diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
index 61937421723c496cb127a98172c7d0b85a553d41..2ba0406afa8b3727b11f42478bc9c91d07b2b66d 100644
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -35,16 +35,16 @@ jobs:
         language: [ 'go' ]
     steps:
     - name: Checkout repository
-      uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579 #v2.4.0
+      uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579 # v2.4.0
 
     # Initializes the CodeQL tools for scanning.
     - name: Initialize CodeQL
-      uses: github/codeql-action/init@384cfc42b2131df01c009d3d2eed7b78d8e8556e #v1.0.29
+      uses: github/codeql-action/init@8b37404d562d866ad6a65d0ecb4fa5131e047ca4 # v1.0.30
       with:
         languages: ${{ matrix.language }}
 
     - name: Autobuild
-      uses: github/codeql-action/autobuild@384cfc42b2131df01c009d3d2eed7b78d8e8556e #v1.0.29
+      uses: github/codeql-action/autobuild@8b37404d562d866ad6a65d0ecb4fa5131e047ca4 # v1.0.30
 
     - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@384cfc42b2131df01c009d3d2eed7b78d8e8556e #v1.0.29
+      uses: github/codeql-action/analyze@8b37404d562d866ad6a65d0ecb4fa5131e047ca4 # v1.0.30
diff --git a/.github/workflows/scorecard_action.yml b/.github/workflows/scorecard_action.yml
index 5b8fdc29557acc2732c35b7de604caf09f92eb38..8a11bb00b5f52344af0e944d4cf6df262ac51557 100644
--- a/.github/workflows/scorecard_action.yml
+++ b/.github/workflows/scorecard_action.yml
@@ -52,6 +52,6 @@ jobs:
 
       # Upload the results to GitHub's code scanning dashboard.
       - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@384cfc42b2131df01c009d3d2eed7b78d8e8556e # v1.0.28
+        uses: github/codeql-action/upload-sarif@8b37404d562d866ad6a65d0ecb4fa5131e047ca4 # v1.0.30
         with:
           sarif_file: results.sarif