diff --git a/.github/workflows/code-quality.yml b/.github/workflows/code-quality.yml
index 39bab8b..9d6728f 100644
--- a/.github/workflows/code-quality.yml
+++ b/.github/workflows/code-quality.yml
@@ -37,14 +37,14 @@ jobs:
 
     steps:
       - name: Checkout repository
-        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
+        uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
         with:
           # Do not store git credentials in .git -> could be leaked/exposed by infected/malicious action.
           persist-credentials: false
 
       # Setup PHP with Composer and cs2pr
       - name: Setup PHP and tools
-        uses: shivammathur/setup-php@7c071dfe9dc99bdf297fa79cb49ea005b9fcadbc # v2.37.1
+        uses: shivammathur/setup-php@f3e473d116dcccaddc5834248c87452386958240 # v2.37.2
         with:
           php-version: ${{ matrix.php }}
           tools: composer:v2, cs2pr
diff --git a/.github/workflows/composer-diff.yml b/.github/workflows/composer-diff.yml
index 8746c87..69008e5 100644
--- a/.github/workflows/composer-diff.yml
+++ b/.github/workflows/composer-diff.yml
@@ -23,14 +23,14 @@ jobs:
       pull-requests: write # needed for sticky-pull-request-comment to post/update PR comments
     steps:
       - name: Checkout repository
-        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
+        uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
         with:
           fetch-depth: 0 # Required for IonBazan/composer-diff-action
           # Do not store git credentials in .git -> could be leaked/exposed by infected/malicious action.
           persist-credentials: false
 
       - name: Setup PHP and tools
-        uses: shivammathur/setup-php@7c071dfe9dc99bdf297fa79cb49ea005b9fcadbc # v2.37.1
+        uses: shivammathur/setup-php@f3e473d116dcccaddc5834248c87452386958240 # v2.37.2
         with:
           php-version: 8.3
           tools: composer:v2
diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml
index 5875878..7869bed 100644
--- a/.github/workflows/tests.yml
+++ b/.github/workflows/tests.yml
@@ -33,13 +33,13 @@ jobs:
 
     steps:
       - name: Checkout repository
-        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
+        uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
         with:
           # Do not store git credentials in .git -> could be leaked/exposed by infected/malicious action.
           persist-credentials: false
 
       - name: Setup PHP and tools
-        uses: shivammathur/setup-php@7c071dfe9dc99bdf297fa79cb49ea005b9fcadbc # v2.37.1
+        uses: shivammathur/setup-php@f3e473d116dcccaddc5834248c87452386958240 # v2.37.2
         with:
           php-version: ${{ matrix.php }}
           tools: composer:v2