diff --git a/.github/workflows/action_compliance.yaml b/.github/workflows/action_compliance.yaml
index 7fad8b0d98..a66db3fd27 100644
--- a/.github/workflows/action_compliance.yaml
+++ b/.github/workflows/action_compliance.yaml
@@ -14,7 +14,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: checkout
-        uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
       - name: Ensure SHA pinned actions
         uses: zgosalvez/github-actions-ensure-sha-pinned-actions@0901cf7b71c7ea6261ec69a3dc2bd3f9264f893e # v3.0.12
         with:
@@ -25,7 +25,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: checkout
-        uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
       - name: check-missing-teardown
         run: .github/workflows/scripts/teardown-check.sh
       - name: actionlint
diff --git a/.github/workflows/commit_compliance.yml b/.github/workflows/commit_compliance.yml
index 9d7736636a..46f28ea889 100644
--- a/.github/workflows/commit_compliance.yml
+++ b/.github/workflows/commit_compliance.yml
@@ -19,7 +19,7 @@ jobs:
           checkAllCommitMessages: 'true' # optional: this checks all commits associated with a pull request
           accessToken: ${{ secrets.GITHUB_TOKEN }} # github access token is only required if checkAllCommitMessages is true
       - name: checkout
-        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
       - name: linelint
         uses: fernandrone/linelint@8136e0fa9997122d80f5f793e0bb9a45e678fbb1 # 0.0.4
         id: linelint
diff --git a/.github/workflows/docker_compliance.yml b/.github/workflows/docker_compliance.yml
index 832b5fab76..d28b8c6587 100644
--- a/.github/workflows/docker_compliance.yml
+++ b/.github/workflows/docker_compliance.yml
@@ -16,7 +16,7 @@ jobs:
     container:
       image: hadolint/hadolint@sha256:27173fe25e062448490a32de410c08491c626a0bef360aa2ce5d5bdd9384b50d #2.12.0-debian
     steps:
-      - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
 
       - name: Lint All Dockerfiles (except third_party)
         run: find  . -name "*Dockerfile*" -not -path "./third_party/*" -exec hadolint -V {} \;