diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 12ca35b..4cacc28 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -11,7 +11,7 @@ jobs:
       matrix:
         java-version: ["17", "21"]
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v6
       - uses: actions/setup-java@v4
         with:
           distribution: temurin
diff --git a/.github/workflows/release-hardening.yml b/.github/workflows/release-hardening.yml
index 2f2993b..bc3702b 100644
--- a/.github/workflows/release-hardening.yml
+++ b/.github/workflows/release-hardening.yml
@@ -14,7 +14,7 @@ jobs:
   provenance-sbom-sign:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v6
 
       - name: Package source archive
         run: |
diff --git a/.github/workflows/supply-chain.yml b/.github/workflows/supply-chain.yml
index df922ed..79be045 100644
--- a/.github/workflows/supply-chain.yml
+++ b/.github/workflows/supply-chain.yml
@@ -13,7 +13,7 @@ jobs:
       contents: read
       pull-requests: read
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v6
       - name: Dependency review
         id: dependency_review
         uses: actions/dependency-review-action@v4