diff --git a/.github/workflows/build_interu.yml b/.github/workflows/build_interu.yml
index e7a44c4..d488022 100644
--- a/.github/workflows/build_interu.yml
+++ b/.github/workflows/build_interu.yml
@@ -23,11 +23,11 @@ jobs:
     runs-on: ${{ inputs.os }}
     steps:
       - name: Checkout
-        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
         with:
           persist-credentials: false
 
-      - uses: dtolnay/rust-toolchain@6d653acede28d24f02e3cd41383119e8b1b35921
+      - uses: dtolnay/rust-toolchain@f7ccc83f9ed1e5b9c81d8a67d7ad1a747e22a561
         with:
           toolchain: ${{ env.RUST_VERSION }}
           targets: ${{ inputs.target }}
@@ -44,6 +44,6 @@ jobs:
 
       - name: Upload Artifact
         if: inputs.upload
-        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
+        uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0
         with:
           path: interu-${{ inputs.target }}
diff --git a/.github/workflows/pr_pre-commit.yml b/.github/workflows/pr_pre-commit.yml
index 804d230..28b9b7b 100644
--- a/.github/workflows/pr_pre-commit.yml
+++ b/.github/workflows/pr_pre-commit.yml
@@ -8,7 +8,7 @@ jobs:
   pre-commit:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+      - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
         with:
           persist-credentials: false
           submodules: recursive
diff --git a/.github/workflows/release_interu.yml b/.github/workflows/release_interu.yml
index 0edb3e8..44db53a 100644
--- a/.github/workflows/release_interu.yml
+++ b/.github/workflows/release_interu.yml
@@ -25,11 +25,11 @@ jobs:
     needs: [build]
     steps:
       - name: Download Artifacts
-        uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0
+        uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7.0.0
         with:
           path: artifacts
 
       - name: Upload Release Binary
-        uses: softprops/action-gh-release@6da8fa9354ddfdc4aeace5fc48d7f679b5214090 # v2.4.1
+        uses: softprops/action-gh-release@a06a81a03ee405af7f2048a818ed3f03bbf83c7b # v2.5.0
         with:
           files: artifacts/artifact/*
diff --git a/.github/workflows/smoke-build.yaml b/.github/workflows/smoke-build.yaml
index c03e9ae..25c90ff 100644
--- a/.github/workflows/smoke-build.yaml
+++ b/.github/workflows/smoke-build.yaml
@@ -20,7 +20,7 @@ jobs:
     name: Generate Version List
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+      - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
         with:
           persist-credentials: false
 
@@ -47,7 +47,7 @@ jobs:
         versions: ${{ fromJson(needs.generate-matrix.outputs.versions) }}
     steps:
       - name: Checkout Repository
-        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
         with:
           persist-credentials: false
 
@@ -86,7 +86,7 @@ jobs:
         versions: ${{ fromJson(needs.generate-matrix.outputs.versions) }}
     steps:
       - name: Checkout Repository
-        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
         with:
           persist-credentials: false
 
@@ -110,7 +110,7 @@ jobs:
         versions: ${{ fromJson(needs.generate-matrix.outputs.versions) }}
     steps:
       - name: Checkout Repository
-        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
         with:
           persist-credentials: false
           submodules: recursive
@@ -137,7 +137,7 @@ jobs:
     if: failure() || github.run_attempt > 1
     steps:
       - name: Checkout Repository
-        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
         with:
           persist-credentials: false
 
diff --git a/build-container-image/action.yaml b/build-container-image/action.yaml
index 2cbd00d..6dc2411 100644
--- a/build-container-image/action.yaml
+++ b/build-container-image/action.yaml
@@ -40,7 +40,7 @@ runs:
   using: composite
   steps:
     - name: Setup Docker Buildx
-      uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3.11.1
+      uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3.12.0
 
     - name: Build ${{ inputs.image-name }}:${{ inputs.image-index-manifest-tag }}
       id: build-image
diff --git a/build-product-image/action.yaml b/build-product-image/action.yaml
index 5675d4b..a52f452 100644
--- a/build-product-image/action.yaml
+++ b/build-product-image/action.yaml
@@ -39,7 +39,7 @@ runs:
   using: composite
   steps:
     - name: Setup Docker Buildx
-      uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3.11.1
+      uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3.12.0
 
     - name: Setup boil (${{ inputs.boil-version }})
       env:
diff --git a/publish-image/action.yaml b/publish-image/action.yaml
index 2ba8b59..092c45a 100644
--- a/publish-image/action.yaml
+++ b/publish-image/action.yaml
@@ -58,7 +58,7 @@ runs:
       uses: sigstore/cosign-installer@faadad0cce49287aee09b3a48701e75088a2c6ad # v4.0.0
 
     - name: Set up syft
-      uses: anchore/sbom-action/download-syft@8e94d75ddd33f69f691467e42275782e4bfefe84 # v0.20.9
+      uses: anchore/sbom-action/download-syft@0b82b0b1a22399a1c542d4d656f70cd903571b5c # v0.21.1
 
     - name: Login to Container Registry (${{ inputs.image-registry-uri }})
       uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0
diff --git a/run-pre-commit/action.yaml b/run-pre-commit/action.yaml
index 95103dc..48ef901 100644
--- a/run-pre-commit/action.yaml
+++ b/run-pre-commit/action.yaml
@@ -42,13 +42,13 @@ runs:
 
     - name: Setup nix
       if: inputs.nix
-      uses: cachix/install-nix-action@fd24c48048070c1be9acd18c9d369a83f0fe94d7 # v31.8.1
+      uses: cachix/install-nix-action@4e002c8ec80594ecd40e759629461e26c8abed15 # v31.9.0
       with:
         github_access_token: ${{ inputs.nix-github-token }}
         install_url: https://releases.nixos.org/nix/nix-${{ inputs.nix }}/install
 
     - name: Setup Python
-      uses: actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c # v6.0.0
+      uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v6.1.0
       with:
         python-version: ${{ inputs.python-version }}
         # It doesn't make a whole lot of sense to use the pre-commit config file
@@ -72,7 +72,7 @@ runs:
       # This caches downloaded pre-commit hook artifacts and results in faster
       # workflow runs after an initial hydration run with the exact same hooks
     - name: Setup pre-commit Cache
-      uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0
+      uses: actions/cache@9255dc7a253b0ccc959486e2bca901246202afeb # v5.0.1
       with:
         path: ~/.cache/pre-commit
         key: pre-commit-${{ inputs.pre-commit-version }}-python${{ inputs.python-version }}-${{ hashFiles('.pre-commit-config.yaml') }}
@@ -89,13 +89,13 @@ runs:
     - name: Setup Rust Toolchain Cache
       id: rust-toolchain-cache
       if: ${{ inputs.rust }}
-      uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0
+      uses: actions/cache@9255dc7a253b0ccc959486e2bca901246202afeb # v5.0.1
       with:
         path: ~/.rustup/toolchains
         key: rust-toolchains-${{ inputs.rust }}-components-${{ env.RUST_COMPONENTS }}
 
     - name: Setup Rust Toolchain
-      uses: dtolnay/rust-toolchain@6d653acede28d24f02e3cd41383119e8b1b35921
+      uses: dtolnay/rust-toolchain@f7ccc83f9ed1e5b9c81d8a67d7ad1a747e22a561
       if: ${{ inputs.rust && steps.rust-toolchain-cache.outputs.cache-hit != 'true' }}
       with:
         toolchain: ${{ inputs.rust }}
@@ -103,7 +103,7 @@ runs:
 
     - name: Setup Rust Cache
       if: ${{ inputs.rust }}
-      uses: Swatinem/rust-cache@f13886b937689c021905a6b90929199931d60db1 # v2.8.1
+      uses: Swatinem/rust-cache@779680da715d629ac1d338a641029a2f4372abb5 # v2.8.2
 
     - name: Install Hadolint
       if: ${{ inputs.hadolint }}
diff --git a/send-slack-notification/action.yaml b/send-slack-notification/action.yaml
index 5db172d..0497d9c 100644
--- a/send-slack-notification/action.yaml
+++ b/send-slack-notification/action.yaml
@@ -68,7 +68,7 @@ runs:
     - name: Retrieve Slack Thread ID
       id: retrieve-slack-thread-id
       continue-on-error: true
-      uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0
+      uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7.0.0
       with:
         name: slack-thread-id-${{ github.run_id }}
 
@@ -139,7 +139,7 @@ runs:
 
     - name: Store Slack Thread ID as Artifact
       if: steps.retrieve-slack-thread-id.outcome == 'failure'
-      uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
+      uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0
       with:
         name: slack-thread-id-${{ github.run_id }}
         path: slack-thread-id