diff --git a/.github/workflows/build_and_publish.yml b/.github/workflows/build_and_publish.yml
index eb926354..3fab820b 100644
--- a/.github/workflows/build_and_publish.yml
+++ b/.github/workflows/build_and_publish.yml
@@ -11,7 +11,7 @@ jobs:
     runs-on: [matterlabs-ci-runner]
 
     steps:
-      - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4
+      - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4
       - name: Set up Docker Build
         uses: docker/setup-buildx-action@v3
 
diff --git a/.github/workflows/cargo-deny.yml b/.github/workflows/cargo-deny.yml
index 985e586a..52d5c9ed 100644
--- a/.github/workflows/cargo-deny.yml
+++ b/.github/workflows/cargo-deny.yml
@@ -23,7 +23,7 @@ jobs:
     continue-on-error: ${{ matrix.checks == 'advisories' }}
 
     steps:
-      - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4
+      - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4
       - uses: EmbarkStudios/cargo-deny-action@v1
         with:
           command: check ${{ matrix.checks }}
diff --git a/.github/workflows/check-spelling.yml b/.github/workflows/check-spelling.yml
index c3ef00a4..ecf98f9f 100644
--- a/.github/workflows/check-spelling.yml
+++ b/.github/workflows/check-spelling.yml
@@ -19,7 +19,7 @@ jobs:
         with:
           tool: cargo-spellcheck
           
-      - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4
+      - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4
 
       - name: Run cargo-spellcheck
         run: cargo spellcheck --cfg=.github/spellcheck/finalizer.cfg --code 1
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 5d188717..15f6f38e 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -20,7 +20,7 @@ jobs:
     runs-on: [matterlabs-ci-runner]
 
     steps:
-      - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4
+      - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4
 
       - name: Install stable toolchain
         uses: actions-rs/toolchain@v1
diff --git a/.github/workflows/secrets_scanner.yaml b/.github/workflows/secrets_scanner.yaml
index 957ad8bc..a6764feb 100644
--- a/.github/workflows/secrets_scanner.yaml
+++ b/.github/workflows/secrets_scanner.yaml
@@ -7,7 +7,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout code
-        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4
+        uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4
         with:
           fetch-depth: 0
       - name: TruffleHog OSS