diff --git a/.github/workflows/_build.yaml b/.github/workflows/_build.yaml
index 743013ad..4ead96a8 100644
--- a/.github/workflows/_build.yaml
+++ b/.github/workflows/_build.yaml
@@ -61,7 +61,7 @@ jobs:
         disable-sudo: true
 
     - name: Check out repository
-      uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
+      uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f # v4.1.3
       with:
         fetch-depth: 0
 
diff --git a/.github/workflows/_generate-rebase.yaml b/.github/workflows/_generate-rebase.yaml
index a14a2b99..016aac01 100644
--- a/.github/workflows/_generate-rebase.yaml
+++ b/.github/workflows/_generate-rebase.yaml
@@ -39,7 +39,7 @@ jobs:
         egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
 
     - name: Check out repository
-      uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
+      uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f # v4.1.3
       with:
         fetch-depth: 0
         token: ${{ secrets.REPO_ACCESS_TOKEN }}
diff --git a/.github/workflows/_wiki-documentation.yaml b/.github/workflows/_wiki-documentation.yaml
index fb61a614..19d22891 100644
--- a/.github/workflows/_wiki-documentation.yaml
+++ b/.github/workflows/_wiki-documentation.yaml
@@ -49,7 +49,7 @@ jobs:
     # Check out the repository's Wiki repo into the wiki/ folder. The token is required
     # only for private repositories.
     - name: Check out repository
-      uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
+      uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f # v4.1.3
       with:
         token: ${{ secrets.REPO_ACCESS_TOKEN }}
         repository: ${{ format('{0}.wiki', github.repository) }}
diff --git a/.github/workflows/codeql-analysis.yaml b/.github/workflows/codeql-analysis.yaml
index dd394731..6e4f0da9 100644
--- a/.github/workflows/codeql-analysis.yaml
+++ b/.github/workflows/codeql-analysis.yaml
@@ -43,7 +43,7 @@ jobs:
         disable-sudo: true
 
     - name: Checkout repository
-      uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
+      uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f # v4.1.3
 
     - name: Set up Python ${{ matrix.python }}
       uses: actions/setup-python@0a5c61591373683505ea898e09a3ea4f39ef2b9c # v5.0.0
diff --git a/.github/workflows/pr-conventional-commits.yaml b/.github/workflows/pr-conventional-commits.yaml
index faaa2113..d5d1b63f 100644
--- a/.github/workflows/pr-conventional-commits.yaml
+++ b/.github/workflows/pr-conventional-commits.yaml
@@ -22,7 +22,7 @@ jobs:
     steps:
 
     - name: Check out repository
-      uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
+      uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f # v4.1.3
       with:
         fetch-depth: 0
 
diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml
index 33ef83fc..6e7a9a35 100644
--- a/.github/workflows/release.yaml
+++ b/.github/workflows/release.yaml
@@ -36,7 +36,7 @@ jobs:
         disable-sudo: true
 
     - name: Check out repository
-      uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
+      uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f # v4.1.3
       with:
         fetch-depth: 0
         token: ${{ secrets.REPO_ACCESS_TOKEN }}
@@ -102,7 +102,7 @@ jobs:
         disable-sudo: true
 
     - name: Check out repository
-      uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
+      uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f # v4.1.3
       with:
         fetch-depth: 0
 
@@ -203,7 +203,7 @@ jobs:
         disable-sudo: true
 
     - name: Check out repository
-      uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
+      uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f # v4.1.3
       with:
         fetch-depth: 0
 
diff --git a/.github/workflows/scorecards-analysis.yaml b/.github/workflows/scorecards-analysis.yaml
index b5b84dd4..3888dc7c 100644
--- a/.github/workflows/scorecards-analysis.yaml
+++ b/.github/workflows/scorecards-analysis.yaml
@@ -32,7 +32,7 @@ jobs:
         disable-sudo: true
 
     - name: Check out repository
-      uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
+      uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f # v4.1.3
       with:
         persist-credentials: false
 
diff --git a/.github/workflows/sync-with-upstream.yaml b/.github/workflows/sync-with-upstream.yaml
index 77548e4a..7d2faf1d 100644
--- a/.github/workflows/sync-with-upstream.yaml
+++ b/.github/workflows/sync-with-upstream.yaml
@@ -21,7 +21,7 @@ jobs:
     steps:
 
     - name: Check out template repository
-      uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
+      uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f # v4.1.3
       with:
         # If you decide to change the upstream template repository to a private one, uncomment
         # the following argument to pass the required token to be able to check it out.
@@ -31,7 +31,7 @@ jobs:
         path: template
 
     - name: Check out current repository
-      uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
+      uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f # v4.1.3
       with:
         token: ${{ secrets.REPO_ACCESS_TOKEN }}
         fetch-depth: 0