diff --git a/.astro/types.d.ts b/.astro/types.d.ts
index f964fe0..306a68b 100644
--- a/.astro/types.d.ts
+++ b/.astro/types.d.ts
@@ -1 +1,2 @@
 /// <reference types="astro/client" />
+/// <reference path="content.d.ts" />
diff --git a/.cspell.json b/.cspell.json
index feb4217..4426e68 100644
--- a/.cspell.json
+++ b/.cspell.json
@@ -6,6 +6,7 @@
     "Merbivore",
     "Monokai",
     "SARIF",
+    "withastro",
     "ZIZMOR"
   ],
   "allowCompoundWords": true,
diff --git a/.github/copilot-instructions.md b/.github/copilot-instructions.md
index b511e8d..5234d55 100644
--- a/.github/copilot-instructions.md
+++ b/.github/copilot-instructions.md
@@ -5,7 +5,7 @@
 - All code should be formatted with Prettier.
 - Use ESLint v8.57.1 to check for JavaScript errors.
 - Node v22 is used for development.
-- Use Bootstrap v5.3.7 for styling.
+- Use Bootstrap v5.3.8 for styling.
 - Use latest Astro for building the website.
 - Locally host JS/CSS - don't use third-party CDNs.
 - All HTML must be accessible.
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index f698194..01beac1 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -18,9 +18,12 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: ⬇️ Checkout
-        uses: actions/checkout@v5
+        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+        with:
+          persist-credentials: false
+
       - name: Install, build, and upload your site
-        uses: withastro/action@v4
+        uses: withastro/action@77fad83745446cf039d76af7037b782f1af80749 # v4.1.0
 
   deploy:
     needs: build
@@ -31,4 +34,4 @@ jobs:
     steps:
       - name: Deploy to GitHub Pages
         id: deployment
-        uses: actions/deploy-pages@v4
+        uses: actions/deploy-pages@d6db90164ac5ed86f2b6aed7e0febac5b3c0c03e # v4.0.5
diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
index 6cab30d..b44e72a 100644
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -27,10 +27,10 @@ jobs:
           persist-credentials: false
 
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@v3
+        uses: github/codeql-action/init@f1f6e5f6af878fb37288ce1c627459e94dbf7d01 # v3.30.1
         with:
           languages: 'javascript'
           queries: +security-and-quality
 
       - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@v3
+        uses: github/codeql-action/analyze@f1f6e5f6af878fb37288ce1c627459e94dbf7d01 # v3.30.1
diff --git a/.github/workflows/super-linter.yml b/.github/workflows/super-linter.yml
index 830a9c4..930b582 100644
--- a/.github/workflows/super-linter.yml
+++ b/.github/workflows/super-linter.yml
@@ -30,7 +30,7 @@ jobs:
           persist-credentials: false
 
       - name: Super-linter
-        uses: super-linter/super-linter/slim@v8.1.0
+        uses: super-linter/super-linter/slim@ffde3b2b33b745cb612d787f669ef9442b1339a6 # v8.1.0.1.0
         env:
           DEFAULT_BRANCH: main
           FILTER_REGEX_EXCLUDE: '/test/'
@@ -45,7 +45,6 @@ jobs:
           VALIDATE_CSS: false
           VALIDATE_EDITORCONFIG: false
           VALIDATE_GIT_COMMITLINT: false
-          VALIDATE_GITHUB_ACTIONS_ZIZMOR: false
           VALIDATE_HTML_PRETTIER: false
           VALIDATE_JAVASCRIPT_PRETTIER: false
           VALIDATE_JSON_PRETTIER: false