diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
index d21aa58..66259d1 100644
--- a/.github/workflows/main.yml
+++ b/.github/workflows/main.yml
@@ -145,7 +145,7 @@ jobs:
             GOARM="${{ matrix.go.GOARM }}"
           file ./dist/*-*-* && gzip -nv ./dist/*-*-*
       - name: "Upload artifacts"
-        uses: "actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b"
+        uses: "actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a"
         with:
           name: "dist-${{ matrix.go.GOOS }}-${{ matrix.go.GOARCH }}-${{ matrix.go.GOARM }}"
           path: "./dist/*.gz"
@@ -183,7 +183,7 @@ jobs:
             type=semver,pattern=v{{major}}.{{minor}}
             type=semver,pattern=v{{major}}
       - name: "Build and push"
-        uses: "docker/build-push-action@5176d81f87c23d6fc96624dfdbcd9f3830bbe445"
+        uses: "docker/build-push-action@5cd11c3a4ced054e52742c5fd54dca954e0edd85"
         with:
           context: "./"
           platforms: "linux/amd64,linux/arm64/v8,linux/arm/v7,linux/arm/v6,linux/riscv64,linux/ppc64le,linux/s390x"
diff --git a/.github/workflows/security-code.yml b/.github/workflows/security-code.yml
index 6f5be4a..e1d81fa 100644
--- a/.github/workflows/security-code.yml
+++ b/.github/workflows/security-code.yml
@@ -34,13 +34,13 @@ jobs:
           go-version-file: "./go.mod"
           check-latest: true
       - name: "Initialize CodeQL"
-        uses: "github/codeql-action/init@afb54ba388a7dca6ecae48f608c4ff05ff4cc77a"
+        uses: "github/codeql-action/init@2c779ab0d087cd7fe7b826087247c2c81f27bfa6"
         with:
           languages: "${{ matrix.language }}"
       - name: "Autobuild"
-        uses: "github/codeql-action/autobuild@afb54ba388a7dca6ecae48f608c4ff05ff4cc77a"
+        uses: "github/codeql-action/autobuild@2c779ab0d087cd7fe7b826087247c2c81f27bfa6"
       - name: "Perform CodeQL analysis"
-        uses: "github/codeql-action/analyze@afb54ba388a7dca6ecae48f608c4ff05ff4cc77a"
+        uses: "github/codeql-action/analyze@2c779ab0d087cd7fe7b826087247c2c81f27bfa6"
 
   analyze-gosec:
     name: "Gosec analysis"
@@ -62,6 +62,6 @@ jobs:
         with:
           args: "-no-fail -tests -fmt sarif -out ./results.sarif ./..."
       - name: "Upload SARIF file"
-        uses: "github/codeql-action/upload-sarif@afb54ba388a7dca6ecae48f608c4ff05ff4cc77a"
+        uses: "github/codeql-action/upload-sarif@2c779ab0d087cd7fe7b826087247c2c81f27bfa6"
         with:
           sarif_file: "./results.sarif"
diff --git a/.github/workflows/security-scorecard.yml b/.github/workflows/security-scorecard.yml
index 8e241e9..b2d0d41 100644
--- a/.github/workflows/security-scorecard.yml
+++ b/.github/workflows/security-scorecard.yml
@@ -29,6 +29,6 @@ jobs:
           repo_token: "${{ secrets.GITHUB_TOKEN }}"
           publish_results: false
       - name: "Upload SARIF file"
-        uses: "github/codeql-action/upload-sarif@afb54ba388a7dca6ecae48f608c4ff05ff4cc77a"
+        uses: "github/codeql-action/upload-sarif@2c779ab0d087cd7fe7b826087247c2c81f27bfa6"
         with:
           sarif_file: "./results.sarif"