diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
index bf7618e5fe7..7efd3bf9479 100644
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -15,7 +15,7 @@ jobs:
 
     steps:
       - name: Checkout repository
-        uses: actions/checkout@v2
+        uses: actions/checkout@v3.1.0
 
       - name: Initialize CodeQL
         uses: github/codeql-action/init@v1
diff --git a/.github/workflows/deb.yml b/.github/workflows/deb.yml
index b871ecff886..812f4fa2a8e 100644
--- a/.github/workflows/deb.yml
+++ b/.github/workflows/deb.yml
@@ -30,7 +30,7 @@ jobs:
           apt-get install -y git wget
 
       - name: Checkout codebase
-        uses: actions/checkout@v2
+        uses: actions/checkout@v3.1.0
         with:
           submodules: "recursive"
 
diff --git a/.github/workflows/linter.yml b/.github/workflows/linter.yml
index 1f4a58b4237..a73ced8a53d 100644
--- a/.github/workflows/linter.yml
+++ b/.github/workflows/linter.yml
@@ -25,7 +25,7 @@ jobs:
           go-version: ^1.17
 
       - name: Checkout codebase
-        uses: actions/checkout@v2
+        uses: actions/checkout@v3.1.0
 
       - name: golangci-lint
         uses: golangci/golangci-lint-action@v2.5.2
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 0f41b5ad610..0fb6e824478 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -85,7 +85,7 @@ jobs:
 
     steps:
       - name: Checkout codebase
-        uses: actions/checkout@v2
+        uses: actions/checkout@v3.1.0
         with:
           fetch-depth: 0
 
@@ -165,7 +165,7 @@ jobs:
     needs: build
     steps:
       - name: Checkout codebase
-        uses: actions/checkout@v2
+        uses: actions/checkout@v3.1.0
         with:
           fetch-depth: 0
 
diff --git a/.github/workflows/semgrep.yml b/.github/workflows/semgrep.yml
index a3ce3a8d495..fd18f3c750c 100644
--- a/.github/workflows/semgrep.yml
+++ b/.github/workflows/semgrep.yml
@@ -5,7 +5,7 @@ jobs:
     name: Scan
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v3.1.0
       - uses: returntocorp/semgrep-action@v1
         env: # Optional environment variable for inline PR comments (beta)
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
diff --git a/.github/workflows/sign.yml b/.github/workflows/sign.yml
index ed7d368883b..550649063e2 100644
--- a/.github/workflows/sign.yml
+++ b/.github/workflows/sign.yml
@@ -9,7 +9,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout default branch
-        uses: actions/checkout@v2
+        uses: actions/checkout@v3.1.0
 
       - name: Grant it execution permission
         run: |
diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
index 2a86ba2c2a1..d9b7fde1c6b 100644
--- a/.github/workflows/test.yml
+++ b/.github/workflows/test.yml
@@ -33,7 +33,7 @@ jobs:
           go-version: ^1.17
 
       - name: Checkout codebase
-        uses: actions/checkout@v2
+        uses: actions/checkout@v3.1.0
         with:
           fetch-depth: 0