diff --git a/.github/workflows/automatePR.yml b/.github/workflows/automatePR.yml
index 6d253d043..5858faeae 100644
--- a/.github/workflows/automatePR.yml
+++ b/.github/workflows/automatePR.yml
@@ -16,7 +16,7 @@ jobs:
       actions: write
     
     steps:
-      - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b
+      - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8
         with:
           repository: step-security/secure-workflows
     
diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
index 5cf6b74ef..b26d5ad10 100644
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -46,7 +46,7 @@ jobs:
           egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
 
       - name: Checkout repository
-        uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b
+        uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8
 
       # Initializes the CodeQL tools for scanning.
       - name: Initialize CodeQL
diff --git a/.github/workflows/int.yml b/.github/workflows/int.yml
index 75ecb663b..f194fa2b2 100644
--- a/.github/workflows/int.yml
+++ b/.github/workflows/int.yml
@@ -19,7 +19,7 @@ jobs:
         with:
           egress-policy: audit
       - name: Checkout
-        uses: actions/checkout@629c2de402a417ea7690ca6ce3f33229e27606a5
+        uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8
         with:
           fetch-depth: 0
       - name: Set up Go 
diff --git a/.github/workflows/kbanalysis.yml b/.github/workflows/kbanalysis.yml
index 78a193b6e..e84a7c9fb 100644
--- a/.github/workflows/kbanalysis.yml
+++ b/.github/workflows/kbanalysis.yml
@@ -26,7 +26,7 @@ jobs:
         with:
           egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
 
-      - uses: actions/checkout@d0651293c4a5a52e711f25b41b05b2212f385d28
+      - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8
         with:
           repository: step-security/secure-workflows
 
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index a46ae5efb..2cfd36a62 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -21,7 +21,7 @@ jobs:
         with:
           egress-policy: audit
       - name: Checkout
-        uses: actions/checkout@629c2de402a417ea7690ca6ce3f33229e27606a5
+        uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8
         with:
           fetch-depth: 0
       - name: Set up Go
diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml
index 8ae04d63b..ea05ab3dc 100644
--- a/.github/workflows/scorecards.yml
+++ b/.github/workflows/scorecards.yml
@@ -25,7 +25,7 @@ jobs:
     
     steps:
       - name: "Checkout code"
-        uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 # tag=v3.0.0
+        uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # tag=v3.0.0
         with:
           persist-credentials: false
 
diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
index f20ba4e24..3f1042d30 100644
--- a/.github/workflows/test.yml
+++ b/.github/workflows/test.yml
@@ -30,7 +30,7 @@ jobs:
             objects.githubusercontent.com:443
             golang.org:443
       - name: Checkout
-        uses: actions/checkout@629c2de402a417ea7690ca6ce3f33229e27606a5 # v2
+        uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # v2
         with:
           ref: ${{ github.event.pull_request.head.sha }}
       - name: Set up Go