diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
index 88bc54b..c610ee8 100644
--- a/.github/workflows/ci.yaml
+++ b/.github/workflows/ci.yaml
@@ -13,7 +13,7 @@ permissions: read-all
 
 jobs:
   build:
-    uses: miracum/.github/.github/workflows/standard-build.yaml@b2389048770aa5b9ed439810bf84911fbb07f645 # v1.12.3
+    uses: miracum/.github/.github/workflows/standard-build.yaml@0c1519ab65e70ab166aa866fd298e92402b48452 # v1.12.4
     permissions:
       contents: write
       id-token: write
@@ -48,7 +48,7 @@ jobs:
           docker info -f '{{ .DriverStatus }}'
 
       - name: Checkout
-        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+        uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
 
       - name: Download container image
         if: ${{ github.event_name == 'pull_request' }}
@@ -85,7 +85,7 @@ jobs:
           docker compose down --volumes --remove-orphans
 
   lint:
-    uses: miracum/.github/.github/workflows/standard-lint.yaml@b2389048770aa5b9ed439810bf84911fbb07f645 # v1.12.3
+    uses: miracum/.github/.github/workflows/standard-lint.yaml@0c1519ab65e70ab166aa866fd298e92402b48452 # v1.12.4
     permissions:
       contents: read
       pull-requests: write
@@ -101,7 +101,7 @@ jobs:
       github-token: ${{ secrets.GITHUB_TOKEN }}
 
   release:
-    uses: miracum/.github/.github/workflows/standard-release.yaml@b2389048770aa5b9ed439810bf84911fbb07f645 # v1.12.3
+    uses: miracum/.github/.github/workflows/standard-release.yaml@0c1519ab65e70ab166aa866fd298e92402b48452 # v1.12.4
     needs:
       - build
     permissions:
diff --git a/.github/workflows/schedule.yaml b/.github/workflows/schedule.yaml
index 09ec565..31d3492 100644
--- a/.github/workflows/schedule.yaml
+++ b/.github/workflows/schedule.yaml
@@ -10,7 +10,7 @@ permissions: read-all
 
 jobs:
   schedule:
-    uses: miracum/.github/.github/workflows/standard-schedule.yaml@b2389048770aa5b9ed439810bf84911fbb07f645 # v1.12.3
+    uses: miracum/.github/.github/workflows/standard-schedule.yaml@0c1519ab65e70ab166aa866fd298e92402b48452 # v1.12.4
     permissions:
       contents: read
       issues: write
diff --git a/.github/workflows/scorecards.yaml b/.github/workflows/scorecards.yaml
index 5c37d58..fbd3d6a 100644
--- a/.github/workflows/scorecards.yaml
+++ b/.github/workflows/scorecards.yaml
@@ -33,7 +33,7 @@ jobs:
 
     steps:
       - name: "Checkout code"
-        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+        uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
         with:
           persist-credentials: false
 
@@ -68,6 +68,6 @@ jobs:
 
       # Upload the results to GitHub's code scanning dashboard.
       - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@8214744c546c1e5c8f03dde8fab3a7353211988d # v3.26.7
+        uses: github/codeql-action/upload-sarif@6db8d6351fd0be61f9ed8ebd12ccd35dcec51fea # v3.26.11
         with:
           sarif_file: results.sarif