diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
index 9eefbf2..15049b7 100644
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -48,7 +48,7 @@ jobs:
 
     steps:
     - name: Checkout repository
-      uses: actions/checkout@v6
+      uses: actions/checkout@v6.0.0
 
     # Initializes the CodeQL tools for scanning.
     - name: Initialize CodeQL
diff --git a/.github/workflows/push_gem.yml b/.github/workflows/push_gem.yml
index 62fc463..ea42d1d 100644
--- a/.github/workflows/push_gem.yml
+++ b/.github/workflows/push_gem.yml
@@ -27,7 +27,7 @@ jobs:
         with:
           egress-policy: audit
 
-      - uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
+      - uses: actions/checkout@c2d88d3ecc89a9ef08eebf45d9637801dcee7eb5 # v5.0.1
 
       - name: Set up Ruby
         uses: ruby/setup-ruby@d5126b9b3579e429dd52e51e68624dda2e05be25 # v1.267.0
diff --git a/.github/workflows/sync-ruby.yml b/.github/workflows/sync-ruby.yml
index 78e94eb..fa68ec6 100644
--- a/.github/workflows/sync-ruby.yml
+++ b/.github/workflows/sync-ruby.yml
@@ -8,7 +8,7 @@ jobs:
     runs-on: ubuntu-latest
     if: ${{ github.repository_owner == 'ruby' }}
     steps:
-      - uses: actions/checkout@v6
+      - uses: actions/checkout@v6.0.0
 
       - name: Create GitHub App token
         id: app-token
diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
index 8f5ddf1..a226dc4 100644
--- a/.github/workflows/test.yml
+++ b/.github/workflows/test.yml
@@ -28,7 +28,7 @@ jobs:
           - { os: windows-latest, ruby: jruby }
     runs-on: ${{ matrix.os }}
     steps:
-    - uses: actions/checkout@v6
+    - uses: actions/checkout@v6.0.0
     - name: Set up Ruby
       uses: ruby/setup-ruby@v1
       with: