diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index c37040a..19c7946 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -28,13 +28,13 @@ jobs:
         with:
           fetch-depth: 0
       - name: Setup Go
-        uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32
+        uses: actions/setup-go@b26d40294f8ad76fcc90b915dac85892322fe62d
         with:
           go-version-file: ./go.mod
 
       # Linting
       - name: Linting
-        uses: golangci/golangci-lint-action@0ad4b724048089dc46bb90eddab6dbbcb4fe49a2
+        uses: golangci/golangci-lint-action@cb36b7b064e48e277c8873c559e758f67ec455b1
         with:
           version: latest
           args: --config=./.github/.golangci.yml ./...
@@ -63,7 +63,7 @@ jobs:
         with:
           fetch-depth: 0
       - name: Setup Go
-        uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32
+        uses: actions/setup-go@b26d40294f8ad76fcc90b915dac85892322fe62d
         with:
           go-version: ${{ matrix.go }}
 
@@ -96,7 +96,7 @@ jobs:
         with:
           fetch-depth: 0
       - name: Setup Go
-        uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32
+        uses: actions/setup-go@b26d40294f8ad76fcc90b915dac85892322fe62d
         with:
           go-version-file: ./go.mod
 
@@ -106,7 +106,7 @@ jobs:
 
       # Codecov
       - name: Codecov
-        uses: codecov/codecov-action@2439dfc05cd9e2e64113700688413fcdb07527d8
+        uses: codecov/codecov-action@4b21c320b5517fc6ffd4406a28e66325c721dc20
         env:
           CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
         with:
diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
index 44f7b91..e042ec4 100644
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -35,12 +35,12 @@ jobs:
 
       # Initializes the CodeQL tools for scanning.
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@a895f2e1b5e62f11af85a45bee736f4e3901a87e
+        uses: github/codeql-action/init@821ab42c90a42d1d5cd3241930dff56a7c7dcfb2
         with:
           languages: go
 
       - name: Autobuild
-        uses: github/codeql-action/autobuild@a895f2e1b5e62f11af85a45bee736f4e3901a87e
+        uses: github/codeql-action/autobuild@821ab42c90a42d1d5cd3241930dff56a7c7dcfb2
 
       - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@a895f2e1b5e62f11af85a45bee736f4e3901a87e
+        uses: github/codeql-action/analyze@821ab42c90a42d1d5cd3241930dff56a7c7dcfb2
diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml
index a9de3ac..7c3dd78 100644
--- a/.github/workflows/scorecards.yml
+++ b/.github/workflows/scorecards.yml
@@ -61,7 +61,7 @@ jobs:
       # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
       # format to the repository Actions tab.
       - name: "Upload artifact"
-        uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a
+        uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874
         with:
           name: SARIF file
           path: results.sarif
@@ -69,6 +69,6 @@ jobs:
 
       # required for Code scanning alerts
       - name: "Upload SARIF results to code scanning"
-        uses: github/codeql-action/upload-sarif@a895f2e1b5e62f11af85a45bee736f4e3901a87e
+        uses: github/codeql-action/upload-sarif@821ab42c90a42d1d5cd3241930dff56a7c7dcfb2
         with:
           sarif_file: results.sarif