diff --git a/.github/workflows/monorepo.yml b/.github/workflows/monorepo.yml
index a317260e..a976f5bc 100644
--- a/.github/workflows/monorepo.yml
+++ b/.github/workflows/monorepo.yml
@@ -26,7 +26,7 @@ jobs:
          && github.event.action == 'closed'
          && github.event.pull_request.merged == true }}
     steps:
-      - uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd #v5
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd #v5
         with:
           persist-credentials: true
           fetch-depth: 0
@@ -130,7 +130,7 @@ jobs:
       max-parallel: 1
     steps:
     - name: Checkout repository to use composite action
-      uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd #v5
+      uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd #v5
       with:
         ref: main # Only use composite action from main to prevent malicious PRs
         persist-credentials: false
diff --git a/.github/workflows/zizmor.yaml b/.github/workflows/zizmor.yaml
index 6525bd68..91b9bc27 100644
--- a/.github/workflows/zizmor.yaml
+++ b/.github/workflows/zizmor.yaml
@@ -19,7 +19,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Clone Repository
-        uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd #v5
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd #v5
         with:
           persist-credentials: false