diff --git a/.github/workflows/analyze.yml b/.github/workflows/analyze.yml
index 4a4dbd02..c5764c3f 100644
--- a/.github/workflows/analyze.yml
+++ b/.github/workflows/analyze.yml
@@ -21,7 +21,7 @@ jobs:
         python-version: ['3.14']
 
     steps:
-    - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8
+    - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
     - name: Set up Python ${{ matrix.python-version }}
       uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548
       with:
diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
index 26d36894..b0182ffb 100644
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -28,7 +28,7 @@ jobs:
 
     steps:
     - name: Checkout repository
-      uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8
+      uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
 
     - name: Initialize CodeQL
       uses: github/codeql-action/init@cf1bb45a277cb3c205638b2cd5c984db1c46a412
diff --git a/.github/workflows/security-check.yml b/.github/workflows/security-check.yml
index 67983a0e..044844ac 100644
--- a/.github/workflows/security-check.yml
+++ b/.github/workflows/security-check.yml
@@ -22,7 +22,7 @@ jobs:
         python-version: ['3.13']
 
     steps:
-    - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8
+    - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
     - name: Set up Python ${{ matrix.python-version }}
       uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548
       with:
diff --git a/.github/workflows/semgrep.yml b/.github/workflows/semgrep.yml
index c7de4754..d8217b8d 100644
--- a/.github/workflows/semgrep.yml
+++ b/.github/workflows/semgrep.yml
@@ -21,6 +21,6 @@ jobs:
       image: returntocorp/semgrep
     if: (github.actor != 'dependabot[bot]')
     steps:
-      - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
         # It takes some time to scan "vermin/rules.py". More than the default 30s timeout.
       - run: semgrep ci --timeout 120 --verbose
diff --git a/.github/workflows/snyk-schedule.yml b/.github/workflows/snyk-schedule.yml
index 9d4b49b7..cb74be29 100644
--- a/.github/workflows/snyk-schedule.yml
+++ b/.github/workflows/snyk-schedule.yml
@@ -16,7 +16,7 @@ jobs:
         requirements: [analysis, coverage]
 
     steps:
-      - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
 
       - name: Set up Python
         uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548
diff --git a/.github/workflows/snyk.yml b/.github/workflows/snyk.yml
index 8449348d..f4904acd 100644
--- a/.github/workflows/snyk.yml
+++ b/.github/workflows/snyk.yml
@@ -16,7 +16,7 @@ jobs:
         requirements: [analysis, coverage]
 
     steps:
-      - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
 
       - name: Set up Python
         uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548
diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
index abe2f5be..b8892207 100644
--- a/.github/workflows/test.yml
+++ b/.github/workflows/test.yml
@@ -82,7 +82,7 @@ jobs:
             python-version: 3.7
 
     steps:
-    - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8
+    - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
     - name: Set up Python ${{ matrix.python-version }}
       uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548
       with: