diff --git a/.github/workflows/vulnerability-scanning.yml b/.github/workflows/vulnerability-scanning.yml
index 2afcc7b7c6..51f8eadd03 100644
--- a/.github/workflows/vulnerability-scanning.yml
+++ b/.github/workflows/vulnerability-scanning.yml
@@ -6,14 +6,14 @@ jobs:
     name: depecheck_test
     steps:
       - name: Checkout
-        uses: actions/checkout@v4
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
       - name: Setup Java
-        uses: actions/setup-java@v4
+        uses: actions/setup-java@8df1039502a15bceb9433410b1a100fbe190c53b # v4
         with:
           distribution: temurin
           java-version: 17
       - name: Setup Gradle
-        uses: gradle/actions/setup-gradle@v4
+        uses: gradle/actions/setup-gradle@cc4fc85e6b35bafd578d5ffbc76a5518407e1af0 # v4
       - name: Call setup
         run: ./gradlew dependencies
       - name: Depcheck
@@ -29,7 +29,7 @@ jobs:
           args: >
             --exclude ${{github.workspace}}/build/mps/**
       - name: Upload Test results
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4
         with:
            name: Depcheck report
            path: ${{github.workspace}}/reports
\ No newline at end of file