diff --git a/.github/workflows/npm-audit.yml b/.github/workflows/npm-audit.yml
index feb24ad..bc7827a 100644
--- a/.github/workflows/npm-audit.yml
+++ b/.github/workflows/npm-audit.yml
@@ -16,10 +16,12 @@ jobs:
       issues: write
     if: github.repository == 'line/line-bot-mcp-server'
     steps:
-      - uses: actions/checkout@ff7abcd0c3c05ccf6adc123a8cd1fd4fb30fb493
-      - uses: actions/setup-node@a0853c24544627f65ddf259abe73b1d18a591444
+      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+      - uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
         with:
           node-version: '24'
+          # Enable this when setup-node v5 is released
+          # package-manager-cache: false
 
       - name: Run npm audit and check diff
         id: audit
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 08da6db..9e6afd5 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -22,6 +22,8 @@ jobs:
         with:
           node-version: 24
           registry-url: 'https://registry.npmjs.org'
+          # Enable this when setup-node v5 is released, and release is broken
+          # package-manager-cache: false
       - run: npm install
       - name: Update version in package.json, package-lock.json
         run: |
diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
index e8d1501..58f4eb0 100644
--- a/.github/workflows/test.yml
+++ b/.github/workflows/test.yml
@@ -31,6 +31,8 @@ jobs:
         with:
           node-version: ${{ matrix.node }}
           cache: 'npm'
+          # Enable this when setup-node v5 is released, and release is broken
+          # package-manager-cache: false
       - name: Install Dependency
         run: npm ci
       - name: Build