diff --git a/.github/workflows/ossf_scorecard.yml b/.github/workflows/ossf_scorecard.yml
index 71e6d6c..6922894 100644
--- a/.github/workflows/ossf_scorecard.yml
+++ b/.github/workflows/ossf_scorecard.yml
@@ -29,7 +29,7 @@ jobs:
       checks: read # To detect SAST tools
     steps:
       - name: Check out the codebase
-        uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
         with:
           persist-credentials: false
 
diff --git a/.github/workflows/rename_template.yml b/.github/workflows/rename_template.yml
index 8ded55c..3714f1d 100644
--- a/.github/workflows/rename_template.yml
+++ b/.github/workflows/rename_template.yml
@@ -12,7 +12,7 @@ jobs:
       contents: write
     steps:
       - name: Check out the codebase
-        uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
 
       - name: Set $REPOSITORY_NAME
         run: echo "REPOSITORY_NAME=$(echo '${{ github.repository }}' | awk -F '/' '{print $2}' | tr '-' '_' | tr '[:upper:]' '[:lower:]')" >> $GITHUB_ENV