diff --git a/.github/workflows/audit.yml b/.github/workflows/audit.yml
index d37775e170..e018e536f8 100644
--- a/.github/workflows/audit.yml
+++ b/.github/workflows/audit.yml
@@ -14,7 +14,7 @@ jobs:
   audit:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v6
       - uses: rustsec/audit-check@v2.0.0
         with:
           token: ${{ secrets.GITHUB_TOKEN }}
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index a3f30ee045..27fe55973a 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -32,7 +32,7 @@ jobs:
     container:
       image: rust:1.92
     steps:
-    - uses: actions/checkout@v4
+    - uses: actions/checkout@v6
     - uses: Swatinem/rust-cache@v2
     - run: RUSTFLAGS=-Dwarnings cargo test --locked --workspace --all-features
 
@@ -42,7 +42,7 @@ jobs:
       image: rust:1.92
     steps:
     - run: apt-get update && apt install -y libc6-dev-i386
-    - uses: actions/checkout@v4
+    - uses: actions/checkout@v6
     - uses: Swatinem/rust-cache@v2
     - run: rustup target add i686-unknown-linux-gnu
     - run: RUSTFLAGS=-Dwarnings cargo test --target i686-unknown-linux-gnu --locked --workspace --all-features
@@ -52,7 +52,7 @@ jobs:
     container:
       image: rust:1.92
     steps:
-    - uses: actions/checkout@v4
+    - uses: actions/checkout@v6
     - run: rustup target add wasm32-unknown-unknown
     - uses: Swatinem/rust-cache@v2
     - uses: actions/setup-node@v6.1.0
@@ -69,7 +69,7 @@ jobs:
     container:
       image: rust:1.92
     steps:
-    - uses: actions/checkout@v4
+    - uses: actions/checkout@v6
     - uses: Swatinem/rust-cache@v2
     - run: apt-get update && apt install -y libc6-dev-i386
     - run: rustup target add i686-unknown-linux-gnu
@@ -103,7 +103,7 @@ jobs:
     container:
       image: rust:1.92
     steps:
-    - uses: actions/checkout@v4
+    - uses: actions/checkout@v6
     - run: rustup target add thumbv7m-none-eabi
     - uses: Swatinem/rust-cache@v2
     # We use `thumbv7m-none-eabi` as this target seems to generally work fine and doesn't support `std`. Many targets unfortunately have Rust/LLVM bugs preventing compilation.
@@ -115,7 +115,7 @@ jobs:
     container:
       image: rust:1.92
     steps:
-    - uses: actions/checkout@v4
+    - uses: actions/checkout@v6
     - uses: Swatinem/rust-cache@v2
     - run: RUSTDOCFLAGS=-Dwarnings cargo doc --verbose --workspace --all-features --no-deps --document-private-items
 
@@ -125,7 +125,7 @@ jobs:
       image: rust:1.92
     steps:
       # Checks `rustfmt` formatting
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v6
       - run: rustup component add rustfmt
       - uses: actions-rs/cargo@v1
         with:
@@ -138,7 +138,7 @@ jobs:
     container:
       image: rust:1.92
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v6
         # Since build artifacts are specific to a nightly version, we pin the specific nightly
         # version to use in order to not invalidate the build cache every day. The exact version
         # is completely arbitrary.
@@ -157,7 +157,7 @@ jobs:
         checks:
           - bans licenses sources
     steps:
-    - uses: actions/checkout@v4
+    - uses: actions/checkout@v6
     - uses: EmbarkStudios/cargo-deny-action@v2
       with:
         command: check --config .github/cargo-deny.toml ${{ matrix.checks }}
@@ -166,7 +166,7 @@ jobs:
   cargo-spellcheck:
     runs-on: ubuntu-latest
     steps:
-    - uses: actions/checkout@v4
+    - uses: actions/checkout@v6
     - run: sudo apt-get update && sudo apt install -y libclang-dev  # Required by cargo-spellcheck
     - uses: baptiste0928/cargo-install@v3  # This action ensures that the compilation is cached.
       with:
@@ -179,7 +179,7 @@ jobs:
     container:
       image: rust:1.92
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v6
       - run: apt-get update && apt install -y jq
       # Compares whether the version in `package.json` matches the version in `Cargo.toml`.
       - id: js-version
diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml
index e5ab176885..c161b7b9f1 100644
--- a/.github/workflows/deploy.yml
+++ b/.github/workflows/deploy.yml
@@ -36,7 +36,7 @@ jobs:
     steps:
     - uses: docker/setup-qemu-action@v3
     - uses: docker/setup-buildx-action@v3
-    - uses: actions/checkout@v4
+    - uses: actions/checkout@v6
     - uses: docker/login-action@v3 
       # This `if` adds an additional safety against accidental pushes.
       if: ${{ github.event_name == 'push' && github.ref == 'refs/heads/main' }}
@@ -58,7 +58,7 @@ jobs:
     container:
       image: rust:1.92
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v6
         with:
           path: repo
       - run: rustup target add wasm32-unknown-unknown
@@ -85,7 +85,7 @@ jobs:
     container:
       image: rust:1.92
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v6
         with:
           path: repo
       - uses: Swatinem/rust-cache@v2
@@ -108,7 +108,7 @@ jobs:
     steps:
       - run: apt update && apt install -y jq
       - run: rustup component add llvm-tools-preview
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v6
         with:
           path: repo
       - uses: Swatinem/rust-cache@v2
@@ -134,7 +134,7 @@ jobs:
     permissions:
       contents: write   # Necessary to push on the `gh-pages` branch.
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v6
         with:
           path: repo
       - run: |
@@ -176,7 +176,7 @@ jobs:
     container:
       image: rust:1.92
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v6
       - run: rustup target add wasm32-unknown-unknown
       - uses: actions/setup-node@v6.1.0
         with:
@@ -203,7 +203,7 @@ jobs:
     # This action checks if a certain git tag exists. If not, it compiles the JavaScript package,
     # then commits the compilation artifacts, tags the commit, and pushes the tag.
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v6
         with:
           fetch-depth: 0   # Necessary below for checking if the tag exists.
       - run: rustup target add wasm32-unknown-unknown
@@ -247,7 +247,7 @@ jobs:
     container:
       image: rust:1.92
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v6
       - run: cargo publish --dry-run --locked
         working-directory: ./lib
         # Note that no dry run is performed for the crates that have dependencies towards the
diff --git a/.github/workflows/periodic-cargo-update.yml b/.github/workflows/periodic-cargo-update.yml
index bc1adad2fb..81e17416c2 100644
--- a/.github/workflows/periodic-cargo-update.yml
+++ b/.github/workflows/periodic-cargo-update.yml
@@ -11,7 +11,7 @@ jobs:
     container:
       image: rust:1.92
     steps:
-    - uses: actions/checkout@v4
+    - uses: actions/checkout@v6
     # Note: `cargo update --workspace` doesn't seem to have any effect.
     - run: cargo update
       working-directory: wasm-node/rust