diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index dd648f6..1a534f6 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -95,7 +95,7 @@ jobs:
       - id: build-ci
         env:
           ENVIRONMENT: ci
-        uses: docker/build-push-action@ca877d9245402d1537745e0e356eab47c3520991 # v6
+        uses: docker/build-push-action@0adf9959216b96bec444f325f1e493d4aa344497 # v6
         with:
           target: ${{ env.ENVIRONMENT }}
           cache-from: |
@@ -120,7 +120,7 @@ jobs:
       - if: ${{ github.event_name != 'pull_request' }}
         env:
           ENVIRONMENT: dev
-        uses: docker/build-push-action@ca877d9245402d1537745e0e356eab47c3520991 # v6
+        uses: docker/build-push-action@0adf9959216b96bec444f325f1e493d4aa344497 # v6
         with:
           target: ${{ env.ENVIRONMENT }}
           cache-from: |
@@ -131,7 +131,7 @@ jobs:
           push: ${{ github.event_name != 'pull_request' }}
 
       - if: ${{ github.event_name != 'pull_request' }}
-        uses: docker/build-push-action@ca877d9245402d1537745e0e356eab47c3520991 # v6
+        uses: docker/build-push-action@0adf9959216b96bec444f325f1e493d4aa344497 # v6
         with:
           cache-from: |
             ${{ env.GHCR_IMAGE_NAME }}:dev
diff --git a/.github/workflows/scans.yml b/.github/workflows/scans.yml
index 0706941..fa06577 100644
--- a/.github/workflows/scans.yml
+++ b/.github/workflows/scans.yml
@@ -157,6 +157,6 @@ jobs:
         with:
           fetch-depth: 3
 
-      - uses: trufflesecurity/trufflehog@709cd089144a6b6452f0915e7ea0d5e4a39d3243 # v3
+      - uses: trufflesecurity/trufflehog@1c9ef1d34c2043b5b68769296e27efa33b6eb91e # v3
         with:
           extra_args: --results=verified,unknown