diff --git a/.github/workflows/bandit.yml b/.github/workflows/bandit.yml
index de8f02532..684d16aa2 100644
--- a/.github/workflows/bandit.yml
+++ b/.github/workflows/bandit.yml
@@ -29,7 +29,7 @@ jobs:
 
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v6.0.2
+      - uses: actions/checkout@v6.0.3
       - name: Bandit Scan
         uses: shundor/python-bandit-scan@ab1d87dfccc5a0ffab88be3aaac6ffe35c10d6cd
         with: # optional arguments
diff --git a/.github/workflows/checkpr-sourcery.yml b/.github/workflows/checkpr-sourcery.yml
index 2429bf95b..69d32a2a6 100644
--- a/.github/workflows/checkpr-sourcery.yml
+++ b/.github/workflows/checkpr-sourcery.yml
@@ -10,7 +10,7 @@ jobs:
     if: github.event.pull_request.head.repo.full_name == github.repository
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v6.0.2
+      - uses: actions/checkout@v6.0.3
         with:
           fetch-depth: 0
 
diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
index 21bf9591a..c0ff37e20 100644
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -32,7 +32,7 @@ jobs:
         egress-policy: audit
 
     - name: Checkout repository
-      uses: actions/checkout@v6.0.2
+      uses: actions/checkout@v6.0.3
 
     - name: Initialize CodeQL
       uses: github/codeql-action/init@v4.33.0
diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
index 6b02a65b8..41e5283ad 100644
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -32,7 +32,7 @@ jobs:
         egress-policy: audit
 
     - name: Checkout repository
-      uses: actions/checkout@v6.0.2
+      uses: actions/checkout@v6.0.3
 
     - name: Initialize CodeQL
       uses: github/codeql-action/init@v4
diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml
index ced30d3be..4ad58124a 100644
--- a/.github/workflows/dependency-review.yml
+++ b/.github/workflows/dependency-review.yml
@@ -22,6 +22,6 @@ jobs:
           egress-policy: audit
 
       - name: 'Checkout Repository'
-        uses: actions/checkout@v6.0.2
+        uses: actions/checkout@v6.0.3
       - name: 'Dependency Review'
         uses: actions/dependency-review-action@v5.0.0
diff --git a/.github/workflows/ossar-analysis.yml b/.github/workflows/ossar-analysis.yml
index 6bba4b4e5..cc899c5f0 100644
--- a/.github/workflows/ossar-analysis.yml
+++ b/.github/workflows/ossar-analysis.yml
@@ -29,7 +29,7 @@ jobs:
         egress-policy: audit
 
     - name: Checkout repository
-      uses: actions/checkout@v6.0.2
+      uses: actions/checkout@v6.0.3
       with:
         # We must fetch at least the immediate parents so that if this is
         # a pull request then we can checkout the head.
diff --git a/.github/workflows/python-publish.yml b/.github/workflows/python-publish.yml
index 992d25987..f6ce3d33f 100644
--- a/.github/workflows/python-publish.yml
+++ b/.github/workflows/python-publish.yml
@@ -21,7 +21,7 @@ jobs:
       with:
         egress-policy: audit
 
-    - uses: actions/checkout@v6.0.2
+    - uses: actions/checkout@v6.0.3
     - name: Set up Python
       uses: actions/setup-python@v6.2.0
       with: