diff --git a/.github/workflows/dynamodb.yml b/.github/workflows/dynamodb.yml
index fdfc636..8a2bd4f 100644
--- a/.github/workflows/dynamodb.yml
+++ b/.github/workflows/dynamodb.yml
@@ -19,11 +19,11 @@ concurrency:
 
 jobs:
   dynamodb-build:
-    name: "Build"
+    name: "Build DynamoDB"
     runs-on: ubuntu-latest
 
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
 
       - uses: docker/setup-qemu-action@v3
 
diff --git a/.trunk/trunk.yaml b/.trunk/trunk.yaml
index e98156c..2035a9b 100644
--- a/.trunk/trunk.yaml
+++ b/.trunk/trunk.yaml
@@ -17,6 +17,10 @@ runtimes:
     - python@3.10.8
 # This is the section where you manage your linters. (https://docs.trunk.io/check/configuration)
 lint:
+  disabled:
+    - trufflehog # Trufflehog duplicates gitleaks functionality.
+    - terrascan
+    - trivy
   enabled:
     - gitleaks@8.18.2
     - markdownlint@0.40.0
@@ -25,8 +29,6 @@ lint:
     - checkov@3.2.92
     - git-diff-check
     - prettier@3.2.5
-    - trivy@0.51.1
-    - trufflehog@3.76.2
     - yamllint@1.35.1
   definitions:
     - name: markdownlint
diff --git a/Dockerfile b/Dockerfile
index 6e6776e..390e808 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,4 +1,12 @@
+# checkov:skip=CKV_DOCKER_3 We're not adding a user
+# checkov:skip=CKV_DOCKER_7 We're just following latest.
 FROM amazon/dynamodb-local
+
+LABEL maintainer="Matthew Baggett <matthew@baggett.me>" \
+      org.label-schema.vcs-url="https://github.com/benzine-framework/docker-dynamodb" \
+      org.opencontainers.image.source="https://github.com/benzine-framework/docker-dynamodb"
+
 HEALTHCHECK --interval=5s --timeout=3s --start-period=0s --retries=5 \
     CMD curl --silent --output /dev/null http://localhost:8000/shell/
+
 CMD ["-jar", "/home/dynamodblocal/DynamoDBLocal.jar", "-inMemory"]