diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index 02cdca7..4ac7c80 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -18,14 +18,14 @@ on:
 
 jobs:
   build:
-    uses: felleslosninger/github-workflows/.github/workflows/ci-build-publish-image.yml@main
+    uses: felleslosninger/github-workflows/.github/workflows/ci-build-publish-image.yml@0f16cc20ceef10b00b874f0cc2a0af29738fd2c9 # main
     with:
       image-name: kundetjenester-selvbetjening-web
       application-type: docker
     secrets: inherit
 
   update-image:
-    uses: felleslosninger/github-workflows/.github/workflows/ci-call-update-image.yml@main
+    uses: felleslosninger/github-workflows/.github/workflows/ci-call-update-image.yml@0f16cc20ceef10b00b874f0cc2a0af29738fd2c9 # main
     needs: build
     with:
       application-name: selvbetjening-web
diff --git a/.github/workflows/verify.yml b/.github/workflows/verify.yml
index 272ee07..e73c38d 100644
--- a/.github/workflows/verify.yml
+++ b/.github/workflows/verify.yml
@@ -24,10 +24,10 @@ jobs:
 
     steps:
       - name: Checkout code
-        uses: actions/checkout@v4
+        uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4
 
       - name: Set up Node.js
-        uses: actions/setup-node@v4
+        uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4
         with:
           node-version: '20'
 
@@ -47,10 +47,10 @@ jobs:
 
     steps:
       - name: Checkout code
-        uses: actions/checkout@v4
+        uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4
 
       - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v3
+        uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3
 
       - name: Build Docker image
         run: docker build -t deski-frontend-test .
\ No newline at end of file
diff --git a/Dockerfile b/Dockerfile
index 5251c89..403c6af 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,4 +1,4 @@
-FROM node:24-alpine AS build
+FROM node:24-alpine@sha256:2bdb65ed1dab192432bc31c95f94155ca5ad7fc1392fb7eb7526ab682fa5bf14 AS build
 
 WORKDIR /app
 
@@ -9,7 +9,7 @@ COPY . .
 ENV NODE_ENV=production
 RUN npm run build
 
-FROM caddy:2-alpine
+FROM caddy:2-alpine@sha256:77c07d5ebfa5be9fd6c820d2094ae662c9e7eeb9bf98346b7f639900263ee2a2
 
 # Remove all capabilities from the Caddy binary to allow it to run in our
 # OpenShift cluster, which runs containers with all capabilities dropped by