Kong
diff --git a/‎.github/workflows/autogenerated-warning.yml
+3-3 b/‎.github/workflows/autogenerated-warning.yml
+3-3
diff --git a/‎.github/workflows/build-docs-pdf.yml
+6-6 b/‎.github/workflows/build-docs-pdf.yml
+6-6
diff --git a/‎.github/workflows/build-plugin-pdf.yml
+6-6 b/‎.github/workflows/build-plugin-pdf.yml
+6-6
diff --git a/‎.github/workflows/check-links.yml
+4-4 b/‎.github/workflows/check-links.yml
+4-4
diff --git a/‎.github/workflows/ci-autofix.yml
+5-5 b/‎.github/workflows/ci-autofix.yml
+5-5
diff --git a/‎.github/workflows/dispatch-docs-update.yml
+1-1 b/‎.github/workflows/dispatch-docs-update.yml
+1-1
diff --git a/‎.github/workflows/fetch-konnect-changelog.yml
+2-2 b/‎.github/workflows/fetch-konnect-changelog.yml
+2-2
diff --git a/‎.github/workflows/generate-changelog.yml
+2-2 b/‎.github/workflows/generate-changelog.yml
+2-2
diff --git a/‎.github/workflows/install-instructions-test.yml
+2-2 b/‎.github/workflows/install-instructions-test.yml
+2-2
diff --git a/‎.github/workflows/linting.yml
+11-11 b/‎.github/workflows/linting.yml
+11-11
diff --git a/‎.github/workflows/push-oas-downstream.yaml
+2-2 b/‎.github/workflows/push-oas-downstream.yaml
+2-2
diff --git a/‎.github/workflows/require-review-label.yml
+1-1 b/‎.github/workflows/require-review-label.yml
+1-1
@@ -8,7 +8,7 @@ jobs:
     timeout-minutes: 10
     steps:
       - name: Check if manual review has been performed
-        uses: actions/github-script@v7
+        uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7
         id: labels
         with:
           script: |
@@ -25,7 +25,7 @@ jobs:
     runs-on: ubuntu-latest
     timeout-minutes: 30
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
       - name: Add warning if needed
         run: |
           cd check-generated-content
@@ -40,7 +40,7 @@ jobs:
     runs-on: ubuntu-latest
     timeout-minutes: 10
     steps:
-      - uses: mheap/github-action-required-labels@v5
+      - uses: mheap/github-action-required-labels@388fd6af37b34cdfe5a23b37060e763217e58b03 # v5
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
         with:
 
@@ -17,19 +17,19 @@ jobs:
       # Increase number of watchers to fix generation
       - run: sudo sysctl -w fs.inotify.max_user_watches=524288
 
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
         with:
           submodules: 'recursive'
 
       # Configure Ruby to build Jekyll site
       - name: Set up Ruby
-        uses: ruby/setup-ruby@v1
+        uses: ruby/setup-ruby@6c79f721fa26dd64559c2700086ac852c18e0756 # v1
         with:
           ruby-version: .ruby-version
       - name: Install foreman
         run: gem install foreman
       - name: Ruby gem cache
-        uses: actions/cache@v4
+        uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf # v4
         with:
           path: ${{ github.workspace }}/vendor/bundle
           key: ${{ runner.os }}-gems-${{ hashFiles('**/Gemfile.lock') }}
@@ -43,11 +43,11 @@ jobs:
         run: gem install foreman
 
       # Configure Node to build assets
-      - uses: actions/setup-node@v4
+      - uses: actions/setup-node@1d0ff469b7ec7b3cb9d8673fde0c81c44821de2a # v4
         with:
           node-version: "20"
       - name: Cache node modules
-        uses: actions/cache@v4
+        uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf # v4
         env:
           cache-name: cache-node-modules
         with:
@@ -74,7 +74,7 @@ jobs:
           node run.js
 
       # Upload build PDFs
-      - uses: actions/upload-artifact@v4
+      - uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1 # v4
         with:
           name: "pdfs-${{ env.TODAY }}"
           path: pdf-generation/pdfs/*.pdf
@@ -16,17 +16,17 @@ jobs:
     runs-on: ubuntu-latest
     timeout-minutes: 30
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
         with:
           submodules: 'recursive'
 
       # Configure Ruby to build Jekyll site
       - name: Set up Ruby
-        uses: ruby/setup-ruby@v1
+        uses: ruby/setup-ruby@6c79f721fa26dd64559c2700086ac852c18e0756 # v1
         with:
           ruby-version: .ruby-version
       - name: Ruby gem cache
-        uses: actions/cache@v4
+        uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf # v4
         with:
           path: ${{ github.workspace }}/vendor/bundle
           key: ${{ runner.os }}-gems-${{ hashFiles('**/Gemfile.lock') }}
@@ -40,11 +40,11 @@ jobs:
         run: gem install foreman
 
       # Configure Node to build assets
-      - uses: actions/setup-node@v4
+      - uses: actions/setup-node@1d0ff469b7ec7b3cb9d8673fde0c81c44821de2a # v4
         with:
           node-version: "20"
       - name: Cache node modules
-        uses: actions/cache@v4
+        uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf # v4
         env:
           cache-name: cache-node-modules
         with:
@@ -72,7 +72,7 @@ jobs:
           node run.js
 
       # Upload build PDFs
-      - uses: actions/upload-artifact@v4
+      - uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1 # v4
         with:
           name: "pdfs-plugin-${{ env.TODAY }}"
           path: pdf-generation/pdfs/*.pdf
@@ -14,7 +14,7 @@ jobs:
     timeout-minutes: 10
     steps:
       - name: Check if manual review has been performed
-        uses: actions/github-script@v7
+        uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7
         id: labels
         with:
           script: |
@@ -31,17 +31,17 @@ jobs:
     runs-on: ubuntu-latest
     timeout-minutes: 30
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
       - name: Wait for Pages changed to be neutral
-        uses: fountainhead/[email protected]
+        uses: fountainhead/action-wait-for-check@5a908a24814494009c4bb27c242ea38c93c593be # v1.2.0
         id: waitForCheck
         with:
           ref: ${{ github.event.pull_request.head.sha || github.sha }}
           token: ${{ secrets.GITHUB_TOKEN }}
           checkName: "Pages changed - kongdocs"
       - name: Wait for Netlify site to be ready
         if: steps.waitForCheck.outputs.conclusion == 'neutral'
-        uses: jakepartusch/[email protected]
+        uses: jakepartusch/wait-for-netlify-action@f1e137043864b9ab9034ae3a5adc1c108e3f1a48 # v1.4
         id: waitForNetlify
         with:
           site_name: "kongdocs"
 
@@ -8,19 +8,19 @@ jobs:
     runs-on: ubuntu-latest
     timeout-minutes: 10
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
         with:
           repository:  ${{ github.event.pull_request.head.repo.full_name }}
           ref: ${{ github.event.pull_request.head.ref }}
           fetch-depth: 0
-      - uses: actions/setup-node@v4
+      - uses: actions/setup-node@1d0ff469b7ec7b3cb9d8673fde0c81c44821de2a # v4
         with:
           node-version: 16
           cache: 'npm'
       - run: npm ci
       - name: Get changed files
         id: changed-files
-        uses: tj-actions/changed-files@4edd678ac3f81e2dc578756871e4d00c19191daf
+        uses: tj-actions/changed-files@4edd678ac3f81e2dc578756871e4d00c19191daf # 4edd678ac3f81e2dc578756871e4d00c19191daf
         with:
           sha: ${{  github.event.pull_request.head.sha }}
           files: |
@@ -31,11 +31,11 @@ jobs:
             app/_assets/images/**
       - run: npx prettier --write ${{ steps.changed-files.outputs.all_changed_files }}
       - name: Commit changes
-        uses: EndBug/add-and-commit@v9
+        uses: EndBug/add-and-commit@a94899bca583c204427a224a7af87c02f9b325d5 # v9
         with:
           author_name: github-actions[bot]
           author_email: 41898282+github-actions[bot]@users.noreply.github.com
           message: "[ci] Autofix :: Prettier"
-      - uses: actions-ecosystem/action-remove-labels@v1
+      - uses: actions-ecosystem/action-remove-labels@2ce5d41b4b6aa8503e285553f75ed56e0a40bae0 # v1
         with:
           labels: "ci:autofix:prettier"
@@ -9,7 +9,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Repository Dispatch
-        uses: peter-evans/repository-dispatch@v3
+        uses: peter-evans/repository-dispatch@ff45666b9427631e3450c54a1bcbee4d9ff4d7c0 # v3
         with:
           token: ${{ secrets.PAT }}
           repository: Kong/docs.konghq.com-jp
 
@@ -16,7 +16,7 @@ jobs:
     timeout-minutes: 10
 
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
         with:
           token: ${{ secrets.PAT }}
       - name: Run changelog script
@@ -28,7 +28,7 @@ jobs:
           node fetch-beamer-posts.js
 
       - name: Create Pull Request
-        uses: peter-evans/create-pull-request@v7
+        uses: peter-evans/create-pull-request@271a8d0340265f705b14b6d32b9829c1cb33d45e # v7
         with:
           title: Automated Konnect changelog update [skip-ci]
           body: |
 
@@ -18,7 +18,7 @@ jobs:
     runs-on: ubuntu-latest
     timeout-minutes: 10
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
         with:
           token: ${{ secrets.PAT }}
       - name: Run changelog script
@@ -29,7 +29,7 @@ jobs:
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
       - name: Create Pull Request
-        uses: peter-evans/create-pull-request@v7
+        uses: peter-evans/create-pull-request@271a8d0340265f705b14b6d32b9829c1cb33d45e # v7
         with:
           title: Automated Changelog update [skip-ci]
           body: |
 
@@ -18,12 +18,12 @@ jobs:
     runs-on: ubuntu-latest
     timeout-minutes: 60
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
         with:
           submodules: "recursive"
 
       - name: Set up QEMU
-        uses: docker/setup-qemu-action@v3
+        uses: docker/setup-qemu-action@29109295f81e9208d7d86ff1c6c12d2833863392 # v3
         with:
           platforms: arm64
 
 
@@ -15,7 +15,7 @@ jobs:
     timeout-minutes: 10
     steps:
       - name: Check if manual review has been performed
-        uses: actions/github-script@v7
+        uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7
         id: labels
         with:
           result-encoding: string
@@ -34,17 +34,17 @@ jobs:
     runs-on: ubuntu-latest
     timeout-minutes: 30
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
         with:
           fetch-depth: 100
-      - uses: actions/setup-node@v4
+      - uses: actions/setup-node@1d0ff469b7ec7b3cb9d8673fde0c81c44821de2a # v4
         with:
           node-version: 20
           cache: 'npm'
       - run: npm ci
       - name: Get changed files
         id: changed-files
-        uses: tj-actions/changed-files@4edd678ac3f81e2dc578756871e4d00c19191daf
+        uses: tj-actions/changed-files@4edd678ac3f81e2dc578756871e4d00c19191daf # 4edd678ac3f81e2dc578756871e4d00c19191daf
         with:
           sha: ${{ github.sha }}
           files: |
@@ -60,17 +60,17 @@ jobs:
     runs-on: ubuntu-latest
     timeout-minutes: 30
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
         with:
           submodules: 'recursive'
 
       # Configure Ruby to build Jekyll site
       - name: Set up Ruby
-        uses: ruby/setup-ruby@v1
+        uses: ruby/setup-ruby@6c79f721fa26dd64559c2700086ac852c18e0756 # v1
         with:
           ruby-version: .ruby-version
       - name: Ruby gem cache
-        uses: actions/cache@v4
+        uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf # v4
         with:
           path: ${{ github.workspace }}/vendor/bundle
           key: ${{ runner.os }}-gems-${{ hashFiles('**/Gemfile.lock') }}
@@ -91,12 +91,12 @@ jobs:
     runs-on: ubuntu-latest
     timeout-minutes: 30
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
         with:
           fetch-depth: 2
       - name: Get changed files
         id: changed-files
-        uses: tj-actions/changed-files@4edd678ac3f81e2dc578756871e4d00c19191daf
+        uses: tj-actions/changed-files@4edd678ac3f81e2dc578756871e4d00c19191daf # 4edd678ac3f81e2dc578756871e4d00c19191daf
         with:
           sha: ${{ github.sha }}
           files: |
@@ -110,7 +110,7 @@ jobs:
           json: true
           quotepath: false
           escape_json: false
-      - uses: mheap/vale-action@reviewdog
+      - uses: mheap/vale-action@35f7ebbad0234620f4127ddd19e38ed0f7da7dec # reviewdog
         if: steps.changed-files.outputs.any_changed == 'true'
         with:
           fail_on_error: true
@@ -127,7 +127,7 @@ jobs:
     runs-on: ubuntu-latest
     timeout-minutes: 30
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
         with:
           submodules: "recursive"
       - name: Check Unreleased label
 
@@ -11,9 +11,9 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
-        uses: actions/checkout@v4
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
       - name: Raise PR on change
-        uses: mheap/raise-pr-on-change-action@v1
+        uses: mheap/raise-pr-on-change-action@5bd79260e28f25d145f61a00cc3834c98069a30c # v1
         with:
            token: ${{ secrets.PAT }}
            configFile: ".github/raise-pr-on-change.json"
 
@@ -7,7 +7,7 @@ jobs:
     timeout-minutes: 10
     runs-on: ubuntu-latest
     steps:
-      - uses: mheap/github-action-required-labels@v5
+      - uses: mheap/github-action-required-labels@388fd6af37b34cdfe5a23b37060e763217e58b03 # v5
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
         with: