diff --git a/.github/workflows/check-for-emails.yml b/.github/workflows/check-for-emails.yml
index 9973a0d168d..595f0240d9a 100644
--- a/.github/workflows/check-for-emails.yml
+++ b/.github/workflows/check-for-emails.yml
@@ -10,7 +10,7 @@ jobs:
     name: Check for emails in issue comments
     steps:
     - name: Checkout
-      uses: actions/checkout@v4
+      uses: actions/checkout@v5
     - name: Scan comment
       id: scan
       uses: FlowCrypt/comment-email-address-alerts@v21
diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
index e57606b693e..85611a9d579 100644
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -28,7 +28,7 @@ jobs:
 
     steps:
     - name: Checkout repository
-      uses: actions/checkout@v4
+      uses: actions/checkout@v5
       with:
         # We must fetch at least the immediate parents so that if this is
         # a pull request then we can checkout the head.
diff --git a/.github/workflows/eslint.yml b/.github/workflows/eslint.yml
index 35b5f7cac45..e2224bc87a6 100644
--- a/.github/workflows/eslint.yml
+++ b/.github/workflows/eslint.yml
@@ -25,7 +25,7 @@ jobs:
       actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
     steps:
       - name: Checkout code
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
           # We must fetch at least the immediate parents so that if this is
           # a pull request then we can checkout the head.
         with: