diff --git a/.github/workflows/header-check.yml b/.github/workflows/header-check.yml
index fc2b9d2..dbc869f 100644
--- a/.github/workflows/header-check.yml
+++ b/.github/workflows/header-check.yml
@@ -24,7 +24,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: 'Checkout Repository'
-        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
 
       - name: Check License Header
         uses: apache/skywalking-eyes/header@main
diff --git a/.github/workflows/json-lint.yml b/.github/workflows/json-lint.yml
index 5b4c2e8..c3b32dd 100644
--- a/.github/workflows/json-lint.yml
+++ b/.github/workflows/json-lint.yml
@@ -23,7 +23,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Check out code
-        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
 
       - name: Run JSON Lint
         run: jq . gemini-extension.json
\ No newline at end of file
diff --git a/.github/workflows/markdown-checks.yml b/.github/workflows/markdown-checks.yml
index 8a3222b..0467aa4 100644
--- a/.github/workflows/markdown-checks.yml
+++ b/.github/workflows/markdown-checks.yml
@@ -24,10 +24,10 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Check out code
-        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
 
       - name: Link Checker
-        uses: lycheeverse/lychee-action@a8c4c7cb88f0c7386610c35eb25108e448569cb0 # v2.7.0
+        uses: lycheeverse/lychee-action@8646ba30535128ac92d33dfc9133794bfdd9b411 # v2.8.0
         with:
           # There is no security token. So, it would fail on any links which aren't public.
           args: "--verbose --no-progress **/*.md"
diff --git a/.github/workflows/package-and-upload-assets.yml b/.github/workflows/package-and-upload-assets.yml
index 4655fde..017fcda 100644
--- a/.github/workflows/package-and-upload-assets.yml
+++ b/.github/workflows/package-and-upload-assets.yml
@@ -39,7 +39,7 @@ jobs:
     
     steps:
       - name: Checkout code at the new tag
-        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
         with:
           ref: ${{ github.event.release.tag_name }}
 
@@ -116,7 +116,7 @@ jobs:
       contents: write
     steps:
       - name: Checkout code
-        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
 
       - name: Download all archives from workflow artifacts
         uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7
diff --git a/.github/workflows/presubmit-tests.yml b/.github/workflows/presubmit-tests.yml
index 7f0d5b5..d3743d8 100644
--- a/.github/workflows/presubmit-tests.yml
+++ b/.github/workflows/presubmit-tests.yml
@@ -22,7 +22,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Check out code
-        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
 
       - name: Install Gemini CLI
         run: npm install @google/gemini-cli