diff --git a/.github/workflows/codeql.yaml b/.github/workflows/codeql.yaml
index 3d0af936..a2bc4dec 100644
--- a/.github/workflows/codeql.yaml
+++ b/.github/workflows/codeql.yaml
@@ -26,7 +26,7 @@ jobs:
           egress-policy: audit
 
       - name: Checkout repository
-        uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
 
       - name: Initialize CodeQL
         uses: github/codeql-action/init@b2c19fb9a2a485599ccf4ed5d65527d94bc57226
diff --git a/.github/workflows/create-release.yml b/.github/workflows/create-release.yml
index 685bc77a..a1433218 100644
--- a/.github/workflows/create-release.yml
+++ b/.github/workflows/create-release.yml
@@ -18,7 +18,7 @@ jobs:
 
       - name: Checkout
       # pinning to the sha ec3a7ce113134d7a93b817d10a8272cb61118579 from https://github.com/actions/checkout/releases/tag/v2.4.0
-        uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
         with:
           fetch-depth: 0
       # pinning to the sha b953231f81b8dfd023c58e0854a721e35037f28b from https://github.com/goreleaser/goreleaser-action/releases/tag/v2.9.1
diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml
index 03d51f22..5c68d9a4 100644
--- a/.github/workflows/dependency-review.yml
+++ b/.github/workflows/dependency-review.yml
@@ -22,6 +22,6 @@ jobs:
           egress-policy: audit
 
       - name: 'Checkout Repository'
-        uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
       - name: 'Dependency Review'
         uses: actions/dependency-review-action@0efb1d1d84fc9633afcdaad14c485cbbc90ef46c # v2.5.1
diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml
index 7ca22ca6..a0aed602 100644
--- a/.github/workflows/scorecards.yml
+++ b/.github/workflows/scorecards.yml
@@ -36,7 +36,7 @@ jobs:
           egress-policy: audit
 
       - name: "Checkout code"
-        uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
         with:
           persist-credentials: false