diff --git a/Dockerfile b/Dockerfile
index 88ec49acd987..a7b15df63f88 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -220,7 +220,7 @@ RUN --mount=type=cache,target=/var/cache/apt,sharing=locked \
     set -x \
     && apt-get update \
     && apt-get install --no-install-recommends -y \
-        libpq5 libxml2 libxslt1.1 libcurl4 git \
+        libpq5 libxml2 libxslt1.1 libcurl4 \
         $(if [ "$DEVEL" = "yes" ]; then echo 'bash libjpeg62 postgresql-client build-essential libffi-dev libxml2-dev libxslt-dev libpq-dev libcurl4-openssl-dev libssl-dev vim oathtool'; fi) \
     && apt-get clean \
     && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
@@ -238,5 +238,4 @@ COPY . /opt/warehouse/src/
 RUN tldextract --update
 # Load our module to pre-compile as much bytecode as we can easily.
 # Saves time collectively on container boot!
-RUN pip install --force pypi-attestations@git+https://github.com/trailofbits/pypi-attestations/@dm/extensions
 RUN python -m warehouse
diff --git a/requirements/main.in b/requirements/main.in
index 50bf00d4dc91..1671b9b8f6a1 100644
--- a/requirements/main.in
+++ b/requirements/main.in
@@ -65,7 +65,7 @@ redis>=2.8.0,<6.0.0
 rfc3986
 sentry-sdk
 setuptools
-pypi-attestations==0.0.17
+pypi-attestations==0.0.18
 sqlalchemy[asyncio]>=2.0,<3.0
 stdlib-list
 stripe
diff --git a/requirements/main.txt b/requirements/main.txt
index 67a7a4e01ac9..50f3b8b3ba02 100644
--- a/requirements/main.txt
+++ b/requirements/main.txt
@@ -1798,9 +1798,9 @@ pyparsing==3.2.0 \
     --hash=sha256:93d9577b88da0bbea8cc8334ee8b918ed014968fd2ec383e868fb8afb1ccef84 \
     --hash=sha256:cbf74e27246d595d9a74b186b810f6fbb86726dbf3b9532efb343f6d7294fe9c
     # via linehaul
-pypi-attestations==0.0.17 \
-    --hash=sha256:5936c0c69af4e31d69543d03c9809c53c3f1c12b7eed6d83fe1bc81bf6a58c2e \
-    --hash=sha256:5a8a6a89f146d97357284fb6f467ea095273cf385f2f62ce49ad70b0a2057841
+pypi-attestations==0.0.18 \
+    --hash=sha256:08490f8f6bebb032e0776539e130f8101163a96ad84e2983b9b0cd11a45f346f \
+    --hash=sha256:1c88f7d312ba86e82882d3d704077f9d87a360e5215d26c872e90565829ce855
     # via -r requirements/main.in
 pyqrcode==1.2.1 \
     --hash=sha256:1b2812775fa6ff5c527977c4cd2ccb07051ca7d0bc0aecf937a43864abe5eff6 \