diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index 05eb976..6d5f878 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -18,7 +18,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout branch
-        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
         with:
           ref: ${{ inputs.target }}
           submodules: recursive
diff --git a/.github/workflows/harden-ci-security.yml b/.github/workflows/harden-ci-security.yml
index 3c5de84..debe8bf 100644
--- a/.github/workflows/harden-ci-security.yml
+++ b/.github/workflows/harden-ci-security.yml
@@ -14,7 +14,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout code
-        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
         with:
           ref: ${{ inputs.target }}
       - name: Ensure all actions are pinned to a specific commit
diff --git a/.github/workflows/run-tests.yml b/.github/workflows/run-tests.yml
index c082c4f..43b9116 100644
--- a/.github/workflows/run-tests.yml
+++ b/.github/workflows/run-tests.yml
@@ -14,7 +14,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout branch
-        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
         with:
           repository: ${{ inputs.repository }}
           ref: ${{ inputs.target }}