diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
index 0adf7174..f155fcbc 100644
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -20,13 +20,13 @@ jobs:
 
     steps:
       - name: Check out code
-        uses: actions/checkout@v4.1.1
+        uses: actions/checkout@v4.1.2
 
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@v3.24.5
+        uses: github/codeql-action/init@v3.24.10
         with:
           languages: go
           queries: security-and-quality
 
       - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@v3.24.5
+        uses: github/codeql-action/analyze@v3.24.10
diff --git a/.github/workflows/go.yml b/.github/workflows/go.yml
index 0b3d7859..d4d1d99e 100644
--- a/.github/workflows/go.yml
+++ b/.github/workflows/go.yml
@@ -17,7 +17,7 @@ jobs:
       with:
         go-version: "1.18.x"
     - name: Checkout code
-      uses: actions/checkout@v4.1.1
+      uses: actions/checkout@v4.1.2
     - name: Run linters
       uses: golangci/golangci-lint-action@v4.0.0
       with:
@@ -35,7 +35,7 @@ jobs:
       with:
         go-version: "1.18.x"
     - name: Checkout code
-      uses: actions/checkout@v4.1.1
+      uses: actions/checkout@v4.1.2
     - run: go test -race ./...
     - run: go test -fuzz=. -fuzztime=30s
     - run: go test -fuzz=Plain -fuzztime=30s ./internal/charset
@@ -45,7 +45,7 @@ jobs:
   coverage:
     runs-on: ubuntu-latest
     steps:
-    - uses: actions/checkout@v4.1.1
+    - uses: actions/checkout@v4.1.2
     - name: Install Go
       if: success()
       uses: actions/setup-go@v5.0.0
@@ -53,6 +53,6 @@ jobs:
         go-version: "1.18.x"
     - name: Generate coverage
       run: go test -race -covermode=atomic -coverprofile=coverage.out
-    - uses: codecov/codecov-action@v4.0.2
+    - uses: codecov/codecov-action@v4.3.0
       with:
         files: ./coverage.out