diff --git a/.github/workflows/tagpr.yml b/.github/workflows/tagpr.yml
index 342c506..a046e2e 100644
--- a/.github/workflows/tagpr.yml
+++ b/.github/workflows/tagpr.yml
@@ -29,7 +29,7 @@ jobs:
 
       - id: run-tagpr
         name: Run tagpr
-        uses: Songmu/tagpr@84850af451fc53753c6685a3a6a2af7beef23607 # v1.18.2
+        uses: Songmu/tagpr@9bbb945b2fb025126186661e27d55485e3fc6df6 # v1.18.3
 
   assets:
     needs: tagpr
@@ -53,7 +53,7 @@ jobs:
           cache: true
 
       - name: Run GoReleaser
-        uses: goreleaser/goreleaser-action@ec59f474b9834571250b370d4735c50f8e2d1e29 # v7.0.0
+        uses: goreleaser/goreleaser-action@e24998b8b67b290c2fa8b7c14fcfa7de2c5c9b8c # v7.1.0
         with:
           distribution: goreleaser
           version: latest
diff --git a/.github/workflows/trivy.yml b/.github/workflows/trivy.yml
index 0af6af1..20707d9 100644
--- a/.github/workflows/trivy.yml
+++ b/.github/workflows/trivy.yml
@@ -22,7 +22,7 @@ jobs:
           go-version-file: go.mod
 
       - name: Run trivy
-        uses: aquasecurity/trivy-action@57a97c7e7821a5776cebc9bb87c984fa69cba8f1 # 0.35.0
+        uses: aquasecurity/trivy-action@ed142fd0673e97e23eac54620cfb913e5ce36c25 # 0.36.0
         with:
           scan-type: 'fs'
           scanners: 'license'