diff --git a/.github/workflows/actions-security-analysis.yml b/.github/workflows/actions-security-analysis.yml
index cae8cb34f2..00600427ee 100644
--- a/.github/workflows/actions-security-analysis.yml
+++ b/.github/workflows/actions-security-analysis.yml
@@ -26,7 +26,7 @@ jobs:
           egress-policy: audit
 
       - name: Checkout repository
-        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
         with:
           persist-credentials: false
 
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index 4cc53aeab8..358d03c1f9 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -64,7 +64,7 @@ jobs:
                   ssh-private-key: |
                       ${{ secrets.BUILDER_SSH_KEY }}
             - name: Checkout
-              uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+              uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
               with:
                   ref: ${{ github.event.pull_request.head.sha || github.ref }}
                   fetch-depth: 0
diff --git a/.github/workflows/check.yml b/.github/workflows/check.yml
index 0a9c4beaec..77b95e52fa 100644
--- a/.github/workflows/check.yml
+++ b/.github/workflows/check.yml
@@ -23,7 +23,7 @@ jobs:
                   egress-policy: audit
 
             - name: Checkout
-              uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+              uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
               with:
                   persist-credentials: false
             - name: Install nix
diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
index c1b1f9a2c5..4f707b0e8e 100644
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -46,7 +46,7 @@ jobs:
           egress-policy: audit
 
       - name: Checkout repository
-        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
         with:
           persist-credentials: false
 
diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml
index 1e583d5304..7dc06b891d 100644
--- a/.github/workflows/dependency-review.yml
+++ b/.github/workflows/dependency-review.yml
@@ -22,7 +22,7 @@ jobs:
           egress-policy: audit
 
       - name: 'Checkout Repository'
-        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
         with:
           persist-credentials: false
       - name: 'Dependency Review'
diff --git a/.github/workflows/doc.yml b/.github/workflows/doc.yml
index 7318b6322d..a57f012498 100644
--- a/.github/workflows/doc.yml
+++ b/.github/workflows/doc.yml
@@ -24,7 +24,7 @@ jobs:
               with:
                   egress-policy: audit
 
-            - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+            - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
               with:
                   persist-credentials: false
             - uses: cachix/install-nix-action@4e002c8ec80594ecd40e759629461e26c8abed15 # v31.9.0
diff --git a/.github/workflows/eval.yml b/.github/workflows/eval.yml
index 53138cfaea..80ec35e95d 100644
--- a/.github/workflows/eval.yml
+++ b/.github/workflows/eval.yml
@@ -33,7 +33,7 @@ jobs:
                   egress-policy: audit
 
             - name: Checkout
-              uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+              uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
               with:
                   ref: ${{ github.event.pull_request.merge.sha || github.ref }}
                   fetch-depth: 0
diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml
index 171d34458e..afdd48e29a 100644
--- a/.github/workflows/scorecard.yml
+++ b/.github/workflows/scorecard.yml
@@ -39,7 +39,7 @@ jobs:
           egress-policy: audit
 
       - name: "Checkout code"
-        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
         with:
           persist-credentials: false
       - name: "Run analysis"
diff --git a/.github/workflows/update-npm-deps-hash.yml b/.github/workflows/update-npm-deps-hash.yml
index 926dd22a39..c2609d37d0 100644
--- a/.github/workflows/update-npm-deps-hash.yml
+++ b/.github/workflows/update-npm-deps-hash.yml
@@ -28,7 +28,7 @@ jobs:
                   egress-policy: audit
 
             - name: Checkout
-              uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+              uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
               with:
                   token: ${{ secrets.GITHUB_TOKEN }}
                   ref: ${{ github.event.pull_request.head.ref }}
diff --git a/.github/workflows/warn-on-workflow-changes.yml b/.github/workflows/warn-on-workflow-changes.yml
index 5816b8bbdc..4b161b1ae3 100644
--- a/.github/workflows/warn-on-workflow-changes.yml
+++ b/.github/workflows/warn-on-workflow-changes.yml
@@ -21,7 +21,7 @@ jobs:
         uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0
         with:
           egress-policy: audit
-      - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
         with:
           fetch-depth: 0
           persist-credentials: false