diff --git a/.devcontainer/devcontainer.json b/.devcontainer/devcontainer.json
index 5e8b5342..771b5b93 100644
--- a/.devcontainer/devcontainer.json
+++ b/.devcontainer/devcontainer.json
@@ -61,6 +61,7 @@
         }
       }
     },
+    "remoteEnv": { "LOCAL_WORKSPACE_FOLDER": "${localWorkspaceFolder}" },
     "postCreateCommand": "rm -f ~/.docker/config.json; git config --global --add safe.directory /workspaces/eps-FHIR-validator-lambda; make install"
     // "features": {},
     // Use 'forwardPorts' to make a list of ports inside the container available locally.
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 5264adcf..d6437da9 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -9,7 +9,7 @@ env:
 
 jobs:
   quality_checks:
-    uses: NHSDigital/eps-workflow-quality-checks/.github/workflows/quality-checks.yml@v4.0.0
+    uses: NHSDigital/eps-workflow-quality-checks/.github/workflows/quality-checks.yml@v4.0.5
     secrets:
       SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
     with:
diff --git a/.github/workflows/pull_request.yml b/.github/workflows/pull_request.yml
index d10a0a39..40927731 100644
--- a/.github/workflows/pull_request.yml
+++ b/.github/workflows/pull_request.yml
@@ -9,7 +9,7 @@ env:
 
 jobs:
   quality_checks:
-    uses: NHSDigital/eps-workflow-quality-checks/.github/workflows/quality-checks.yml@v4.0.0
+    uses: NHSDigital/eps-workflow-quality-checks/.github/workflows/quality-checks.yml@v4.0.5
     secrets:
       SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
     with:
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 58292724..c4fb9ba9 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -8,7 +8,7 @@ env:
 
 jobs:
   quality_checks:
-    uses: NHSDigital/eps-workflow-quality-checks/.github/workflows/quality-checks.yml@v4.0.0
+    uses: NHSDigital/eps-workflow-quality-checks/.github/workflows/quality-checks.yml@v4.0.5
     secrets:
       SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
     with:
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
index caedd14f..dd206411 100644
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@@ -21,6 +21,15 @@ repos:
     hooks:
       - id: flake8
 
-
+  - repo: local
+    hooks:
+      - id: git-secrets
+        name: Git Secrets
+        description: git-secrets scans commits, commit messages, and --no-ff merges to prevent adding secrets into your git repositories.
+        entry: bash
+        args:
+          - -c
+          - 'docker run -v "$LOCAL_WORKSPACE_FOLDER:/src" git-secrets --pre_commit_hook'
+        language: system
 fail_fast: true
 default_stages: [commit]
diff --git a/pom.xml b/pom.xml
index 57dadcb5..fe56a7cc 100644
--- a/pom.xml
+++ b/pom.xml
@@ -23,6 +23,7 @@
         <fasterxml.version>2.18.2</fasterxml.version>
         <sonar.organization>nhsdigital</sonar.organization>
         <sonar.host.url>https://sonarcloud.io</sonar.host.url>
+        <sonar.projectKey>NHSDigital_eps-FHIR-validator-lambda</sonar.projectKey>
         <aspectj.version>1.9.22.1</aspectj.version>
     </properties>
     <dependencyManagement>