diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml
index 8efcc31..00b1965 100644
--- a/.github/workflows/publish.yml
+++ b/.github/workflows/publish.yml
@@ -24,7 +24,7 @@ jobs:
           egress-policy: audit
 
       - name: "Checkout repository"
-        uses: "actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8"
+        uses: "actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd"
 
       - name: "Setup Python"
         uses: "actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c"
diff --git a/.github/workflows/tox.yml b/.github/workflows/tox.yml
index 1f5005f..061ed31 100644
--- a/.github/workflows/tox.yml
+++ b/.github/workflows/tox.yml
@@ -23,7 +23,7 @@ jobs:
         python-version: ['3.9', '3.10', '3.11', '3.12', '3.13']
     runs-on: ${{ matrix.os }}
     steps:
-      - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
         with:
           persist-credentials: false
       - uses: actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c # v6.0.0
@@ -39,7 +39,7 @@ jobs:
         job: [pep8, release-check]
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
         with:
           persist-credentials: false
       - uses: actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c # v6.0.0