diff --git a/.github/workflows/check-actions.yaml b/.github/workflows/check-actions.yaml
index 40102dfcf..8dddccdef 100644
--- a/.github/workflows/check-actions.yaml
+++ b/.github/workflows/check-actions.yaml
@@ -18,4 +18,4 @@ jobs:
       - name: Checkout
         uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
       - name: Ensure SHA pinned actions
-        uses: zgosalvez/github-actions-ensure-sha-pinned-actions@c481dd7047e38178bde090fef4902ea48cc89577 # v2.1.5
+        uses: zgosalvez/github-actions-ensure-sha-pinned-actions@b35f285b9bb7e80de0967367cee66d3b6d50ceca # v3.0.1
diff --git a/karpenter/add-karpenter-donot-evict/add-karpenter-donot-evict.yaml b/karpenter/add-karpenter-donot-evict/add-karpenter-donot-evict.yaml
index cced9b9a2..b2f75d1a9 100644
--- a/karpenter/add-karpenter-donot-evict/add-karpenter-donot-evict.yaml
+++ b/karpenter/add-karpenter-donot-evict/add-karpenter-donot-evict.yaml
@@ -14,7 +14,7 @@ metadata:
       If a Pod exists with the annotation `karpenter.sh/do-not-evict: true` on a Node,
       and a request is made to delete the Node, Karpenter will not drain any Pods from
       that Node or otherwise try to delete the Node. This is useful for Pods that should
-      run interrupted to completion. This policy mutates Jobs and CronJobs
+      run uninterrupted to completion. This policy mutates Jobs and CronJobs
       so that Pods spawned by them will contain the `karpenter.sh/do-not-evict: true` annotation.
 spec:
   rules:
@@ -45,4 +45,4 @@ spec:
               template:
                 metadata:
                   annotations:
-                    karpenter.sh/do-not-evict: "true"
\ No newline at end of file
+                    karpenter.sh/do-not-evict: "true"
diff --git a/karpenter/add-karpenter-donot-evict/artifacthub-pkg.yml b/karpenter/add-karpenter-donot-evict/artifacthub-pkg.yml
index 1ab10de2a..c3cb4da38 100644
--- a/karpenter/add-karpenter-donot-evict/artifacthub-pkg.yml
+++ b/karpenter/add-karpenter-donot-evict/artifacthub-pkg.yml
@@ -3,7 +3,7 @@ version: 1.0.0
 displayName: Add Karpenter Do Not Evict
 createdAt: "2023-04-10T20:11:12.000Z"
 description: >-
-  If a Pod exists with the annotation `karpenter.sh/do-not-evict: true` on a Node, and a request is made to delete the Node, Karpenter will not drain any Pods from that Node or otherwise try to delete the Node. This is useful for Pods that should run interrupted to completion. This policy mutates Jobs and CronJobs so that Pods spawned by them will contain the `karpenter.sh/do-not-evict: true` annotation.
+  If a Pod exists with the annotation `karpenter.sh/do-not-evict: true` on a Node, and a request is made to delete the Node, Karpenter will not drain any Pods from that Node or otherwise try to delete the Node. This is useful for Pods that should run uninterrupted to completion. This policy mutates Jobs and CronJobs so that Pods spawned by them will contain the `karpenter.sh/do-not-evict: true` annotation.
 install: |-
   ```shell
   kubectl apply -f https://raw.githubusercontent.com/kyverno/policies/main/karpenter/add-karpenter-donot-evict/add-karpenter-donot-evict.yaml
@@ -13,11 +13,11 @@ keywords:
   - Karpenter
   - EKS Best Practices
 readme: |
-  If a Pod exists with the annotation `karpenter.sh/do-not-evict: true` on a Node, and a request is made to delete the Node, Karpenter will not drain any Pods from that Node or otherwise try to delete the Node. This is useful for Pods that should run interrupted to completion. This policy mutates Jobs and CronJobs so that Pods spawned by them will contain the `karpenter.sh/do-not-evict: true` annotation.
+  If a Pod exists with the annotation `karpenter.sh/do-not-evict: true` on a Node, and a request is made to delete the Node, Karpenter will not drain any Pods from that Node or otherwise try to delete the Node. This is useful for Pods that should run uninterrupted to completion. This policy mutates Jobs and CronJobs so that Pods spawned by them will contain the `karpenter.sh/do-not-evict: true` annotation.
   
   Refer to the documentation for more details on Kyverno annotations: https://artifacthub.io/docs/topics/annotations/kyverno/
 annotations:
   kyverno/category: "Karpenter, EKS Best Practices"
   kyverno/kubernetesVersion: "1.23"
   kyverno/subject: "Pod"
-digest: 14e1fecc09c5d577e29540a58166cff7b0f81f63b5b48b0d6c7dd0afa137c851
+digest: cce9736174afeaba6059a9dc3b577f61a812637e199f0d0f5460caff78472402
diff --git a/other/b-d/create-default-pdb/artifacthub-pkg.yml b/other/b-d/create-default-pdb/artifacthub-pkg.yml
index 9a20829d4..3b468f883 100644
--- a/other/b-d/create-default-pdb/artifacthub-pkg.yml
+++ b/other/b-d/create-default-pdb/artifacthub-pkg.yml
@@ -1,5 +1,5 @@
 name: create-default-pdb
-version: 1.0.0
+version: 1.0.1
 displayName: Add Pod Disruption Budget
 createdAt: "2023-04-10T20:30:03.000Z"
 description: >-
@@ -13,9 +13,9 @@ keywords:
   - Sample
 readme: |
   A PodDisruptionBudget limits the number of Pods of a replicated application that are down simultaneously from voluntary disruptions. For example, a quorum-based application would like to ensure that the number of replicas running is never brought below the number needed for a quorum. As an application owner, you can create a PodDisruptionBudget (PDB) for each application. This policy will create a PDB resource whenever a new Deployment is created.
-  
+
   Refer to the documentation for more details on Kyverno annotations: https://artifacthub.io/docs/topics/annotations/kyverno/
 annotations:
   kyverno/category: "Sample"
   kyverno/subject: "Deployment"
-digest: 70923b5a8374896a7092cdda3effd04d66316bec4e41afc8c46a214806d1158d
+digest: 907d2448433a9e51ebe3836557ab0328ebb928ddd1495e04a86097495d733de2
diff --git a/other/b-d/create-default-pdb/create-default-pdb.yaml b/other/b-d/create-default-pdb/create-default-pdb.yaml
index a96c53eb5..5aafb91cf 100644
--- a/other/b-d/create-default-pdb/create-default-pdb.yaml
+++ b/other/b-d/create-default-pdb/create-default-pdb.yaml
@@ -30,6 +30,4 @@ spec:
       data:
         spec:
           minAvailable: 1
-          selector:
-            matchLabels:
-              "{{request.object.metadata.labels}}"
\ No newline at end of file
+          selector: "{{request.object.spec.selector}}"
diff --git a/other/b-d/create-default-pdb/pdb-generated.yaml b/other/b-d/create-default-pdb/pdb-generated.yaml
index 57f148b7e..65c64ee9d 100644
--- a/other/b-d/create-default-pdb/pdb-generated.yaml
+++ b/other/b-d/create-default-pdb/pdb-generated.yaml
@@ -8,4 +8,3 @@ spec:
   selector:
     matchLabels:
       app: busybox
-      foo: bar