diff --git a/.github/workflows/build-docs.yml b/.github/workflows/build-docs.yml
index 2089462..4a47602 100644
--- a/.github/workflows/build-docs.yml
+++ b/.github/workflows/build-docs.yml
@@ -6,6 +6,10 @@ on:
       - main
   workflow_dispatch:
 
+concurrency:
+  group: pages
+  cancel-in-progress: false
+
 permissions: read-all
 
 jobs:
@@ -14,6 +18,8 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
+        with:
+          persist-credentials: false
 
       - name: Setup Pages
         id: pages
@@ -21,7 +27,8 @@ jobs:
 
       - name: Install dependencies
         run: |
-          sudo apt-get install -y doxygen python3-pip graphviz
+          sudo apt-get update
+          sudo apt-get -y install doxygen python3-pip graphviz
           python3 -m pip install pip -U
           python3 -m pip install -r doc/requirements.txt
 
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 9815589..4a7a12b 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -32,10 +32,14 @@ jobs:
 
     steps:
     - name: Install packages
-      run: sudo apt install doctest-dev clang clang-tidy
+      run: |
+        sudo apt-get update
+        sudo apt-get -y install doctest-dev clang clang-tidy
       if: matrix.os == 'ubuntu-latest'
 
     - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
+      with:
+        persist-credentials: false
 
     - name: Create Build Environment
       run: cmake -E make_directory ${{github.workspace}}/build/${{ matrix.build_type }}
diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
index 577dc08..f0b7efe 100644
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -6,14 +6,15 @@ on:
   pull_request:
     # The branches below must be a subset of the branches above
     branches: [ main ]
-  # schedule:
-  #   - cron: '22 12 * * 1'
+  schedule:
+    - cron: '22 12 * * 1'
 
 jobs:
   analyze:
     name: Analyze
     runs-on: ubuntu-latest
     permissions:
+      actions: read
       contents: read
       security-events: write
 
@@ -25,6 +26,8 @@ jobs:
     steps:
     - name: Checkout repository
       uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
+      with:
+        persist-credentials: false
 
     - name: Initialize CodeQL
       uses: github/codeql-action/init@8aad20d150bbac5944a9f9d289da16a4b0d87c1e # v4.36.2
@@ -36,14 +39,14 @@ jobs:
         # queries: ./path/to/local/query, your-org/your-repo/queries@main
 
     - name: Create Build Environment
-      run: cmake -E make_directory ${{github.workspace}}/build/${{ matrix.build_type }}
+      run: cmake -E make_directory ${{github.workspace}}/build
 
     - name: Configure merklecpp
-      working-directory: ${{github.workspace}}/build/${{ matrix.build_type }}
+      working-directory: ${{github.workspace}}/build
       run: cmake -DCMAKE_BUILD_TYPE=Debug -DTESTS=ON $GITHUB_WORKSPACE
 
     - name: Build merklecpp
-      working-directory: ${{github.workspace}}/build/${{ matrix.build_type }}
+      working-directory: ${{github.workspace}}/build
       run: cmake --build . --config Debug
 
     - name: Perform CodeQL Analysis