diff --git a/.github/workflows/gradle-library.yml b/.github/workflows/gradle-library.yml
index 18473da..10a5e6a 100644
--- a/.github/workflows/gradle-library.yml
+++ b/.github/workflows/gradle-library.yml
@@ -129,13 +129,13 @@ jobs:
       # Build, test and create Docker image
       #
 
-      - uses: actions/setup-java@8df1039502a15bceb9433410b1a100fbe190c53b # v4.5.0
+      - uses: actions/setup-java@7a6d8a8234af8eb26422e24e3006232cccaa061b # v4.6.0
         with:
           distribution: temurin
           java-version: ${{ inputs.java-version }}
 
       - name: Setup Gradle
-        uses: gradle/actions/setup-gradle@cc4fc85e6b35bafd578d5ffbc76a5518407e1af0 # v4.2.1
+        uses: gradle/actions/setup-gradle@0bdd871935719febd78681f197cd39af5b6e16a6 # v4.2.2
 
       - name: Write dependency lockfile for security scan
         if: ${{ !inputs.skip-scan }}
@@ -182,7 +182,7 @@ jobs:
         run: ./gradlew ${{ inputs.build-tasks }}
 
       - name: Upload Gradle test reports
-        uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3
+        uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0
         if: ${{ !inputs.skip-build && always() }}
         with:
           name: Gradle test reports
@@ -266,7 +266,7 @@ jobs:
       - name: Upload artifact
         if: ${{ always() && inputs.upload-artifact-path != '' }}
         continue-on-error: true
-        uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3
+        uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0
         with:
           name: ${{ inputs.upload-artifact-name }}
           path: ${{ inputs.upload-artifact-path }}
diff --git a/.github/workflows/gradle-service.yml b/.github/workflows/gradle-service.yml
index 84e7bbf..fa24405 100644
--- a/.github/workflows/gradle-service.yml
+++ b/.github/workflows/gradle-service.yml
@@ -145,13 +145,13 @@ jobs:
       # Build, test and create Docker image
       #
 
-      - uses: actions/setup-java@8df1039502a15bceb9433410b1a100fbe190c53b # v4.5.0
+      - uses: actions/setup-java@7a6d8a8234af8eb26422e24e3006232cccaa061b # v4.6.0
         with:
           distribution: temurin
           java-version: ${{ inputs.java-version }}
 
       - name: Setup Gradle
-        uses: gradle/actions/setup-gradle@cc4fc85e6b35bafd578d5ffbc76a5518407e1af0 # v4.2.1
+        uses: gradle/actions/setup-gradle@0bdd871935719febd78681f197cd39af5b6e16a6 # v4.2.2
 
       - name: Build and test with Gradle
         if: ${{ !inputs.skip-build }}
@@ -166,7 +166,7 @@ jobs:
         run: ./gradlew ${{ inputs.build-tasks }}
 
       - name: Upload Gradle test reports
-        uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3
+        uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0
         if: ${{ !inputs.skip-build && always() }}
         with:
           name: Gradle test reports
diff --git a/.github/workflows/play-service.yml b/.github/workflows/play-service.yml
index 37c4e70..a4867d9 100644
--- a/.github/workflows/play-service.yml
+++ b/.github/workflows/play-service.yml
@@ -51,7 +51,7 @@ jobs:
     steps:
       - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
 
-      - uses: actions/setup-java@8df1039502a15bceb9433410b1a100fbe190c53b # v4.5.0
+      - uses: actions/setup-java@7a6d8a8234af8eb26422e24e3006232cccaa061b # v4.6.0
         with:
           distribution: temurin
           java-version: ${{ inputs.java-version }}
diff --git a/.github/workflows/sbt-library.yml b/.github/workflows/sbt-library.yml
index 8ce3849..69ec652 100644
--- a/.github/workflows/sbt-library.yml
+++ b/.github/workflows/sbt-library.yml
@@ -37,7 +37,7 @@ jobs:
     steps:
       - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
 
-      - uses: actions/setup-java@8df1039502a15bceb9433410b1a100fbe190c53b # v4.5.0
+      - uses: actions/setup-java@7a6d8a8234af8eb26422e24e3006232cccaa061b # v4.6.0
         with:
           distribution: temurin
           java-version: ${{ inputs.java-version }}
diff --git a/.github/workflows/scan-images.yml b/.github/workflows/scan-images.yml
index 8bb0b45..a183f62 100644
--- a/.github/workflows/scan-images.yml
+++ b/.github/workflows/scan-images.yml
@@ -100,7 +100,7 @@ jobs:
     steps:
       - name: Merge SBOM artifacts
         if: ${{ inputs.remove-individual-artifacts }}
-        uses: actions/upload-artifact/merge@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3
+        uses: actions/upload-artifact/merge@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0
         with:
           name: SBOM (CycloneDX) [all-individual-results]
           pattern: SBOM (CycloneDX) * # name used by gha-trivy action
@@ -108,7 +108,7 @@ jobs:
 
       - name: Merge HTML report artifacts
         if: ${{ inputs.remove-individual-artifacts }}
-        uses: actions/upload-artifact/merge@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3
+        uses: actions/upload-artifact/merge@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0
         with:
           name: Vulnerability report (HTML)
           pattern: Vulnerability report (HTML)* # name used by gha-trivy action
@@ -167,7 +167,7 @@ jobs:
 
       - name: Upload combined SBOMs
         if: ${{ inputs.merge-sboms }}
-        uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3
+        uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0
         with:
           name: Merged SBOMs (CycloneDX)
           path: merged/