diff --git a/.github/workflows/build-and-publish.yaml b/.github/workflows/build-and-publish.yaml
index 95b1c04..2391e93 100644
--- a/.github/workflows/build-and-publish.yaml
+++ b/.github/workflows/build-and-publish.yaml
@@ -26,7 +26,7 @@ on:
 jobs:
   build-and-pubish:
     name: Build and publish JAR packages to Maven repository
-    uses: IABTechLab/uid2-shared-actions/.github/workflows/	shared-publish-to-maven-versioned@v2
+    uses: IABTechLab/uid2-shared-actions/.github/workflows/shared-publish-to-maven-versioned.yaml@v2
     with:
       release_type: ${{ inputs.release_type }}
       publish_to_maven: ${{ inputs.publish_to_maven }}
diff --git a/.gitignore b/.gitignore
index 2f7896d..96ef862 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1 +1,2 @@
 target/
+.idea/
diff --git a/.trivyignore b/.trivyignore
new file mode 100644
index 0000000..6ac5cb7
--- /dev/null
+++ b/.trivyignore
@@ -0,0 +1,5 @@
+# List any vulnerability that are to be accepted
+# See https://aquasecurity.github.io/trivy/v0.35/docs/vulnerability/examples/filter/
+# for more details
+# e.g.
+# CVE-2022-3996
diff --git a/pom.xml b/pom.xml
index 6fcafed..bc60f11 100644
--- a/pom.xml
+++ b/pom.xml
@@ -52,7 +52,7 @@
         <dependency>
             <groupId>com.azure</groupId>
             <artifactId>azure-security-keyvault-secrets</artifactId>
-            <version>4.7.0</version>
+            <version>4.8.2</version>
         </dependency>
         <dependency>
             <groupId>com.azure</groupId>
@@ -62,12 +62,12 @@
         <dependency>
             <groupId>ch.qos.logback</groupId>
             <artifactId>logback-core</artifactId>
-            <version>1.3.5</version>
+            <version>1.4.12</version>
         </dependency>
         <dependency>
             <groupId>ch.qos.logback</groupId>
             <artifactId>logback-classic</artifactId>
-            <version>1.3.5</version>
+            <version>1.4.12</version>
         </dependency>
         <dependency>
             <groupId>junit</groupId>