diff --git a/.github/workflows/python-publish-pypi.yaml b/.github/workflows/python-publish-pypi.yaml
index 66da8ce..83f404a 100644
--- a/.github/workflows/python-publish-pypi.yaml
+++ b/.github/workflows/python-publish-pypi.yaml
@@ -21,10 +21,10 @@ jobs:
 
     steps:
       - name: Checkout repository
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
 
       - name: Build and inspect Python 🐍 package 📦
-        uses: hynek/build-and-inspect-python-package@73aea398b9c8de9ea9e4464c6b13cb8b1f3d6294 # v2.9.0
+        uses: hynek/build-and-inspect-python-package@efb823f52190ad02594531168b7a2d5790e66516 # v2.14.0
         with:
           attest-build-provenance-github: ${{ github.event.action == 'published' }}
 
@@ -41,12 +41,12 @@ jobs:
 
     steps:
     - name: Download dists
-      uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
+      uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7.0.0
       with:
         name: Packages
         path: dist/
 
     - name: Publish distribution 📦 to PyPI
-      uses: pypa/gh-action-pypi-publish@f7600683efdcb7656dec5b29656edb7bc586e597 # v1.10.3
+      uses: pypa/gh-action-pypi-publish@ed0c53931b1dc9bd32cbe73a98c7f6766f8a527e # v1.13.0
       with:
           print-hash: true
diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml
index ba5fdaf..9af69dd 100644
--- a/.github/workflows/tests.yml
+++ b/.github/workflows/tests.yml
@@ -14,10 +14,10 @@ jobs:
                 python-version: ["3.10", "3.11", "3.12"]
 
         steps:
-        - uses: actions/checkout@v4 # v4.2.2
+        - uses: actions/checkout@v6 # v4.2.2
 
         - name: Set up Python
-          uses: actions/setup-python@v5 # v5.3.0
+          uses: actions/setup-python@v6 # v5.3.0
           with:
             python-version: ${{ matrix.python-version }}