diff --git a/.github/workflows/cicd.yaml b/.github/workflows/cicd.yaml
index 76f08ff..574353f 100644
--- a/.github/workflows/cicd.yaml
+++ b/.github/workflows/cicd.yaml
@@ -70,7 +70,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout default branch
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
       - name: Run setup-go
         uses: actions/setup-go@v5
         with:
@@ -101,7 +101,7 @@ jobs:
     if: needs.release-please.outputs.release_created
     steps:
       - name: Checkout default branch
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683  # v4.2.2
+        uses: actions/checkout@ff7abcd0c3c05ccf6adc123a8cd1fd4fb30fb493  # v4.2.2
         with:
           fetch-depth: 0
       - name: Fetch tags
diff --git a/.github/workflows/secops.yaml b/.github/workflows/secops.yaml
index 91a7740..ec4fd7d 100644
--- a/.github/workflows/secops.yaml
+++ b/.github/workflows/secops.yaml
@@ -21,7 +21,7 @@ jobs:
         language: [ 'go' ]
     steps:
     - name: Checkout repository
-      uses: actions/checkout@v4
+      uses: actions/checkout@v5
     - name: Initialize CodeQL
       uses: github/codeql-action/init@v3
       with:
@@ -54,7 +54,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout default branch
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
       - name: Run Trivy vulnerability scanner in fs mode
         id: trivy-scan
         uses: aquasecurity/trivy-action@0.32.0