diff --git a/.github/workflows/actions-update.yml b/.github/workflows/actions-update.yml
index 51fd019..3af9a7e 100644
--- a/.github/workflows/actions-update.yml
+++ b/.github/workflows/actions-update.yml
@@ -11,7 +11,7 @@ jobs:
     runs-on: ubuntu-latest
 
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v4.1.7
         with:
           # [Required] Access token with `workflow` scope.
           token: ${{ secrets.WORKFLOW_TOKEN }}
diff --git a/.github/workflows/dbmisvc-app-deploy.yml b/.github/workflows/dbmisvc-app-deploy.yml
index 1eda739..a771d53 100644
--- a/.github/workflows/dbmisvc-app-deploy.yml
+++ b/.github/workflows/dbmisvc-app-deploy.yml
@@ -52,15 +52,15 @@ jobs:
       released: ${{ steps.semantic.outputs.new_release_published }}
       channel: ${{ steps.semantic.outputs.new_release_channel }}
     steps:
-    - uses: actions/checkout@v4
+    - uses: actions/checkout@v4.1.7
     - name: Set up Python 3.11
-      uses: actions/setup-python@v5
+      uses: actions/setup-python@v5.1.1
       with:
         python-version: 3.11
     - name: Install Python packages
       run: |
         python -m pip install --upgrade pip
-    - uses: cycjimmy/semantic-release-action@v4
+    - uses: cycjimmy/semantic-release-action@v4.1.0
       id: semantic
       env:
         GITHUB_TOKEN: ${{ secrets.GH_TOKEN }}
@@ -89,7 +89,7 @@ jobs:
           git checkout ${{ needs.metadata.outputs.branch }}
     - name: Configure AWS credentials
       if: steps.semantic.outputs.new_release_published == 'true' || inputs.force
-      uses: aws-actions/configure-aws-credentials@v4
+      uses: aws-actions/configure-aws-credentials@v4.0.2
       with:
         aws-region: ${{ env.AWS_REGION }}
         role-to-assume: ${{ inputs.role }}
@@ -101,7 +101,7 @@ jobs:
       run: git rev-parse HEAD > COMMIT
     - name: Zip artifacts
       if: steps.semantic.outputs.new_release_published == 'true' || inputs.force
-      uses: thedoctor0/zip-release@master
+      uses: thedoctor0/zip-release@0.7.6
       with:
         type: "zip"
         filename: "${{ inputs.filename }}"
diff --git a/.github/workflows/requirements-update.yml b/.github/workflows/requirements-update.yml
index e5148e3..3b95212 100644
--- a/.github/workflows/requirements-update.yml
+++ b/.github/workflows/requirements-update.yml
@@ -25,12 +25,12 @@ jobs:
 
     steps:
     - name: Checkout
-      uses: actions/checkout@v4
+      uses: actions/checkout@v4.1.7
       with:
         ref: development
 
     - name: Setup python
-      uses: actions/setup-python@v5
+      uses: actions/setup-python@v5.1.1
       with:
         python-version: '3.11'
 
@@ -47,7 +47,7 @@ jobs:
           --output-file requirements.txt requirements.in
 
     - name: Create Pull Request
-      uses: peter-evans/create-pull-request@v6
+      uses: peter-evans/create-pull-request@v6.1.0
       with:
         token: ${{ secrets.GH_TOKEN }}
         base: development
diff --git a/.github/workflows/scan.yml b/.github/workflows/scan.yml
index 15a3d1c..ac8b374 100644
--- a/.github/workflows/scan.yml
+++ b/.github/workflows/scan.yml
@@ -22,13 +22,13 @@ jobs:
 
     steps:
     - name: Checkout
-      uses: actions/checkout@v4
+      uses: actions/checkout@v4.1.7
 
     - name: Set up Docker Buildx
-      uses: docker/setup-buildx-action@v3
+      uses: docker/setup-buildx-action@v3.6.1
 
     - name: Login to DockerHub
-      uses: docker/login-action@v3
+      uses: docker/login-action@v3.3.0
       with:
         username: ${{ secrets.DOCKER_HUB_USERNAME }}
         password: ${{ secrets.DOCKER_HUB_PASSWORD }}
@@ -44,7 +44,7 @@ jobs:
 
     - name: Build the image
       id: buildimage
-      uses: docker/build-push-action@v5
+      uses: docker/build-push-action@v6.6.1
       with:
         load: true
         context: ./
@@ -53,7 +53,7 @@ jobs:
         tags: ${{ steps.setimagename.outputs.imagename }}
 
     - name: Run Trivy vulnerability scanner
-      uses: aquasecurity/trivy-action@master
+      uses: aquasecurity/trivy-action@0.24.0
       with:
         image-ref: '${{ steps.setimagename.outputs.imagename }}'
         format: 'table'
diff --git a/.github/workflows/test-image-build.yml b/.github/workflows/test-image-build.yml
index b9700fe..aedb60e 100644
--- a/.github/workflows/test-image-build.yml
+++ b/.github/workflows/test-image-build.yml
@@ -22,13 +22,13 @@ jobs:
 
     steps:
     - name: Checkout
-      uses: actions/checkout@v4
+      uses: actions/checkout@v4.1.7
 
     - name: Set up Docker Buildx
-      uses: docker/setup-buildx-action@v3
+      uses: docker/setup-buildx-action@v3.6.1
 
     - name: Login to DockerHub
-      uses: docker/login-action@v3
+      uses: docker/login-action@v3.3.0
       with:
         username: ${{ secrets.DOCKER_HUB_USERNAME }}
         password: ${{ secrets.DOCKER_HUB_PASSWORD }}
@@ -44,7 +44,7 @@ jobs:
 
     - name: Build the image
       id: buildimage
-      uses: docker/build-push-action@v5
+      uses: docker/build-push-action@v6.6.1
       with:
         context: ./
         file: ./Dockerfile