diff --git a/.github/workflows/devskim.yml b/.github/workflows/devskim.yml
index 2c7f049..ffffb86 100644
--- a/.github/workflows/devskim.yml
+++ b/.github/workflows/devskim.yml
@@ -18,14 +18,14 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout repository
-        uses: actions/checkout@v4
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683  # v4.2.2
 
       - name: Run DevSkim scanner
-        uses: microsoft/DevSkim-Action@v1
+        uses: microsoft/DevSkim-Action@bff32d3fc4b03f2e10a3c39db0909a71b2a29f06  # v1.0
         with:
           directory-to-scan: .
 
       - name: Upload DevSkim SARIF file
-        uses: github/codeql-action/upload-sarif@v3
+        uses: github/codeql-action/upload-sarif@c7d0eebf0efb81753d773b54ee46f4278db8ab5d  # v3.25.12
         with:
           sarif_file: devskim-results.sarif