diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index fedce9b6..2327deb9 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -15,7 +15,7 @@ jobs:
     runs-on: ${{ matrix.os }}
     strategy:
       matrix:
-        node-version: [ 16.x, 18.x, 20.x, 22.x ]
+        node-version: [ 20.x, 22.x, 24.x ]
         os: [ windows-latest, ubuntu-latest, macOS-latest ]
 
     # Go
@@ -40,14 +40,7 @@ jobs:
     - name: Install
       run: npm install
 
-    - name: Test (Node.js <= 16.x)
-      if: matrix.node-version <= '16.x'
-      run: npm run test:nolint
-      env:
-        CI: true
-
     - name: Test
-      if: matrix.node-version > '16.x'
       run: npm test
       env:
         CI: true
diff --git a/.gitignore b/.gitignore
index 8a93bbb1..e0f04581 100644
--- a/.gitignore
+++ b/.gitignore
@@ -9,3 +9,4 @@ scratch/
 test/mock/*/src/*/*/vendor/
 test/mock/tmp/
 yarn.lock
+.kiro
diff --git a/package.json b/package.json
index 2969f641..a0c76224 100644
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "@architect/functions",
-  "version": "8.1.9",
+  "version": "8.1.10-RC.0",
   "description": "Runtime utility library for Functional Web Apps (FWAs) built with Architect (https://arc.codes)",
   "homepage": "https://github.com/architect/functions",
   "repository": {
@@ -11,56 +11,54 @@
   "main": "src/index",
   "types": "types/index.d.ts",
   "scripts": {
-    "test:one": "cross-env tape 'test/unit/src/http/csrf/*-test.js' | tap-arc",
     "lint": "eslint --fix .",
     "test": "npm run lint && npm run test:integration && npm run coverage && npm run test:types",
     "test:nolint": "npm run test:integration && npm run coverage && npm run test:types",
-    "test:unit": "cross-env tape 'test/unit/**/*-test.js' | tap-arc",
-    "test:integration": "cross-env tape 'test/integration/**/*-test.js' | tap-arc",
-    "coverage": "nyc --reporter=lcov --reporter=text npm run test:unit",
+    "test:unit": "cross-env tape 'test/unit/**/*-test.js'",
+    "test:integration": "cross-env tape 'test/integration/**/*-test.js'",
     "test:types": "tsd --files types/*.test-d.ts",
+    "coverage": "nyc --reporter=lcov --reporter=text npm run test:unit",
     "rc": "npm version prerelease --preid RC"
   },
   "engines": {
-    "node": ">=16"
+    "node": ">=20"
   },
   "author": "Brian LeRoux <b@brian.io>",
   "license": "Apache-2.0",
   "dependencies": {
     "@aws-lite/apigatewaymanagementapi": "^0.0.10",
-    "@aws-lite/client": "^0.22.4",
+    "@aws-lite/client": "^0.23.2",
     "@aws-lite/dynamodb": "^0.3.9",
     "@aws-lite/sns": "^0.0.8",
     "@aws-lite/sqs": "^0.2.4",
     "@aws-lite/ssm": "^0.2.5",
-    "cookie": "^1.0.2",
-    "cookie-signature": "^1.2.2",
-    "csrf": "^3.1.0",
-    "node-webtokens": "^1.0.4",
-    "run-parallel": "^1.2.0",
-    "run-waterfall": "^1.1.7",
-    "uid-safe": "^2.1.5"
+    "cookie": "1.0.2",
+    "cookie-signature": "1.2.2",
+    "csrf": "3.1.0",
+    "node-webtokens": "1.0.4",
+    "run-parallel": "1.2.0",
+    "run-waterfall": "1.1.7",
+    "uid-safe": "2.1.5"
   },
   "devDependencies": {
     "@architect/asap": "^7.0.10",
     "@architect/eslint-config": "^3.0.0",
     "@architect/req-res-fixtures": "git+https://github.com/architect/req-res-fixtures.git",
-    "@architect/sandbox": "^6.0.5",
+    "@architect/sandbox": "^8.0.0-RC.2",
     "@aws-lite/apigatewaymanagementapi-types": "^0.0.13",
     "@aws-lite/dynamodb-types": "^0.3.11",
     "@aws-lite/sns-types": "^0.0.10",
     "@aws-lite/sqs-types": "^0.2.6",
     "@types/aws-lambda": "^8.10.147",
-    "@types/node": "18",
-    "cross-env": "~7.0.3",
+    "@types/node": "^24.5.2",
+    "cross-env": "^10.0.0",
     "eslint": "^9.19.0",
     "nyc": "~17.1.0",
     "proxyquire": "~2.1.3",
-    "sinon": "^19.0.2",
-    "tap-arc": "^1.3.2",
+    "sinon": "^21.0.0",
     "tape": "^5.9.0",
     "tiny-json-http": "^7.5.1",
-    "tsd": "^0.31.2"
+    "tsd": "^0.33.0"
   },
   "files": [
     "types/*",
diff --git a/test/unit/src/http/csrf/create-and-verify-test.js b/test/unit/src/http/csrf/create-and-verify-test.js
index 72690c17..7bac1e4c 100644
--- a/test/unit/src/http/csrf/create-and-verify-test.js
+++ b/test/unit/src/http/csrf/create-and-verify-test.js
@@ -21,13 +21,13 @@ test('verify a value', t => {
 
 test('tampered token is falsy', t => {
   t.plan(1)
-  let tamperedToken = "3d879d515ab241429c97dfea6d1e1927.1584118407000.b0b34563d569030cbe9a4ea63312f23729813b838478420e3811c0bfeaf3add1"
+  let tamperedToken = '3d879d515ab241429c97dfea6d1e1927.1584118407000.b0b34563d569030cbe9a4ea63312f23729813b838478420e3811c0bfeaf3add1'
   t.ok(http.csrf.verify(tamperedToken) === false, 'value falsy')
 })
 
 test('token expired is falsy', t  => {
   t.plan(1)
-  let expiredToken = "3d879d515ab241419c97dfea6d1e1927.1584118407000.b0b34563d569030cbe9a4ea63312f23729813b838478420e3811c0bfeaf3add1"
+  let expiredToken = '3d879d515ab241419c97dfea6d1e1927.1584118407000.b0b34563d569030cbe9a4ea63312f23729813b838478420e3811c0bfeaf3add1'
   t.ok(http.csrf.verify(expiredToken) === false, 'value falsy')
 })