diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
index bc1fd2d3..f5278009 100644
--- a/.github/workflows/test.yml
+++ b/.github/workflows/test.yml
@@ -38,10 +38,7 @@ jobs:
           python-version-file: ".python-version"
 
       - name: Install uv
-        uses: astral-sh/setup-uv@d0cc045d04ccac9d8b7881df0226f9e82c39688e
-        with:
-          # Install a specific version of uv.
-          version: "0.8.22"
+        uses: astral-sh/setup-uv@681c641aba71e4a1c380be3ab5e12ad51f415867
 
       - name: Install the project
         run: uv sync --locked --all-extras --dev
diff --git a/Dockerfile b/Dockerfile
index 7089fca0..bd7739e2 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -2,7 +2,7 @@
 # Using a multi-stage image to create a final image without uv.
 # First, build the application in the `/app` directory.
 ARG TRUFFLEHOG_VERSION='USE_BUILD_ARG'
-FROM ghcr.io/astral-sh/uv:python3.13-bookworm-slim AS uv_builder
+FROM ghcr.io/astral-sh/uv:0.9.17-python3.13-bookworm-slim AS uv_builder
 
 # This ARG needs to be duplicated here, as the FROM statement above clears the value
 ARG TRUFFLEHOG_VERSION
diff --git a/README.md b/README.md
index 3f2d8506..15b93cf3 100644
--- a/README.md
+++ b/README.md
@@ -52,7 +52,7 @@ While developing hooks, there are multiple ways of verifying these on your local
 
 ### Running the hook command using python
 
-As the hooks are written using python, it is possible to call the python file contain the hook directly passing the same arguments the pre-commit library would pass. There is a make command `validate-hook-python` that will run this in verbose mode and write debug messages to the terminal.
+As the hooks are written using python, it is possible to call the python file containing the hook directly, passing the same arguments the pre-commit library would pass. There is a make command `validate-hook-python` that will run this in verbose mode and write debug messages to the terminal.
 
 For the run-security-scan hook, the command would look like this, where `--files` can be one or more filenames to scan: `python3 -m src.hooks.cli run_scan --verbose --files Dockerfile`
 
@@ -60,8 +60,8 @@ For the run-security-scan hook, the command would look like this, where `--files
 
 As the hooks are run using a docker image within other repositories, it is a good idea to test your changes by building and running them using a local docker image.
 There is a make command for each of the hooks, that will build and run that hook for you with the correct arguments.
-For the run hook it is `run-hook-docker`.
-For the validate hook it is `validate-hook-docker`.
+For the run hook it is `make run-hook-docker`.
+For the validate hook it is `make validate-hook-docker`.
 
 ## Testing hooks from an external repository
 
diff --git a/pyproject.toml b/pyproject.toml
index abbefdb0..510e2cf8 100644
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -47,6 +47,7 @@ namespaces = false
 
 [tool.uv]
 package = true
+required-version = "==0.9.17"
 
 [tool.ruff]
 line-length = 125