diff --git a/.github/workflows/part_docs.yml b/.github/workflows/part_docs.yml
index e33f421..e7a25c2 100644
--- a/.github/workflows/part_docs.yml
+++ b/.github/workflows/part_docs.yml
@@ -42,7 +42,7 @@ jobs:
           GITHUB_AUTH_TOKEN: "${{ github.token}}"
       - name: Generate Docs
         run: composer run docs:generate
-      - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
+      - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0
         with:
           name: docs
           path: docs
diff --git a/.github/workflows/part_release.yml b/.github/workflows/part_release.yml
index aca8e8e..dc4ccf9 100644
--- a/.github/workflows/part_release.yml
+++ b/.github/workflows/part_release.yml
@@ -71,7 +71,7 @@ jobs:
           egress-policy: audit
 
       - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
-      - uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0
+      - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0
         with:
           name: docs
           path: docs
diff --git a/.github/workflows/part_test.yml b/.github/workflows/part_test.yml
index a1d51a7..e027612 100644
--- a/.github/workflows/part_test.yml
+++ b/.github/workflows/part_test.yml
@@ -139,7 +139,7 @@ jobs:
       - name: Run Psalm
         run: composer run test:lint -- --report=results.sarif
       - name: "Upload SARIF"
-        uses: github/codeql-action/upload-sarif@16140ae1a102900babc80a33c44059580f687047 # v4.30.9
+        uses: github/codeql-action/upload-sarif@4e94bd11f71e507f7f87df81788dff88d1dacbfb # v4.31.0
         with:
           sarif_file: results.sarif
 
diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml
index e9a485a..0762a83 100644
--- a/.github/workflows/scorecard.yml
+++ b/.github/workflows/scorecard.yml
@@ -67,7 +67,7 @@ jobs:
       # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
       # format to the repository Actions tab.
       - name: "Upload artifact"
-        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
+        uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0
         with:
           name: SARIF file
           path: results.sarif
@@ -76,6 +76,6 @@ jobs:
       # Upload the results to GitHub's code scanning dashboard (optional).
       # Commenting out will disable upload of results to your repo's Code Scanning dashboard
       - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@16140ae1a102900babc80a33c44059580f687047 # v4.30.9
+        uses: github/codeql-action/upload-sarif@4e94bd11f71e507f7f87df81788dff88d1dacbfb # v4.31.0
         with:
           sarif_file: results.sarif