diff --git a/.github/workflows/dependency-review.yaml b/.github/workflows/dependency-review.yaml
index 0cba86b..8590599 100644
--- a/.github/workflows/dependency-review.yaml
+++ b/.github/workflows/dependency-review.yaml
@@ -15,6 +15,6 @@ jobs:
         uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
 
       - name: "Dependency Review"
-        uses: actions/dependency-review-action@a6993e2c61fd5dc440b409aa1d6904921c5e1894 # v4.3.5
+        uses: actions/dependency-review-action@3b139cfc5fae8b618d3eae3675e383bb1769c019 # v4.5.0
         with:
           config-file: darbiadev/.github/.github/dependency-review-config.yaml@main
diff --git a/.github/workflows/python-publish-pypi.yaml b/.github/workflows/python-publish-pypi.yaml
index cc1ae61..7710045 100644
--- a/.github/workflows/python-publish-pypi.yaml
+++ b/.github/workflows/python-publish-pypi.yaml
@@ -24,7 +24,7 @@ jobs:
         uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
 
       - name: Build and inspect Python 🐍 package 📦
-        uses: hynek/build-and-inspect-python-package@73aea398b9c8de9ea9e4464c6b13cb8b1f3d6294 # v2.9.0
+        uses: hynek/build-and-inspect-python-package@f01e4d047aadcc0c054c95ec9900da3ec3fc7a0f # v2.10.0
         with:
           attest-build-provenance-github: ${{ github.event.action == 'published' }}
 
@@ -47,7 +47,7 @@ jobs:
         path: dist/
 
     - name: Publish distribution 📦 to PyPI
-      uses: pypa/gh-action-pypi-publish@f7600683efdcb7656dec5b29656edb7bc586e597 # v1.10.3
+      uses: pypa/gh-action-pypi-publish@15c56dba361d8335944d31a2ecd17d700fc7bcbc # v1.12.2
       with:
           attestations: true
           verbose: true