diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 0f287c0..590233b 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -55,13 +55,13 @@ jobs:
 
       - name: Parse CHANGELOG.md
         id: parse-changelog
-        uses: schwma/parse-changelog-action@69a9f9ab4cf2f2e736108ab41396fc3c55f65e40 # v1.0.0
+        uses: schwma/parse-changelog-action@1c2b2005ccf594cc3a45d33c10af4ab924d3a1c5 # v1.2.0
         with:
           version: '${{ steps.get-version.outputs.version }}'
           title-regex: '^##\s+\[\d.*$'
 
       - name: Create a GitHub release
         if: ${{ github.event.inputs.dry-run != 'true' }}
-        uses: ncipollo/release-action@b7eabc95ff50cbeeedec83973935c8f306dfcd0b # v1.20.0
+        uses: ncipollo/release-action@339a81892b84b4eeb0f6e744e4574d79d0d9b8dd # v1.21.0
         with:
           tag: 'v${{ steps.get-version.outputs.version }}'
diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
index 4b4ced0..588c45d 100644
--- a/.github/workflows/test.yml
+++ b/.github/workflows/test.yml
@@ -30,7 +30,7 @@ jobs:
 
       - name: Sonar Scan
         if: matrix.version == 22
-        uses: SonarSource/sonarqube-scan-action@26c51824c8330b026f261a3205f94958d4b1bc5c # v4.2.0
+        uses: SonarSource/sonarqube-scan-action@689fb39b34b9aa95ebc5f8f119343ddd51542402 # v4.2.2
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
           SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}