diff --git a/.github/workflows/auto-author-assign.yml b/.github/workflows/auto-author-assign.yml
index 61612cce3..2830bd585 100644
--- a/.github/workflows/auto-author-assign.yml
+++ b/.github/workflows/auto-author-assign.yml
@@ -1,14 +1,14 @@
 name: "PR Triage"
 on:
   pull_request_target:
     types: [opened, reopened, ready_for_review, locked]
 
 
 permissions:
   pull-requests: write
   contents: read
 
 jobs:
   assign-author:
-    uses: vyos/.github/.github/workflows/assign-author.yml@current
+    uses: vyos/.github/.github/workflows/assign-author.yml@circinus
     secrets: inherit
diff --git a/.github/workflows/build-package.yml b/.github/workflows/build-package.yml
index bdad7db04..e988cd28a 100644
--- a/.github/workflows/build-package.yml
+++ b/.github/workflows/build-package.yml
@@ -1,17 +1,21 @@
 name: Debian Package Build
 on:
   pull_request:
     branches:
       - circinus
+    paths:
+      - '**'
+      - '!.github/**'
+      - '!**/*.md'
 
 jobs:
   package-build:
     runs-on: ubuntu-latest
     container:
       image: vyos/vyos-build:current
       options: --sysctl net.ipv6.conf.lo.disable_ipv6=0
     steps:
       - name: Checkout
         uses: actions/checkout@v4
       - name: Build Debian package
         run: dpkg-buildpackage -uc -us -tc -b
diff --git a/.github/workflows/chceck-pr-message.yml b/.github/workflows/chceck-pr-message.yml
index fda5696c9..27da5e9fc 100644
--- a/.github/workflows/chceck-pr-message.yml
+++ b/.github/workflows/chceck-pr-message.yml
@@ -1,17 +1,17 @@
 ---
 name: Check pull request message format
 
 on:
   pull_request_target:
     branches:
       - circinus
     types: [opened, synchronize, edited]
 
 permissions:
   pull-requests: write
   contents: read
 
 jobs:
   check-pr-title:
-    uses: vyos/.github/.github/workflows/check-pr-message.yml@current
+    uses: vyos/.github/.github/workflows/check-pr-message.yml@circinus
     secrets: inherit
diff --git a/.github/workflows/check-pr-conflicts.yml b/.github/workflows/check-pr-conflicts.yml
index f09e66415..41efc4601 100644
--- a/.github/workflows/check-pr-conflicts.yml
+++ b/.github/workflows/check-pr-conflicts.yml
@@ -1,14 +1,14 @@
 
 name: "PR Conflicts checker"
 on:
   pull_request_target:
     types: [synchronize]
 
 permissions:
   pull-requests: write
   contents: read
 
 jobs:
   check-pr-conflict-call:
-    uses: vyos/.github/.github/workflows/check-pr-merge-conflict.yml@current
+    uses: vyos/.github/.github/workflows/check-pr-merge-conflict.yml@circinus
     secrets: inherit
diff --git a/.github/workflows/check-stale.yml b/.github/workflows/check-stale.yml
index 2adbee2f6..ca019eb63 100644
--- a/.github/workflows/check-stale.yml
+++ b/.github/workflows/check-stale.yml
@@ -1,13 +1,13 @@
 name: "Issue and PR stale management"
 on:
   schedule:
   - cron: "0 0 * * *"
 
 permissions:
   pull-requests: write
   contents: read
 
 jobs:
   stale:
-    uses: vyos/.github/.github/workflows/check-stale.yml@current
+    uses: vyos/.github/.github/workflows/check-stale.yml@circinus
     secrets: inherit
diff --git a/.github/workflows/check-unused-imports.yml b/.github/workflows/check-unused-imports.yml
index 29f7426ce..e1f4df11d 100644
--- a/.github/workflows/check-unused-imports.yml
+++ b/.github/workflows/check-unused-imports.yml
@@ -1,15 +1,19 @@
 name: Check for unused imports using Pylint
 on:
   pull_request_target:
     branches:
       - circinus
+    paths:
+      - '**'
+      - '!.github/**'
+      - '!**/*.md'
   workflow_dispatch:
 
 permissions:
   pull-requests: write
   contents: read
 
 jobs:
   check-unused-imports:
-    uses: vyos/.github/.github/workflows/check-unused-imports.yml@current
+    uses: vyos/.github/.github/workflows/check-unused-imports.yml@circinus
     secrets: inherit
diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
index 0a7c18ba6..c04806c5c 100644
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -1,22 +1,30 @@
 name: "Perform CodeQL Analysis"
 
 on:
   push:
     branches: [ "circinus" ]
-  pull_request:
+    paths:
+      - '**'
+      - '!.github/**'
+      - '!**/*.md'
+  pull_request_target:
     # The branches below must be a subset of the branches above
     branches: [ "circinus" ]
+    paths:
+      - '**'
+      - '!.github/**'
+      - '!**/*.md'
   schedule:
     - cron: '22 10 * * 0'
 
 permissions:
   actions: read
   contents: read
   security-events: write
 
 jobs:
   codeql-analysis-call:
-    uses: vyos/.github/.github/workflows/codeql-analysis.yml@current
+    uses: vyos/.github/.github/workflows/codeql-analysis.yml@circinus
     secrets: inherit
     with:
       languages: "['python']"
diff --git a/.github/workflows/sonarcloud.yml b/.github/workflows/sonarcloud.yml
index d59460fe2..366d47199 100644
--- a/.github/workflows/sonarcloud.yml
+++ b/.github/workflows/sonarcloud.yml
@@ -1,20 +1,28 @@
 name: Sonar Checks
 on:
   push:
     branches:
       - circinus-stream
+    paths:
+      - '**'
+      - '!.github/**'
+      - '!**/*.md'
   pull_request_target:
     types: [opened, synchronize, reopened]
+    paths:
+      - '**'
+      - '!.github/**'
+      - '!**/*.md'
 jobs:
   sonar-cloud:
     name: SonarCloud
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v3
         with:
           fetch-depth: 0  # Shallow clones should be disabled for a better relevancy of analysis
       - name: SonarCloud Scan
         uses: SonarSource/sonarcloud-github-action@master
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}  # Needed to get PR information, if any
           SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}