diff --git a/.github/workflows/build-unified.yml b/.github/workflows/build-unified.yml
index 9d9d4ca..a674e94 100644
--- a/.github/workflows/build-unified.yml
+++ b/.github/workflows/build-unified.yml
@@ -35,14 +35,14 @@ jobs:
     steps:
       - name: Checkout Repository - workflow_call
         if: ${{ inputs.is_workflow_call == true }}
-        uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0
+        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
         with:
           repository: bitwarden/self-host
           ref: master
 
       - name: Checkout Repository - workflow_dispatch
         if: ${{ inputs.is_workflow_call != true }}
-        uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0
+        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
 
       - name: Get server branch to checkout
         id: server-branch-name
@@ -138,7 +138,7 @@ jobs:
           fi
 
       - name: Checkout server repo
-        uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0
+        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
         with:
           repository: bitwarden/server
           token: ${{ steps.retrieve-secret-pat.outputs.github-pat-bitwarden-devops-bot-repo-scope }}
diff --git a/.github/workflows/release-digital-ocean.yml b/.github/workflows/release-digital-ocean.yml
index 2335a24..255aa2b 100644
--- a/.github/workflows/release-digital-ocean.yml
+++ b/.github/workflows/release-digital-ocean.yml
@@ -54,7 +54,7 @@ jobs:
 
       - name: Install doctl
         if: ${{ github.event_name != 'release' && github.event_name != 'workflow_dispatch' }}
-        uses: digitalocean/action-doctl@ba7726ed64a9c5eb774152b1ea03bf67ee81ad6e # v2.3.0
+        uses: digitalocean/action-doctl@e5cb5b0cde9789f79c5115c2c4d902f38a708804 # v2.5.0
         with:
           token: ${{ steps.retrieve-secrets.outputs.digital-ocean-api-key }}
 
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 5dea06a..467e527 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -78,7 +78,7 @@ jobs:
 
       - name: Create release
         if: ${{ github.event.inputs.release_type != 'Dry Run' }}
-        uses: ncipollo/release-action@a2e71bdd4e7dab70ca26a852f29600c98b33153e # v1.12.0
+        uses: ncipollo/release-action@6c75be85e571768fa31b40abf38de58ba0397db5 # v1.13.0
         with:
           artifacts: 'bitwarden.sh,
                       run.sh,
@@ -105,7 +105,7 @@ jobs:
           ref: master
 
       - name: Login to Azure - CI Subscription
-        uses: Azure/login@92a5484dfaf04ca78a94597f4f19fea633851fa2 # v1.4.6
+        uses: Azure/login@92a5484dfaf04ca78a94597f4f19fea633851fa2 # v1.4.7
         with:
           creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }}
 
diff --git a/.github/workflows/update-links.yml b/.github/workflows/update-links.yml
index 74b8eda..71b113c 100644
--- a/.github/workflows/update-links.yml
+++ b/.github/workflows/update-links.yml
@@ -16,7 +16,7 @@ jobs:
     runs-on: ubuntu-22.04
     steps:
       - name: Login to Azure - CI Subscription
-        uses: Azure/login@92a5484dfaf04ca78a94597f4f19fea633851fa2 # v1.4.6
+        uses: Azure/login@92a5484dfaf04ca78a94597f4f19fea633851fa2 # v1.4.7
         with:
           creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }}