diff --git a/.github/workflows/end2end.yml b/.github/workflows/end2end.yml
index a9b3d10a8..a13f600ab 100644
--- a/.github/workflows/end2end.yml
+++ b/.github/workflows/end2end.yml
@@ -9,7 +9,7 @@ jobs:
     steps:
       - uses: actions/checkout@v4
       - name: Install poetry
-        run: pip install poetry
+        run: pip install -c pip-constraints.txt poetry
       - name: Build
         run: make build
       - name: Upload artifacts
diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml
index 88b225638..5cdfae11f 100644
--- a/.github/workflows/publish.yml
+++ b/.github/workflows/publish.yml
@@ -56,7 +56,7 @@ jobs:
     steps:
     - uses: actions/checkout@v4
     - name: Install poetry
-      run: pip install poetry
+      run: pip install -c pip-constraints.txt poetry
     - name: Set the version for this release
       run: |
         TAG_NAME=${GITHUB_REF##*/}
diff --git a/.github/workflows/qa-tests.yml b/.github/workflows/qa-tests.yml
index 8ec03aa42..cd6be6d6d 100644
--- a/.github/workflows/qa-tests.yml
+++ b/.github/workflows/qa-tests.yml
@@ -30,7 +30,7 @@ jobs:
       - name: Setup safe-chain
         run: curl -fsSL https://github.com/AikidoSec/safe-chain/releases/latest/download/install-safe-chain.sh | sh -s -- --ci
       - name: Install poetry
-        run: pip install poetry
+        run: pip install -c firewall-python/pip-constraints.txt poetry
 
       - name: Build firewall-python dev package
         run: |
diff --git a/.github/workflows/test-publish.yml b/.github/workflows/test-publish.yml
index 7ffbaa888..a5bb39ce6 100644
--- a/.github/workflows/test-publish.yml
+++ b/.github/workflows/test-publish.yml
@@ -57,7 +57,7 @@ jobs:
     steps:
     - uses: actions/checkout@v4
     - name: Install poetry
-      run: pip install poetry
+      run: pip install -c pip-constraints.txt poetry
     - name: Set the version for this release
       run: |
         TAG_NAME=${GITHUB_REF##*/}
diff --git a/Makefile b/Makefile
index e87220436..c4e75efec 100644
--- a/Makefile
+++ b/Makefile
@@ -19,7 +19,7 @@ lint:
 	poetry run black aikido_zen/
 	poetry run pylint aikido_zen/
 install: check_binaries
-	pip install poetry
+	pip install -c pip-constraints.txt poetry
 	poetry install
 .PHONY: dev_install
 dev_install: install
diff --git a/pip-constraints.txt b/pip-constraints.txt
new file mode 100644
index 000000000..8bae1d5df
--- /dev/null
+++ b/pip-constraints.txt
@@ -0,0 +1,6 @@
+charset-normalizer==3.3.2
+more-itertools==10.8.0
+certifi==2024.8.30
+urllib3==2.2.3
+idna==3.8
+requests==2.32.3