diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
index 7e1f5ba8..ff75c84b 100644
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -51,7 +51,7 @@ jobs:
       with:
         fetch-depth: 0
     - name: 🎰 initialize CodeQL
-      uses: github/codeql-action/init@v3
+      uses: github/codeql-action/init@v4
       with:
         languages: ${{ matrix.language }}
     - name: 🏗️ build
@@ -62,6 +62,6 @@ jobs:
           throw "dotnet build failed with exit code $LastExitCode"
         }
     - name: 🔬 analyze with CodeQL
-      uses: github/codeql-action/analyze@v3
+      uses: github/codeql-action/analyze@v4
       with:
         category: '/language:${{ matrix.language }}'
diff --git a/.github/workflows/qodana.yml b/.github/workflows/qodana.yml
index bbe0aeb9..300ab7df 100644
--- a/.github/workflows/qodana.yml
+++ b/.github/workflows/qodana.yml
@@ -78,7 +78,7 @@ jobs:
           QODANA_TOKEN: ${{ secrets.QODANA_TOKEN }}
           QODANA_ENDPOINT: 'https://qodana.cloud'
       - name: 📊 upload sarif file for GitHub Advanced Security Dashboard
-        uses: github/codeql-action/upload-sarif@v3
+        uses: github/codeql-action/upload-sarif@v4
         with:
           sarif_file: ${{ runner.temp }}/qodana/results/qodana.sarif.json
         if: ${{ always() }}
diff --git a/.github/workflows/semgrep.yml b/.github/workflows/semgrep.yml
index 4c0a5240..0bc83d6d 100644
--- a/.github/workflows/semgrep.yml
+++ b/.github/workflows/semgrep.yml
@@ -48,7 +48,7 @@ jobs:
         env:
           SEMGREP_APP_TOKEN: ${{ secrets.SEMGREP_APP_TOKEN }}
       - name: 📊 upload sarif file for GitHub Advanced Security Dashboard
-        uses: github/codeql-action/upload-sarif@v3
+        uses: github/codeql-action/upload-sarif@v4
         with:
           sarif_file: semgrep.sarif
         if: ${{ always() }}
diff --git a/.github/workflows/snyk.yml b/.github/workflows/snyk.yml
index 0d15e371..e4e59906 100644
--- a/.github/workflows/snyk.yml
+++ b/.github/workflows/snyk.yml
@@ -68,7 +68,7 @@ jobs:
           args: --all-projects --exclude=Objectivity.AutoFixture.XUnit2.AutoFakeItEasy.Tests,Objectivity.AutoFixture.XUnit2.AutoMoq.Tests,Objectivity.AutoFixture.XUnit2.AutoNSubstitute.Tests,Objectivity.AutoFixture.XUnit2.Core.Tests
           command: monitor
       - name: 📊 upload sarif file for GitHub Advanced Security Dashboard
-        uses: github/codeql-action/upload-sarif@v3
+        uses: github/codeql-action/upload-sarif@v4
         with:
           sarif_file: snyk
         if: ${{ always() }}