc399b..a58504f294c 100644
--- a/tests/appsec/iast_packages/packages/pkg_wrapt.py
+++ b/tests/appsec/iast_packages/packages/pkg_wrapt.py
@@ -46,7 +46,7 @@ def sample_function(param):
 
 @pkg_wrapt.route("/wrapt_propagation")
 def pkg_wrapt_propagation_view():
-    from ddtrace.appsec._iast._taint_tracking import is_pyobject_tainted
+    from ddtrace.appsec._iast._taint_tracking._taint_objects import is_pyobject_tainted
 
     response = ResultResponse(request.args.get("package_param"))
 
diff --git a/tests/appsec/iast_packages/packages/pkg_yarl.py b/tests/appsec/iast_packages/packages/pkg_yarl.py
index 02940a240ea..9e254aab2c7 100644
--- a/tests/appsec/iast_packages/packages/pkg_yarl.py
+++ b/tests/appsec/iast_packages/packages/pkg_yarl.py
@@ -44,7 +44,7 @@ def pkg_yarl_view():
 def pkg_yarl_propagation_view():
     from yarl import URL
 
-    from ddtrace.appsec._iast._taint_tracking import is_pyobject_tainted
+    from ddtrace.appsec._iast._taint_tracking._taint_objects import is_pyobject_tainted
 
     response = ResultResponse(request.args.get("package_param"))
     if not is_pyobject_tainted(response.package_param):
diff --git a/tests/appsec/iast_packages/packages/utils.py b/tests/appsec/iast_packages/packages/utils.py
index c36c6966f9e..7c6d4c95f5b 100644
--- a/tests/appsec/iast_packages/packages/utils.py
+++ b/tests/appsec/iast_packages/packages/utils.py
@@ -2,7 +2,7 @@
 
 
 with override_env({"DD_IAST_ENABLED": "True"}):
-    from ddtrace.appsec._iast._taint_tracking import is_pyobject_tainted
+    from ddtrace.appsec._iast._taint_tracking._taint_objects import is_pyobject_tainted
 
 
 class ResultResponse:
diff --git a/tests/appsec/iast_packages/test_packages.py b/tests/appsec/iast_packages/test_packages.py
index 86aad989007..7cf0042cf12 100644
--- a/tests/appsec/iast_packages/test_packages.py
+++ b/tests/appsec/iast_packages/test_packages.py
@@ -402,16 +402,17 @@ def uninstall(self, python_cmd):
         import_module_to_validate="multidict._multidict_py",
         test_propagation=True,
     ),
+    ## Skip due to numpy added to the denylist
     # Python 3.12 fails in all steps with "import error" when import numpy
-    PackageForTesting(
-        "numpy",
-        "1.24.4",
-        "9 8 7 6 5 4 3",
-        [3, 4, 5, 6, 7, 8, 9],
-        5,
-        skip_python_version=[(3, 12)],
-        import_module_to_validate="numpy.core._internal",
-    ),
+    # PackageForTesting(
+    #     "numpy",
+    #     "1.24.4",
+    #     "9 8 7 6 5 4 3",
+    #     [3, 4, 5, 6, 7, 8, 9],
+    #     5,
+    #     skip_python_version=[(3, 12)],
+    #     import_module_to_validate="numpy.core._internal",
+    # ),
     PackageForTesting(
         "oauthlib",
         "3.2.2",
@@ -430,8 +431,9 @@ def uninstall(self, python_cmd):
         {"is_version_valid": True, "requirement": "example-package>=1.0.0", "specifier": ">=1.0.0", "version": "1.2.3"},
         "",
     ),
+    ## Skip due to pandas added to the denylist
     # Pandas dropped Python 3.8 support in pandas>2.0.3
-    PackageForTesting("pandas", "2.2.2", "foobar", "Written value: foobar", "", skip_python_version=[(3, 8)]),
+    # PackageForTesting("pandas", "2.2.2", "foobar", "Written value: foobar", "", skip_python_version=[(3, 8)]),
     PackageForTesting(
         "platformdirs",
         "4.2.2",
@@ -479,15 +481,16 @@ def uninstall(self, python_cmd):
     ),
     # # TODO: patching Pytest fails: ImportError: cannot import name 'Dir' from '_pytest.main'
     # PackageForTesting("pytest", "8.2.1", "", "", "", test_e2e=False),
-    PackageForTesting(
-        "python-dateutil",
-        "2.8.2",
-        "Sat Oct 11 17:13:46 UTC 2003",
-        "Sat, 11 Oct 2003 17:13:46 GMT",
-        "And the Easter of that year is: 2004-04-11",
-        import_name="dateutil",
-        import_module_to_validate="dateutil.relativedelta",
-    ),
+    ## Skip due to python-dateutil added to the denylist
+    # PackageForTesting(
+    #     "python-dateutil",
+    #     "2.8.2",
+    #     "Sat Oct 11 17:13:46 UTC 2003",
+    #     "Sat, 11 Oct 2003 17:13:46 GMT",
+    #     "And the Easter of that year is: 2004-04-11",
+    #     import_name="dateutil",
+    #     import_module_to_validate="dateutil.relativedelta",
+    # ),
     PackageForTesting(
         "python-multipart",
         "0.0.5",  # this version validates APPSEC-55240 issue, don't upgrade it
@@ -499,13 +502,14 @@ def uninstall(self, python_cmd):
         test_import=False,
         test_propagation=True,
     ),
-    PackageForTesting(
-        "pytz",
-        "2024.1",
-        "America/New_York",
-        "Current time in America/New_York: replaced_time",
-        "",
-    ),
+    ## Skip due to pytz added to the denylist
+    # PackageForTesting(
+    #     "pytz",
+    #     "2024.1",
+    #     "America/New_York",
+    #     "Current time in America/New_York: replaced_time",
+    #     "",
+    # ),
     PackageForTesting(
         "PyYAML",
         "6.0.1",
@@ -584,7 +588,8 @@ def uninstall(self, python_cmd):
         "",
         import_module_to_validate="tomlkit.items",
     ),
-    PackageForTesting("tqdm", "4.66.4", "", "", "", test_e2e=False, import_module_to_validate="tqdm.std"),
+    ## Skip due to tqdm added to the denylist
+    # PackageForTesting("tqdm", "4.66.4", "", "", "", test_e2e=False, import_module_to_validate="tqdm.std"),
     # Python 3.8 and 3.9 fail with ImportError: cannot import name 'get_host' from 'urllib3.util.url'
     PackageForTesting(
         "urllib3",
@@ -663,15 +668,16 @@ def uninstall(self, python_cmd):
         "",
         skip_python_version=[(3, 6), (3, 7), (3, 8)],
     ),
-    PackageForTesting(
-        "pillow",
-        "10.3.0",
-        "Hello, Pillow!",
-        "Image correctly generated",
-        "",
-        import_name="PIL.Image",
-        skip_python_version=[(3, 6), (3, 7), (3, 8)],
-    ),
+    ## Skip due to pillow added to the denylist
+    # PackageForTesting(
+    #     "pillow",
+    #     "10.3.0",
+    #     "Hello, Pillow!",
+    #     "Image correctly generated",
+    #     "",
+    #     import_name="PIL.Image",
+    #     skip_python_version=[(3, 6), (3, 7), (3, 8)],
+    # ),
     PackageForTesting(
         "aiobotocore", "2.13.0", "", "", "", test_e2e=False, test_import=False, import_name="aiobotocore.session"
     ),
@@ -745,16 +751,17 @@ def uninstall(self, python_cmd):
         "",
         test_e2e=False,
     ),
-    # scipy dropped Python 3.8 support in scipy > 1.10.1
-    PackageForTesting(
-        "scipy",
-        "1.13.0",
-        "1,2,3,4,5",
-        "Mean: 3.0, Standard Deviation: 1.581",
-        "",
-        import_name="scipy.special",
-        skip_python_version=[(3, 8)],
-    ),
+    ## Skip due to scipy added to the denylist
+    # # scipy dropped Python 3.8 support in scipy > 1.10.1
+    # PackageForTesting(
+    #     "scipy",
+    #     "1.13.0",
+    #     "1,2,3,4,5",
+    #     "Mean: 3.0, Standard Deviation: 1.581",
+    #     "",
+    #     import_name="scipy.special",
+    #     skip_python_version=[(3, 8)],
+    # ),
     PackageForTesting(
         "iniconfig",
         "2.0.0",
diff --git a/tests/appsec/iast_tdd_propagation/flask_orm_app.py b/tests/appsec/iast_tdd_propagation/flask_orm_app.py
index b7fcf9f59c2..b4e7e0d2095 100644
--- a/tests/appsec/iast_tdd_propagation/flask_orm_app.py
+++ b/tests/appsec/iast_tdd_propagation/flask_orm_app.py
@@ -18,7 +18,7 @@
 
 
 with override_env({"DD_IAST_ENABLED": "True"}):
-    from ddtrace.appsec._iast._taint_tracking import is_pyobject_tainted
+    from ddtrace.appsec._iast._taint_tracking._taint_objects import is_pyobject_tainted
 
 import ddtrace.auto  # noqa: F401  # isort: skip
 
diff --git a/tests/appsec/iast_tdd_propagation/flask_propagation_views.py b/tests/appsec/iast_tdd_propagation/flask_propagation_views.py
index 0cf9f201d7f..ae1ce2af489 100644
--- a/tests/appsec/iast_tdd_propagation/flask_propagation_views.py
+++ b/tests/appsec/iast_tdd_propagation/flask_propagation_views.py
@@ -4,7 +4,7 @@
 from flask import request
 
 from ddtrace import tracer
-from ddtrace.appsec._iast._taint_tracking import is_pyobject_tainted
+from ddtrace.appsec._iast._taint_tracking._taint_objects import is_pyobject_tainted
 
 
 class ResultResponse:
diff --git a/tests/appsec/iast_tdd_propagation/flask_taint_sinks_views.py b/tests/appsec/iast_tdd_propagation/flask_taint_sinks_views.py
index 56074989bc5..396aa0db63c 100644
--- a/tests/appsec/iast_tdd_propagation/flask_taint_sinks_views.py
+++ b/tests/appsec/iast_tdd_propagation/flask_taint_sinks_views.py
@@ -6,7 +6,7 @@
 from flask import request
 
 from ddtrace import tracer
-from ddtrace.appsec._iast._taint_tracking import is_pyobject_tainted
+from ddtrace.appsec._iast._taint_tracking._taint_objects import is_pyobject_tainted
 from tests.appsec.iast.taint_sinks.conftest import _get_span_report
 
 
diff --git a/tests/appsec/integrations/pygoat_tests/test_pygoat.py b/tests/appsec/integrations/pygoat_tests/test_pygoat.py
index f3dd0f173ee..8bb8baae1bd 100644
--- a/tests/appsec/integrations/pygoat_tests/test_pygoat.py
+++ b/tests/appsec/integrations/pygoat_tests/test_pygoat.py
@@ -143,7 +143,7 @@ def test_sqli(client):
 @pytest.mark.skip("TODO: SSRF is not implemented for open()")
 def test_ssrf1(client, iast_context_defaults):
     from ddtrace.appsec._iast._taint_tracking import OriginType
-    from ddtrace.appsec._iast._taint_tracking import taint_pyobject
+    from ddtrace.appsec._iast._taint_tracking._taint_objects import taint_pyobject
 
     s = "templates/Lab/ssrf/blogs/blog2.txt"
     tainted_path = taint_pyobject(
@@ -160,7 +160,7 @@ def test_ssrf1(client, iast_context_defaults):
 
 def test_ssrf2(client, iast_context_defaults):
     from ddtrace.appsec._iast._taint_tracking import OriginType
-    from ddtrace.appsec._iast._taint_tracking import taint_pyobject
+    from ddtrace.appsec._iast._taint_tracking._taint_objects import taint_pyobject
 
     s = "http://example.com"
     tainted_path = taint_pyobject(
diff --git a/tests/appsec/integrations/test_flask_iast_patching.py b/tests/appsec/integrations/test_flask_iast_patching.py
index 5dd1baab67c..3291297ea92 100644
--- a/tests/appsec/integrations/test_flask_iast_patching.py
+++ b/tests/appsec/integrations/test_flask_iast_patching.py
@@ -18,7 +18,7 @@ def test_flask_iast_ast_patching_import_error():
         pass
     """
     with flask_server(
-        appsec_enabled="false", iast_enabled="true", token=None, port=_PORT, assert_debug=True
+        appsec_enabled="false", iast_enabled="true", token=None, port=_PORT, assert_debug=False
     ) as context:
         _, flask_client, pid = context
 
diff --git a/tests/appsec/integrations/test_langchain.py b/tests/appsec/integrations/test_langchain.py
index 795d48db8b9..cf0dca1e49e 100644
--- a/tests/appsec/integrations/test_langchain.py
+++ b/tests/appsec/integrations/test_langchain.py
@@ -14,7 +14,7 @@
 
 with override_env({"DD_IAST_ENABLED": "True"}):
     from ddtrace.appsec._iast._taint_tracking import OriginType
-    from ddtrace.appsec._iast._taint_tracking import taint_pyobject
+    from ddtrace.appsec._iast._taint_tracking._taint_objects import taint_pyobject
 
 
 @pytest.mark.skipif(not is_module_installed("langchain"), reason="Langchain tests work on 3.9 or higher")
diff --git a/tests/appsec/integrations/test_psycopg2.py b/tests/appsec/integrations/test_psycopg2.py
index 3e08670f2d1..d6d25f7ffc2 100644
--- a/tests/appsec/integrations/test_psycopg2.py
+++ b/tests/appsec/integrations/test_psycopg2.py
@@ -2,7 +2,7 @@
 import pytest
 
 from ddtrace.appsec._iast._taint_tracking import OriginType
-from ddtrace.appsec._iast._taint_tracking import is_pyobject_tainted
+from ddtrace.appsec._iast._taint_tracking._taint_objects import is_pyobject_tainted
 from ddtrace.appsec._iast._taint_utils import LazyTaintList
 from tests.appsec.iast.conftest import _end_iast_context_and_oce
 from tests.appsec.iast.conftest import _start_iast_context_and_oce
diff --git a/tests/contrib/asyncio/test_lazyimport.py b/tests/contrib/asyncio/test_lazyimport.py
index adca84973db..07c96bc799f 100644
--- a/tests/contrib/asyncio/test_lazyimport.py
+++ b/tests/contrib/asyncio/test_lazyimport.py
@@ -16,3 +16,16 @@ def test_lazy_import():
     assert tracer.context_provider.active() is span
     span.finish()
     assert tracer.context_provider.active() is None
+
+
+@pytest.mark.subprocess()
+def test_asyncio_not_imported_by_auto_instrumentation():
+    # Module unloading is not supported for asyncio, a simple workaround
+    # is to ensure asyncio is not imported by ddtrace.auto or ddtrace-run.
+    # If asyncio is imported by ddtrace.auto the asyncio event loop with fail
+    # to register new loops in some platforms (e.g. Ubuntuu).
+    import sys
+
+    import ddtrace.auto  # noqa: F401
+
+    assert "asyncio" not in sys.modules
diff --git a/tests/contrib/botocore/bedrock_cassettes/amazon_invoke_model_arn.yaml b/tests/contrib/botocore/bedrock_cassettes/amazon_invoke_model_arn.yaml
new file mode 100644
index 00000000000..cd2283c0ce7
--- /dev/null
+++ b/tests/contrib/botocore/bedrock_cassettes/amazon_invoke_model_arn.yaml
@@ -0,0 +1,52 @@
+interactions:
+- request:
+    body: '{"inputText": "Command: can you explain what Datadog is to someone not
+      in the tech industry?", "textGenerationConfig": {"maxTokenCount": 50, "stopSequences":
+      [], "temperature": 0, "topP": 0.9}}'
+    headers:
+      Content-Length:
+      - '193'
+      User-Agent:
+      - !!binary |
+        Qm90bzMvMS4zNC40OSBtZC9Cb3RvY29yZSMxLjM0LjQ5IHVhLzIuMCBvcy9tYWNvcyMyNC4yLjAg
+        bWQvYXJjaCNhcm02NCBsYW5nL3B5dGhvbiMzLjEwLjUgbWQvcHlpbXBsI0NQeXRob24gY2ZnL3Jl
+        dHJ5LW1vZGUjbGVnYWN5IEJvdG9jb3JlLzEuMzQuNDk=
+      X-Amz-Date:
+      - !!binary |
+        MjAyNTAxMTRUMjIwNDAyWg==
+      amz-sdk-invocation-id:
+      - !!binary |
+        YjY5NGZlNDgtNDBmNy00YTJlLWI1YTgtYjRiZGVhZTU5MjQ0
+      amz-sdk-request:
+      - !!binary |
+        YXR0ZW1wdD0x
+    method: POST
+    uri: https://bedrock-runtime.us-east-1.amazonaws.com/model/arn%3Aaws%3Abedrock%3Aus-east-1%3A%3Afoundation-model%2Famazon.titan-tg1-large/invoke
+  response:
+    body:
+      string: '{"inputTextTokenCount":18,"results":[{"tokenCount":50,"outputText":"\n\nDatadog
+        is a monitoring and analytics platform for IT operations, DevOps, and software
+        development teams. It provides real-time monitoring of infrastructure, applications,
+        and services, allowing users to identify and resolve issues quickly. Datadog
+        collects","completionReason":"LENGTH"}]}'
+    headers:
+      Connection:
+      - keep-alive
+      Content-Length:
+      - '361'
+      Content-Type:
+      - application/json
+      Date:
+      - Tue, 14 Jan 2025 22:04:05 GMT
+      X-Amzn-Bedrock-Input-Token-Count:
+      - '18'
+      X-Amzn-Bedrock-Invocation-Latency:
+      - '2646'
+      X-Amzn-Bedrock-Output-Token-Count:
+      - '50'
+      x-amzn-RequestId:
+      - b2d0fd44-c29a-4cd4-a97a-6901a48f6264
+    status:
+      code: 200
+      message: OK
+version: 1
diff --git a/tests/contrib/botocore/test.py b/tests/contrib/botocore/test.py
index 085dcbbc1e9..52f1a1ed578 100644
--- a/tests/contrib/botocore/test.py
+++ b/tests/contrib/botocore/test.py
@@ -23,6 +23,7 @@
 
 from ddtrace._trace._span_pointer import _SpanPointer
 from ddtrace._trace._span_pointer import _SpanPointerDirection
+from ddtrace._trace.utils_botocore import span_tags
 from tests.utils import get_128_bit_trace_id_from_headers
 
 
@@ -104,6 +105,12 @@ def setUp(self):
         super(BotocoreTest, self).setUp()
 
         Pin(service=self.TEST_SERVICE, tracer=self.tracer).onto(botocore.parsers.ResponseParser)
+        # Setting the validated flag to False ensures the redaction paths configurations are re-validated
+        # FIXME: Ensure AWSPayloadTagging._REQUEST_REDACTION_PATHS_DEFAULTS is always in sync with
+        # config.botocore.payload_tagging_request
+        # FIXME: Ensure AWSPayloadTagging._RESPONSE_REDACTION_PATHS_DEFAULTS is always in sync with
+        # config.botocore.payload_tagging_response
+        span_tags._PAYLOAD_TAGGER.validated = False
 
     def tearDown(self):
         super(BotocoreTest, self).tearDown()
diff --git a/tests/contrib/botocore/test_bedrock.py b/tests/contrib/botocore/test_bedrock.py
index 1001aff0dac..85aa786e962 100644
--- a/tests/contrib/botocore/test_bedrock.py
+++ b/tests/contrib/botocore/test_bedrock.py
@@ -222,6 +222,15 @@ def test_meta_invoke(bedrock_client, request_vcr):
         json.loads(response.get("body").read())
 
 
+@pytest.mark.snapshot
+def test_invoke_model_using_aws_arn_model_id(bedrock_client, request_vcr):
+    body = json.dumps(_REQUEST_BODIES["amazon"])
+    model = "arn:aws:bedrock:us-east-1::foundation-model/amazon.titan-tg1-large"
+    with request_vcr.use_cassette("amazon_invoke_model_arn.yaml"):
+        response = bedrock_client.invoke_model(body=body, modelId=model)
+        json.loads(response.get("body").read())
+
+
 @pytest.mark.snapshot
 def test_amazon_invoke_stream(bedrock_client, request_vcr):
     body, model = json.dumps(_REQUEST_BODIES["amazon"]), _MODELS["amazon"]
diff --git a/tests/contrib/dbapi/test_dbapi_appsec.py b/tests/contrib/dbapi/test_dbapi_appsec.py
index 0ee86f99685..b60b3ac05c0 100644
--- a/tests/contrib/dbapi/test_dbapi_appsec.py
+++ b/tests/contrib/dbapi/test_dbapi_appsec.py
@@ -36,7 +36,7 @@ def tearDown(self):
     @pytest.mark.skipif(not _is_python_version_supported(), reason="IAST compatible versions")
     def test_tainted_query(self):
         from ddtrace.appsec._iast._taint_tracking import OriginType
-        from ddtrace.appsec._iast._taint_tracking import taint_pyobject
+        from ddtrace.appsec._iast._taint_tracking._taint_objects import taint_pyobject
 
         with override_global_config(
             dict(
@@ -59,7 +59,7 @@ def test_tainted_query(self):
     @pytest.mark.skipif(not _is_python_version_supported(), reason="IAST compatible versions")
     def test_tainted_query_args(self):
         from ddtrace.appsec._iast._taint_tracking import OriginType
-        from ddtrace.appsec._iast._taint_tracking import taint_pyobject
+        from ddtrace.appsec._iast._taint_tracking._taint_objects import taint_pyobject
 
         with mock.patch(
             "ddtrace.appsec._iast.taint_sinks.sql_injection.SqlInjection.report"
@@ -113,7 +113,7 @@ def test_untainted_query_and_args(self):
     @pytest.mark.skipif(not _is_python_version_supported(), reason="IAST compatible versions")
     def test_tainted_query_iast_disabled(self):
         from ddtrace.appsec._iast._taint_tracking import OriginType
-        from ddtrace.appsec._iast._taint_tracking import taint_pyobject
+        from ddtrace.appsec._iast._taint_tracking._taint_objects import taint_pyobject
 
         with mock.patch(
             "ddtrace.appsec._iast.taint_sinks.sql_injection.SqlInjection.report"
diff --git a/tests/contrib/django/django_app/appsec_urls.py b/tests/contrib/django/django_app/appsec_urls.py
index 7ded023460f..f5b3f359445 100644
--- a/tests/contrib/django/django_app/appsec_urls.py
+++ b/tests/contrib/django/django_app/appsec_urls.py
@@ -9,19 +9,13 @@
 
 from ddtrace import tracer
 from ddtrace.appsec import _asm_request_context
+from ddtrace.appsec._iast._taint_tracking.aspects import add_aspect
+from ddtrace.appsec._iast._taint_tracking.aspects import decode_aspect
 from ddtrace.appsec._iast._utils import _is_python_version_supported as python_supported_by_iast
 from ddtrace.appsec._trace_utils import block_request_if_user_blocked
 from tests.utils import override_env
 
 
-try:
-    with override_env({"DD_IAST_ENABLED": "True"}):
-        from ddtrace.appsec._iast._taint_tracking.aspects import add_aspect
-        from ddtrace.appsec._iast._taint_tracking.aspects import decode_aspect
-except ImportError:
-    # Python 2 compatibility
-    from operator import add as add_aspect
-
 # django.conf.urls.url was deprecated in django 3 and removed in django 4
 if django.VERSION < (4, 0, 0):
     from django.conf.urls import url as handler
@@ -80,9 +74,14 @@ def checkuser_view(request, user_id):
 
 
 def sqli_http_request_parameter(request):
+    import bcrypt
+    from django.contrib.auth.hashers import BCryptSHA256PasswordHasher
+
+    password_django = BCryptSHA256PasswordHasher()
+    obj = password_django.encode("i'm a password", bcrypt.gensalt())
     with connection.cursor() as cursor:
         # label iast_enabled_sqli_http_request_parameter
-        cursor.execute(request.GET["q"])
+        cursor.execute(add_aspect(add_aspect(request.GET["q"], obj), "'"))
 
     return HttpResponse(request.META["HTTP_USER_AGENT"], status=200)
 
@@ -123,7 +122,7 @@ def taint_checking_enabled_view(request):
     if python_supported_by_iast():
         with override_env({"DD_IAST_ENABLED": "True"}):
             from ddtrace.appsec._iast._taint_tracking import OriginType
-            from ddtrace.appsec._iast._taint_tracking import is_pyobject_tainted
+            from ddtrace.appsec._iast._taint_tracking._taint_objects import is_pyobject_tainted
             from ddtrace.appsec._iast.reporter import IastSpanReporter
 
         def assert_origin_path(path):  # type: (Any) -> None
@@ -155,7 +154,7 @@ def is_pyobject_tainted(pyobject):  # type: (Any) -> bool
 def taint_checking_disabled_view(request):
     if python_supported_by_iast():
         with override_env({"DD_IAST_ENABLED": "True"}):
-            from ddtrace.appsec._iast._taint_tracking import is_pyobject_tainted
+            from ddtrace.appsec._iast._taint_tracking._taint_objects import is_pyobject_tainted
     else:
 
         def is_pyobject_tainted(pyobject):  # type: (Any) -> bool
diff --git a/tests/contrib/django/test_django_appsec_iast.py b/tests/contrib/django/test_django_appsec_iast.py
index efe0fa9acd0..7e42e8aa903 100644
--- a/tests/contrib/django/test_django_appsec_iast.py
+++ b/tests/contrib/django/test_django_appsec_iast.py
@@ -204,14 +204,14 @@ def test_django_tainted_user_agent_iast_disabled(client, test_spans, tracer):
 @pytest.mark.django_db()
 @pytest.mark.skipif(not python_supported_by_iast(), reason="Python version not supported by IAST")
 def test_django_tainted_user_agent_iast_enabled_sqli_http_request_parameter(client, test_spans, tracer):
-    with override_global_config(dict(_iast_enabled=True)):
+    with override_global_config(dict(_iast_enabled=True, _deduplication_enabled=False, _iast_request_sampling=100.0)):
         root_span, response = _aux_appsec_get_root_span(
             client,
             test_spans,
             tracer,
             payload=urlencode({"mytestingbody_key": "mytestingbody_value"}),
             content_type="application/x-www-form-urlencoded",
-            url="/appsec/sqli_http_request_parameter/?q=SELECT 1 FROM sqlite_master",
+            url="/appsec/sqli_http_request_parameter/?q=SELECT 1 FROM sqlite_master WHERE name='",
             headers={"HTTP_USER_AGENT": "test/1.2.3"},
         )
 
@@ -228,7 +228,7 @@ def test_django_tainted_user_agent_iast_enabled_sqli_http_request_parameter(clie
             {
                 "name": "q",
                 "origin": "http.request.parameter",
-                "pattern": "abcdefghijklmnopqrstuvwxyzA",
+                "pattern": "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMN",
                 "redacted": True,
             }
         ]
@@ -238,7 +238,9 @@ def test_django_tainted_user_agent_iast_enabled_sqli_http_request_parameter(clie
             "valueParts": [
                 {"source": 0, "value": "SELECT "},
                 {"pattern": "h", "redacted": True, "source": 0},
-                {"source": 0, "value": " FROM sqlite_master"},
+                {"source": 0, "value": " FROM sqlite_master WHERE name='"},
+                {"redacted": True},
+                {"value": "'"},
             ]
         }
         assert loaded["vulnerabilities"][0]["location"]["path"] == TEST_FILE
diff --git a/tests/contrib/fastapi/test_fastapi_appsec_iast.py b/tests/contrib/fastapi/test_fastapi_appsec_iast.py
index 7f1a140ffc2..1a5db995af4 100644
--- a/tests/contrib/fastapi/test_fastapi_appsec_iast.py
+++ b/tests/contrib/fastapi/test_fastapi_appsec_iast.py
@@ -74,8 +74,8 @@ def check_native_code_exception_in_each_fastapi_test(request, caplog, telemetry_
 def test_query_param_source(fastapi_application, client, tracer, test_spans):
     @fastapi_application.get("/index.html")
     async def test_route(request: Request):
-        from ddtrace.appsec._iast._taint_tracking import get_tainted_ranges
         from ddtrace.appsec._iast._taint_tracking import origin_to_str
+        from ddtrace.appsec._iast._taint_tracking._taint_objects import get_tainted_ranges
 
         query_params = request.query_params.get("iast_queryparam")
         ranges_result = get_tainted_ranges(query_params)
@@ -109,8 +109,8 @@ async def test_route(request: Request):
 def test_header_value_source(fastapi_application, client, tracer, test_spans):
     @fastapi_application.get("/index.html")
     async def test_route(request: Request):
-        from ddtrace.appsec._iast._taint_tracking import get_tainted_ranges
         from ddtrace.appsec._iast._taint_tracking import origin_to_str
+        from ddtrace.appsec._iast._taint_tracking._taint_objects import get_tainted_ranges
 
         query_params = request.headers.get("iast_header")
         ranges_result = get_tainted_ranges(query_params)
@@ -146,8 +146,8 @@ async def test_route(request: Request):
 def test_header_value_source_typing_param(fastapi_application, client, tracer, test_spans):
     @fastapi_application.get("/index.html")
     async def test_route(iast_header: typing.Annotated[str, Header()] = None):
-        from ddtrace.appsec._iast._taint_tracking import get_tainted_ranges
         from ddtrace.appsec._iast._taint_tracking import origin_to_str
+        from ddtrace.appsec._iast._taint_tracking._taint_objects import get_tainted_ranges
 
         ranges_result = get_tainted_ranges(iast_header)
 
@@ -180,8 +180,8 @@ async def test_route(iast_header: typing.Annotated[str, Header()] = None):
 def test_cookies_source(fastapi_application, client, tracer, test_spans):
     @fastapi_application.get("/index.html")
     async def test_route(request: Request):
-        from ddtrace.appsec._iast._taint_tracking import get_tainted_ranges
         from ddtrace.appsec._iast._taint_tracking import origin_to_str
+        from ddtrace.appsec._iast._taint_tracking._taint_objects import get_tainted_ranges
 
         query_params = request.cookies.get("iast_cookie")
         ranges_result = get_tainted_ranges(query_params)
@@ -216,8 +216,8 @@ async def test_route(request: Request):
 def test_cookies_source_typing_param(fastapi_application, client, tracer, test_spans):
     @fastapi_application.get("/index.html")
     async def test_route(iast_cookie: typing.Annotated[str, Cookie()] = "ddd"):
-        from ddtrace.appsec._iast._taint_tracking import get_tainted_ranges
         from ddtrace.appsec._iast._taint_tracking import origin_to_str
+        from ddtrace.appsec._iast._taint_tracking._taint_objects import get_tainted_ranges
 
         ranges_result = get_tainted_ranges(iast_cookie)
 
@@ -250,8 +250,8 @@ async def test_route(iast_cookie: typing.Annotated[str, Cookie()] = "ddd"):
 def test_path_param_source(fastapi_application, client, tracer, test_spans):
     @fastapi_application.get("/index.html/{item_id}")
     async def test_route(item_id):
-        from ddtrace.appsec._iast._taint_tracking import get_tainted_ranges
         from ddtrace.appsec._iast._taint_tracking import origin_to_str
+        from ddtrace.appsec._iast._taint_tracking._taint_objects import get_tainted_ranges
 
         ranges_result = get_tainted_ranges(item_id)
 
@@ -283,8 +283,8 @@ async def test_route(item_id):
 def test_path_source(fastapi_application, client, tracer, test_spans):
     @fastapi_application.get("/path_source/")
     async def test_route(request: Request):
-        from ddtrace.appsec._iast._taint_tracking import get_tainted_ranges
         from ddtrace.appsec._iast._taint_tracking import origin_to_str
+        from ddtrace.appsec._iast._taint_tracking._taint_objects import get_tainted_ranges
 
         path = request.url.path
         ranges_result = get_tainted_ranges(path)
@@ -317,8 +317,8 @@ async def test_route(request: Request):
 def test_path_body_receive_source(fastapi_application, client, tracer, test_spans):
     @fastapi_application.post("/index.html")
     async def test_route(request: Request):
-        from ddtrace.appsec._iast._taint_tracking import get_tainted_ranges
         from ddtrace.appsec._iast._taint_tracking import origin_to_str
+        from ddtrace.appsec._iast._taint_tracking._taint_objects import get_tainted_ranges
 
         body = await request.receive()
         result = body["body"]
@@ -354,8 +354,8 @@ async def test_route(request: Request):
 def test_path_body_body_source(fastapi_application, client, tracer, test_spans):
     @fastapi_application.post("/index.html")
     async def test_route(request: Request):
-        from ddtrace.appsec._iast._taint_tracking import get_tainted_ranges
         from ddtrace.appsec._iast._taint_tracking import origin_to_str
+        from ddtrace.appsec._iast._taint_tracking._taint_objects import get_tainted_ranges
 
         body = await request.body()
         ranges_result = get_tainted_ranges(body)
@@ -392,8 +392,8 @@ async def test_route(request: Request):
 def test_path_body_body_source_formdata_latest(fastapi_application, client, tracer, test_spans):
     @fastapi_application.post("/index.html")
     async def test_route(path: typing.Annotated[str, Form()]):
-        from ddtrace.appsec._iast._taint_tracking import get_tainted_ranges
         from ddtrace.appsec._iast._taint_tracking import origin_to_str
+        from ddtrace.appsec._iast._taint_tracking._taint_objects import get_tainted_ranges
 
         ranges_result = get_tainted_ranges(path)
 
@@ -423,8 +423,8 @@ async def test_route(path: typing.Annotated[str, Form()]):
 def test_path_body_body_source_formdata_90(fastapi_application, client, tracer, test_spans):
     @fastapi_application.post("/index.html")
     async def test_route(path: str = Form(...)):
-        from ddtrace.appsec._iast._taint_tracking import get_tainted_ranges
         from ddtrace.appsec._iast._taint_tracking import origin_to_str
+        from ddtrace.appsec._iast._taint_tracking._taint_objects import get_tainted_ranges
 
         ranges_result = get_tainted_ranges(path)
 
@@ -463,8 +463,8 @@ class Item(BaseModel):
 
     @fastapi_application.post("/index")
     async def test_route(item: Item):
-        from ddtrace.appsec._iast._taint_tracking import get_tainted_ranges
         from ddtrace.appsec._iast._taint_tracking import origin_to_str
+        from ddtrace.appsec._iast._taint_tracking._taint_objects import get_tainted_ranges
 
         ranges_result = get_tainted_ranges(item.name)
 
@@ -497,7 +497,7 @@ async def test_route(item: Item):
 def test_path_body_body_upload(fastapi_application, client, tracer, test_spans):
     @fastapi_application.post("/uploadfile/")
     async def create_upload_file(files: typing.List[UploadFile]):
-        from ddtrace.appsec._iast._taint_tracking import get_tainted_ranges
+        from ddtrace.appsec._iast._taint_tracking._taint_objects import get_tainted_ranges
 
         ranges_result = get_tainted_ranges(files[0])
         return JSONResponse(
@@ -529,7 +529,7 @@ def test_fastapi_sqli_path_param(fastapi_application, client, tracer, test_spans
     async def test_route(param_str):
         import sqlite3
 
-        from ddtrace.appsec._iast._taint_tracking import is_pyobject_tainted
+        from ddtrace.appsec._iast._taint_tracking._taint_objects import is_pyobject_tainted
         from ddtrace.appsec._iast._taint_tracking.aspects import add_aspect
 
         assert is_pyobject_tainted(param_str)
@@ -577,8 +577,8 @@ async def test_route(param_str):
 def test_fasapi_insecure_cookie(fastapi_application, client, tracer, test_spans):
     @fastapi_application.route("/insecure_cookie/", methods=["GET"])
     def insecure_cookie(request: Request):
-        from ddtrace.appsec._iast._taint_tracking import get_tainted_ranges
         from ddtrace.appsec._iast._taint_tracking import origin_to_str
+        from ddtrace.appsec._iast._taint_tracking._taint_objects import get_tainted_ranges
 
         query_params = request.query_params.get("iast_queryparam")
         ranges_result = get_tainted_ranges(query_params)
@@ -618,8 +618,8 @@ def insecure_cookie(request: Request):
 def test_fasapi_insecure_cookie_empty(fastapi_application, client, tracer, test_spans):
     @fastapi_application.route("/insecure_cookie/", methods=["GET"])
     def insecure_cookie(request: Request):
-        from ddtrace.appsec._iast._taint_tracking import get_tainted_ranges
         from ddtrace.appsec._iast._taint_tracking import origin_to_str
+        from ddtrace.appsec._iast._taint_tracking._taint_objects import get_tainted_ranges
 
         query_params = request.query_params.get("iast_queryparam")
         ranges_result = get_tainted_ranges(query_params)
@@ -653,8 +653,8 @@ def insecure_cookie(request: Request):
 def test_fasapi_no_http_only_cookie(fastapi_application, client, tracer, test_spans):
     @fastapi_application.route("/insecure_cookie/", methods=["GET"])
     def insecure_cookie(request: Request):
-        from ddtrace.appsec._iast._taint_tracking import get_tainted_ranges
         from ddtrace.appsec._iast._taint_tracking import origin_to_str
+        from ddtrace.appsec._iast._taint_tracking._taint_objects import get_tainted_ranges
 
         query_params = request.query_params.get("iast_queryparam")
         ranges_result = get_tainted_ranges(query_params)
@@ -694,8 +694,8 @@ def insecure_cookie(request: Request):
 def test_fasapi_no_http_only_cookie_empty(fastapi_application, client, tracer, test_spans):
     @fastapi_application.route("/insecure_cookie/", methods=["GET"])
     def insecure_cookie(request: Request):
-        from ddtrace.appsec._iast._taint_tracking import get_tainted_ranges
         from ddtrace.appsec._iast._taint_tracking import origin_to_str
+        from ddtrace.appsec._iast._taint_tracking._taint_objects import get_tainted_ranges
 
         query_params = request.query_params.get("iast_queryparam")
         ranges_result = get_tainted_ranges(query_params)
@@ -729,8 +729,8 @@ def insecure_cookie(request: Request):
 def test_fasapi_no_samesite_cookie(fastapi_application, client, tracer, test_spans):
     @fastapi_application.route("/insecure_cookie/", methods=["GET"])
     def insecure_cookie(request: Request):
-        from ddtrace.appsec._iast._taint_tracking import get_tainted_ranges
         from ddtrace.appsec._iast._taint_tracking import origin_to_str
+        from ddtrace.appsec._iast._taint_tracking._taint_objects import get_tainted_ranges
 
         query_params = request.query_params.get("iast_queryparam")
         ranges_result = get_tainted_ranges(query_params)
diff --git a/tests/contrib/flask/test_flask_appsec_iast.py b/tests/contrib/flask/test_flask_appsec_iast.py
index f1bed61cb9d..238d0630549 100644
--- a/tests/contrib/flask/test_flask_appsec_iast.py
+++ b/tests/contrib/flask/test_flask_appsec_iast.py
@@ -59,7 +59,7 @@ def test_flask_full_sqli_iast_http_request_path_parameter(self):
         def sqli_1(param_str):
             import sqlite3
 
-            from ddtrace.appsec._iast._taint_tracking import is_pyobject_tainted
+            from ddtrace.appsec._iast._taint_tracking._taint_objects import is_pyobject_tainted
             from ddtrace.appsec._iast._taint_tracking.aspects import add_aspect
 
             assert is_pyobject_tainted(param_str)
@@ -273,8 +273,8 @@ def sqli_5(param_str, param_int):
             from flask import request
 
             from ddtrace.appsec._iast._taint_tracking import OriginType
-            from ddtrace.appsec._iast._taint_tracking import get_tainted_ranges
-            from ddtrace.appsec._iast._taint_tracking import is_pyobject_tainted
+            from ddtrace.appsec._iast._taint_tracking._taint_objects import get_tainted_ranges
+            from ddtrace.appsec._iast._taint_tracking._taint_objects import is_pyobject_tainted
 
             header_ranges = get_tainted_ranges(request.headers["User-Agent"])
             assert header_ranges
@@ -324,7 +324,7 @@ def test_flask_simple_iast_path_header_and_querystring_tainted_request_sampling_
         def sqli_6(param_str):
             from flask import request
 
-            from ddtrace.appsec._iast._taint_tracking import is_pyobject_tainted
+            from ddtrace.appsec._iast._taint_tracking._taint_objects import is_pyobject_tainted
 
             # Note: these are not tainted because of request sampling at 0%
             assert not is_pyobject_tainted(request.headers["User-Agent"])
@@ -536,7 +536,7 @@ def sqli_10():
 
             from flask import request
 
-            from ddtrace.appsec._iast._taint_tracking import is_pyobject_tainted
+            from ddtrace.appsec._iast._taint_tracking._taint_objects import is_pyobject_tainted
             from ddtrace.appsec._iast._taint_tracking.aspects import add_aspect
 
             con = sqlite3.connect(":memory:")
@@ -601,7 +601,7 @@ def sqli_11():
 
             from flask import request
 
-            from ddtrace.appsec._iast._taint_tracking import is_pyobject_tainted
+            from ddtrace.appsec._iast._taint_tracking._taint_objects import is_pyobject_tainted
             from ddtrace.appsec._iast._taint_tracking.aspects import add_aspect
 
             con = sqlite3.connect(":memory:")
@@ -666,7 +666,7 @@ def sqli_11():
 
             from flask import request
 
-            from ddtrace.appsec._iast._taint_tracking import is_pyobject_tainted
+            from ddtrace.appsec._iast._taint_tracking._taint_objects import is_pyobject_tainted
             from ddtrace.appsec._iast._taint_tracking.aspects import add_aspect
 
             con = sqlite3.connect(":memory:")
@@ -731,7 +731,7 @@ def sqli_11():
 
             from flask import request
 
-            from ddtrace.appsec._iast._taint_tracking import is_pyobject_tainted
+            from ddtrace.appsec._iast._taint_tracking._taint_objects import is_pyobject_tainted
             from ddtrace.appsec._iast._taint_tracking.aspects import add_aspect
 
             con = sqlite3.connect(":memory:")
@@ -798,7 +798,7 @@ def sqli_11():
 
             from flask import request
 
-            from ddtrace.appsec._iast._taint_tracking import is_pyobject_tainted
+            from ddtrace.appsec._iast._taint_tracking._taint_objects import is_pyobject_tainted
             from ddtrace.appsec._iast._taint_tracking.aspects import add_aspect
 
             def iterate_json(data, parent_key=""):
@@ -939,7 +939,7 @@ def sqli_10():
 
             from flask import request
 
-            from ddtrace.appsec._iast._taint_tracking import is_pyobject_tainted
+            from ddtrace.appsec._iast._taint_tracking._taint_objects import is_pyobject_tainted
             from ddtrace.appsec._iast._taint_tracking.aspects import add_aspect
 
             con = sqlite3.connect(":memory:")
@@ -1042,7 +1042,7 @@ def header_injection():
             from flask import Response
             from flask import request
 
-            from ddtrace.appsec._iast._taint_tracking import is_pyobject_tainted
+            from ddtrace.appsec._iast._taint_tracking._taint_objects import is_pyobject_tainted
 
             tainted_string = request.form.get("name")
             assert is_pyobject_tainted(tainted_string)
@@ -1082,7 +1082,7 @@ def header_injection():
             from flask import Response
             from flask import request
 
-            from ddtrace.appsec._iast._taint_tracking import is_pyobject_tainted
+            from ddtrace.appsec._iast._taint_tracking._taint_objects import is_pyobject_tainted
 
             tainted_string = request.form.get("name")
             assert is_pyobject_tainted(tainted_string)
@@ -1111,7 +1111,7 @@ def header_injection():
             from flask import Response
             from flask import request
 
-            from ddtrace.appsec._iast._taint_tracking import is_pyobject_tainted
+            from ddtrace.appsec._iast._taint_tracking._taint_objects import is_pyobject_tainted
 
             tainted_string = request.form.get("name")
             assert is_pyobject_tainted(tainted_string)
@@ -1140,7 +1140,7 @@ def insecure_cookie():
             from flask import Response
             from flask import request
 
-            from ddtrace.appsec._iast._taint_tracking import is_pyobject_tainted
+            from ddtrace.appsec._iast._taint_tracking._taint_objects import is_pyobject_tainted
 
             tainted_string = request.form.get("name")
             assert is_pyobject_tainted(tainted_string)
@@ -1178,7 +1178,7 @@ def insecure_cookie_empty():
             from flask import Response
             from flask import request
 
-            from ddtrace.appsec._iast._taint_tracking import is_pyobject_tainted
+            from ddtrace.appsec._iast._taint_tracking._taint_objects import is_pyobject_tainted
 
             tainted_string = request.form.get("name")
             assert is_pyobject_tainted(tainted_string)
@@ -1208,7 +1208,7 @@ def no_http_only_cookie():
             from flask import Response
             from flask import request
 
-            from ddtrace.appsec._iast._taint_tracking import is_pyobject_tainted
+            from ddtrace.appsec._iast._taint_tracking._taint_objects import is_pyobject_tainted
 
             tainted_string = request.form.get("name")
             assert is_pyobject_tainted(tainted_string)
@@ -1246,7 +1246,7 @@ def no_http_only_cookie_empty():
             from flask import Response
             from flask import request
 
-            from ddtrace.appsec._iast._taint_tracking import is_pyobject_tainted
+            from ddtrace.appsec._iast._taint_tracking._taint_objects import is_pyobject_tainted
 
             tainted_string = request.form.get("name")
             assert is_pyobject_tainted(tainted_string)
@@ -1277,7 +1277,7 @@ def no_samesite_cookie():
             from flask import Response
             from flask import request
 
-            from ddtrace.appsec._iast._taint_tracking import is_pyobject_tainted
+            from ddtrace.appsec._iast._taint_tracking._taint_objects import is_pyobject_tainted
 
             tainted_string = request.form.get("name")
             assert is_pyobject_tainted(tainted_string)
@@ -1315,7 +1315,7 @@ def no_samesite_cookie_empty():
             from flask import Response
             from flask import request
 
-            from ddtrace.appsec._iast._taint_tracking import is_pyobject_tainted
+            from ddtrace.appsec._iast._taint_tracking._taint_objects import is_pyobject_tainted
 
             tainted_string = request.form.get("name")
             assert is_pyobject_tainted(tainted_string)
@@ -1343,7 +1343,7 @@ def cookie_secure():
             from flask import Response
             from flask import request
 
-            from ddtrace.appsec._iast._taint_tracking import is_pyobject_tainted
+            from ddtrace.appsec._iast._taint_tracking._taint_objects import is_pyobject_tainted
 
             tainted_string = request.form.get("name")
             assert is_pyobject_tainted(tainted_string)
@@ -1518,7 +1518,7 @@ def test_flask_simple_iast_path_header_and_querystring_not_tainted_if_iast_disab
         def test_sqli(param_str):
             from flask import request
 
-            from ddtrace.appsec._iast._taint_tracking import is_pyobject_tainted
+            from ddtrace.appsec._iast._taint_tracking._taint_objects import is_pyobject_tainted
 
             assert not is_pyobject_tainted(request.headers["User-Agent"])
             assert not is_pyobject_tainted(request.query_string)
diff --git a/tests/debugging/exception/test_replay.py b/tests/debugging/exception/test_replay.py
index 54baeb8b826..9aae75dae47 100644
--- a/tests/debugging/exception/test_replay.py
+++ b/tests/debugging/exception/test_replay.py
@@ -123,7 +123,7 @@ def c(foo=42):
             for n, span in enumerate(self.spans):
                 assert span.get_tag(replay.DEBUG_INFO_TAG) == "true"
 
-                exc_id = span.get_tag("_dd.debug.error.exception_id")
+                exc_id = span.get_tag(replay.EXCEPTION_ID_TAG)
 
                 info = {k: v for k, v in enumerate(["c", "b", "a"][n:], start=1)}
 
@@ -147,8 +147,8 @@ def c(foo=42):
                     assert all(str(s.exc_id) == exc_id for s in snapshots.values())
 
             # assert all spans use the same exc_id
-            exc_ids = set(span.get_tag("_dd.debug.error.exception_id") for span in self.spans)
-            assert len(exc_ids) == 1
+            exc_ids = set(span.get_tag(replay.EXCEPTION_ID_TAG) for span in self.spans)
+            assert None not in exc_ids and len(exc_ids) == 1
 
     def test_debugger_exception_chaining(self):
         def a(v, d=None):
@@ -190,7 +190,7 @@ def c(foo=42):
             for n, span in enumerate(self.spans):
                 assert span.get_tag(replay.DEBUG_INFO_TAG) == "true"
 
-                exc_id = span.get_tag("_dd.debug.error.exception_id")
+                exc_id = span.get_tag(replay.EXCEPTION_ID_TAG)
 
                 info = {k: v for k, v in enumerate(stacks[n], start=1)}
 
@@ -215,8 +215,8 @@ def c(foo=42):
                     assert any(str(s.exc_id) == exc_id for s in snapshots.values())
 
             # assert number of unique exc_ids based on python version
-            exc_ids = set(span.get_tag("_dd.debug.error.exception_id") for span in self.spans)
-            assert len(exc_ids) == number_of_exc_ids
+            exc_ids = set(span.get_tag(replay.EXCEPTION_ID_TAG) for span in self.spans)
+            assert None not in exc_ids and len(exc_ids) == number_of_exc_ids
 
             # invoke again (should be in less than 1 sec)
             with with_rate_limiter(rate_limiter):
diff --git a/tests/smoke_test.py b/tests/smoke_test.py
index cbf5ebc8e61..24017c0df81 100644
--- a/tests/smoke_test.py
+++ b/tests/smoke_test.py
@@ -37,14 +37,8 @@ def emit(self, record):
 try:
     from ddtrace.appsec._iast._taint_tracking._native import ops
 
-    if os.environ.get("DD_IAST_ENABLED") == "False":
-        assert any(
-            "IAST not enabled but native module is being loaded" in message
-            for message in log_messages
-        )
-    else:
-        assert ops
-        assert len(log_messages) == 0
+    assert ops
+    assert len(log_messages) == 0
 except ImportError as e:
     assert False, "Importing the native module failed, _native probably not compiled correctly: %s" % str(e)
 """
diff --git a/tests/snapshots/tests.contrib.botocore.test_bedrock.test_invoke_model_using_aws_arn_model_id.json b/tests/snapshots/tests.contrib.botocore.test_bedrock.test_invoke_model_using_aws_arn_model_id.json
new file mode 100644
index 00000000000..0da1e335083
--- /dev/null
+++ b/tests/snapshots/tests.contrib.botocore.test_bedrock.test_invoke_model_using_aws_arn_model_id.json
@@ -0,0 +1,39 @@
+[[
+  {
+    "name": "bedrock-runtime.command",
+    "service": "aws.bedrock-runtime",
+    "resource": "InvokeModel",
+    "trace_id": 0,
+    "span_id": 1,
+    "parent_id": 0,
+    "type": "",
+    "error": 0,
+    "meta": {
+      "_dd.base_service": "tests.contrib.botocore",
+      "_dd.p.dm": "-0",
+      "_dd.p.tid": "6786dfda00000000",
+      "bedrock.request.max_tokens": "50",
+      "bedrock.request.model": "titan-tg1-large",
+      "bedrock.request.model_provider": "amazon",
+      "bedrock.request.prompt": "Command: can you explain what Datadog is to someone not in the tech industry?",
+      "bedrock.request.stop_sequences": "[]",
+      "bedrock.request.temperature": "0",
+      "bedrock.request.top_p": "0.9",
+      "bedrock.response.choices.0.finish_reason": "LENGTH",
+      "bedrock.response.choices.0.text": "\\n\\nDatadog is a monitoring and analytics platform for IT operations, DevOps, and software development teams. It provides real-t...",
+      "bedrock.response.duration": "2646",
+      "bedrock.response.id": "b2d0fd44-c29a-4cd4-a97a-6901a48f6264",
+      "bedrock.usage.completion_tokens": "50",
+      "bedrock.usage.prompt_tokens": "18",
+      "language": "python",
+      "runtime-id": "cf8ef38d3504475ba71634071f15d00f"
+    },
+    "metrics": {
+      "_dd.top_level": 1,
+      "_dd.tracer_kr": 1.0,
+      "_sampling_priority_v1": 1,
+      "process_id": 96028
+    },
+    "duration": 2318000,
+    "start": 1736892378210317000
+  }]]
diff --git a/tests/tracer/test_span.py b/tests/tracer/test_span.py
index e746632037e..8cdaad831f0 100644
--- a/tests/tracer/test_span.py
+++ b/tests/tracer/test_span.py
@@ -283,10 +283,16 @@ def wrapper():
                 assert 0, "should have failed"
 
             stack = s.get_tag(ERROR_STACK)
+            assert stack, "No error stack collected"
             # one header "Traceback (most recent call last):" and one footer "ZeroDivisionError: division by zero"
             header_and_footer_lines = 2
+            # Python 3.13 adds extra lines to the traceback:
+            #   File dd-trace-py/tests/tracer/test_span.py", line 279, in test_custom_traceback_size_with_error
+            #     wrapper()
+            #     ~~~~~~~^^
+            multiplier = 3 if "~~" in stack else 2
             assert (
-                len(stack.splitlines()) == tb_length_limit * 2 + header_and_footer_lines
+                len(stack.splitlines()) == tb_length_limit * multiplier + header_and_footer_lines
             ), "stacktrace should contain two lines per entry"
 
     def test_ctx_mgr(self):