diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
index aa171932..ca2a9b93 100644
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -50,7 +50,7 @@ jobs:
 
     steps:
     - name: Checkout repository
-      uses: actions/checkout@1e204e9a9253d643386038d443f96446fa156a97 # v2.3.4
+      uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579 # v2.3.4
 
     # Initializes the CodeQL tools for scanning.
     - name: Initialize CodeQL
diff --git a/.github/workflows/goreleaser.yaml b/.github/workflows/goreleaser.yaml
index 50a9b97d..18a00831 100644
--- a/.github/workflows/goreleaser.yaml
+++ b/.github/workflows/goreleaser.yaml
@@ -27,7 +27,7 @@ jobs:
     steps:
       -
         name: Checkout
-        uses: actions/checkout@1e204e9a9253d643386038d443f96446fa156a97 # v2.3.4
+        uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579 # v2.3.4
         with:
           fetch-depth: 0
       -
diff --git a/.github/workflows/integration.yml b/.github/workflows/integration.yml
index 6a9f53ee..231f7e2d 100644
--- a/.github/workflows/integration.yml
+++ b/.github/workflows/integration.yml
@@ -55,11 +55,11 @@ jobs:
 
       - name: pull_request actions/checkout
         if: github.event_name == 'pull_request'
-        uses: actions/checkout@1e204e9a9253d643386038d443f96446fa156a97 # v2.3.4
+        uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579 # v2.3.4
 
       - name: pull_request actions/checkout
         if: github.event_name == 'repository_dispatch'
-        uses: actions/checkout@1e204e9a9253d643386038d443f96446fa156a97 # v2.3.4
+        uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579 # v2.3.4
         with:
           ref: 'refs/pull/${{ github.event.client_payload.pull_request.number }}/merge'
 
diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
index 69778cea..17eeed1f 100644
--- a/.github/workflows/main.yml
+++ b/.github/workflows/main.yml
@@ -26,7 +26,7 @@ jobs:
        with:
         version: 3.17.3
      - name: Clone the code
-       uses: actions/checkout@1e204e9a9253d643386038d443f96446fa156a97 # v2.3.4
+       uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579 # v2.3.4
        with:
           fetch-depth: 0
      - name: Setup Go
@@ -45,7 +45,7 @@ jobs:
     permissions:
       contents: read
     steps:
-      - uses: actions/checkout@1e204e9a9253d643386038d443f96446fa156a97 # v2.3.4
+      - uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579 # v2.3.4
       - uses: actions/setup-go@331ce1d993939866bb63c32c6cbbfd48fa76fc57 # v2.1.3
         with:
           go-version: '1.17'
diff --git a/.github/workflows/scorecard-analysis.yml b/.github/workflows/scorecard-analysis.yml
index c206d686..d04238a9 100644
--- a/.github/workflows/scorecard-analysis.yml
+++ b/.github/workflows/scorecard-analysis.yml
@@ -19,7 +19,7 @@ jobs:
     
     steps:
       - name: "Checkout code"
-        uses: actions/checkout@1e204e9a9253d643386038d443f96446fa156a97
+        uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579
 
       - name: "Run analysis"
         # This is temporary for dogfooding.