diff --git a/.github/workflows/cifuzz.yml b/.github/workflows/cifuzz.yml
index c6c73bb69187..a7f3be117999 100644
--- a/.github/workflows/cifuzz.yml
+++ b/.github/workflows/cifuzz.yml
@@ -29,7 +29,7 @@ jobs:
         fuzz-seconds: 600
         dry-run: false
     - name: Upload Crash
-      uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
+      uses: actions/upload-artifact@1746f4ab65b179e0ea60a494b83293b640dd5bba # v4.3.2
       if: failure() && steps.build.outcome == 'success'
       with:
         name: artifacts
diff --git a/.github/workflows/conda.yml b/.github/workflows/conda.yml
index 21ae565d564e..a15af5b71597 100644
--- a/.github/workflows/conda.yml
+++ b/.github/workflows/conda.yml
@@ -72,7 +72,7 @@ jobs:
           source ../ci/travis/conda/compile.sh
       working-directory: ./gdal-feedstock
 
-    - uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
+    - uses: actions/upload-artifact@1746f4ab65b179e0ea60a494b83293b640dd5bba # v4.3.2
       with:
         name: ${{ matrix.platform }}-conda-package
         path: ./gdal-feedstock/packages/
diff --git a/.github/workflows/coverity_scan.yml b/.github/workflows/coverity_scan.yml
index 7f3442e7a22e..b9988ea0e6d7 100644
--- a/.github/workflows/coverity_scan.yml
+++ b/.github/workflows/coverity_scan.yml
@@ -2,10 +2,6 @@ name: coverity-scan
 
 # Controls when the action will run.
 on:
-  # Run this action on a schedule (we're allowed a maximum of two per day)
-  schedule:
-    - cron: '0 18 * * SUN' # Sunday at 18:00 UTC
-
   # Allows you to run this workflow manually from the Actions tab
   workflow_dispatch:
 
@@ -16,7 +12,7 @@ jobs:
 
   coverity_scan:
     runs-on: ubuntu-latest
-    if: github.repository == 'OSGeo/gdal'
+    if: github.repository == 'rouault/gdal'
 
     strategy:
       fail-fast: false
diff --git a/.github/workflows/coverity_scan/build.sh b/.github/workflows/coverity_scan/build.sh
index 3becfb98f422..0bd331e72085 100755
--- a/.github/workflows/coverity_scan/build.sh
+++ b/.github/workflows/coverity_scan/build.sh
@@ -26,6 +26,6 @@ curl \
     --form token=$COVERITY_SCAN_TOKEN \
     --form email=$COVERITY_SCAN_EMAIL \
     --form file=@cov-int.tgz \
-    --form version=master \
-    --form description="`git rev-parse --abbrev-ref HEAD` `git rev-parse --short HEAD`" \
+    --form version=MiraMon-Vector-driver \
+    --form description="`git rev-parse --abbrev-ref HEAD` `git rev-parse --short HEAD` (miramon driver)" \
     https://scan.coverity.com/builds?project=GDAL
diff --git a/.github/workflows/doc_build.yml b/.github/workflows/doc_build.yml
index 0de4bdd85688..0817f99ddacd 100644
--- a/.github/workflows/doc_build.yml
+++ b/.github/workflows/doc_build.yml
@@ -81,15 +81,15 @@ jobs:
     #  run: |
     #    make spelling
     #  working-directory: ./doc
-    - uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
+    - uses: actions/upload-artifact@1746f4ab65b179e0ea60a494b83293b640dd5bba # v4.3.2
       with:
         name: PDF
         path: doc/build/latex/gdal.pdf
-    - uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
+    - uses: actions/upload-artifact@1746f4ab65b179e0ea60a494b83293b640dd5bba # v4.3.2
       with:
         name: HTML
         path: doc/build/html/*
-    #- uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
+    #- uses: actions/upload-artifact@1746f4ab65b179e0ea60a494b83293b640dd5bba # v4.3.2
     #  with:
     #    name: Misspelled
     #    path: doc/build/spelling/output.txt
diff --git a/.github/workflows/linux_build.yml b/.github/workflows/linux_build.yml
index 23c409842f56..8d0940fc4875 100644
--- a/.github/workflows/linux_build.yml
+++ b/.github/workflows/linux_build.yml
@@ -332,14 +332,14 @@ jobs:
           docker push ${CONTAINER_NAME_FULL}
 
       - name: Upload coverage artifacts
-        uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
+        uses: actions/upload-artifact@1746f4ab65b179e0ea60a494b83293b640dd5bba # v4.3.2
         if: ${{ matrix.id == 'coverage' }}
         with:
           name: coverage_index.html
           path: build-${{ matrix.id }}/coverage_html/index.html
 
       - name: Upload coverage artifacts
-        uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
+        uses: actions/upload-artifact@1746f4ab65b179e0ea60a494b83293b640dd5bba # v4.3.2
         if: ${{ matrix.id == 'coverage' }}
         with:
           name: HTML
diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml
index a54584e5fbae..5e9761eae794 100644
--- a/.github/workflows/scorecard.yml
+++ b/.github/workflows/scorecard.yml
@@ -63,7 +63,7 @@ jobs:
       # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
       # format to the repository Actions tab.
       - name: "Upload artifact"
-        uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
+        uses: actions/upload-artifact@1746f4ab65b179e0ea60a494b83293b640dd5bba # v4.3.2
         with:
           name: SARIF file
           path: results.sarif