diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index bd70c5b..b08cc06 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -106,7 +106,7 @@ jobs:
 
       # Codecov
       - name: Codecov
-        uses: codecov/codecov-action@922d8d7b314a529f2be903c1e79ee8283c492863
+        uses: codecov/codecov-action@955f1f08ad225eafd3396525634e1211cf89485f
         env:
           CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
         with:
diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
index c2bf10a..5582ef6 100644
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -35,12 +35,12 @@ jobs:
 
       # Initializes the CodeQL tools for scanning.
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@5cdd182212d3c2e1b78ee867e1dc499ddc60c0eb
+        uses: github/codeql-action/init@9c646c24a4c8410122b0d6a1311088e9377eea95
         with:
           languages: go
 
       - name: Autobuild
-        uses: github/codeql-action/autobuild@5cdd182212d3c2e1b78ee867e1dc499ddc60c0eb
+        uses: github/codeql-action/autobuild@9c646c24a4c8410122b0d6a1311088e9377eea95
 
       - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@5cdd182212d3c2e1b78ee867e1dc499ddc60c0eb
+        uses: github/codeql-action/analyze@9c646c24a4c8410122b0d6a1311088e9377eea95
diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml
index fb7f521..d12c596 100644
--- a/.github/workflows/scorecards.yml
+++ b/.github/workflows/scorecards.yml
@@ -43,7 +43,7 @@ jobs:
           persist-credentials: false
 
       - name: "Run analysis"
-        uses: ossf/scorecard-action@da912321c221fa09cefe31859ceaad00353c14f5
+        uses: ossf/scorecard-action@bf0193107d39ac594cadc115b8761393acc7a421
         with:
           results_file: results.sarif
           results_format: sarif
@@ -61,7 +61,7 @@ jobs:
       # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
       # format to the repository Actions tab.
       - name: "Upload artifact"
-        uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b
+        uses: actions/upload-artifact@89ef406dd8d7e03cfd12d9e0a4a378f454709029
         with:
           name: SARIF file
           path: results.sarif
@@ -69,6 +69,6 @@ jobs:
 
       # required for Code scanning alerts
       - name: "Upload SARIF results to code scanning"
-        uses: github/codeql-action/upload-sarif@5cdd182212d3c2e1b78ee867e1dc499ddc60c0eb
+        uses: github/codeql-action/upload-sarif@9c646c24a4c8410122b0d6a1311088e9377eea95
         with:
           sarif_file: results.sarif