diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index e2cc0f4..5a8f82a 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -11,7 +11,7 @@ jobs:
       matrix:
         python-version: ["3.10", "3.11", "3.12"]
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v6
       - uses: actions/setup-python@v5
         with:
           python-version: ${{ matrix.python-version }}
diff --git a/.github/workflows/release-hardening.yml b/.github/workflows/release-hardening.yml
index 2f2993b..bc3702b 100644
--- a/.github/workflows/release-hardening.yml
+++ b/.github/workflows/release-hardening.yml
@@ -14,7 +14,7 @@ jobs:
   provenance-sbom-sign:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v6
 
       - name: Package source archive
         run: |
diff --git a/.github/workflows/supply-chain.yml b/.github/workflows/supply-chain.yml
index df922ed..79be045 100644
--- a/.github/workflows/supply-chain.yml
+++ b/.github/workflows/supply-chain.yml
@@ -13,7 +13,7 @@ jobs:
       contents: read
       pull-requests: read
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v6
       - name: Dependency review
         id: dependency_review
         uses: actions/dependency-review-action@v4