diff --git a/.github/workflows/bundle-compare.yml b/.github/workflows/bundle-compare.yml
index e2ca4bda57628..afb51bb2cb9a0 100644
--- a/.github/workflows/bundle-compare.yml
+++ b/.github/workflows/bundle-compare.yml
@@ -24,7 +24,7 @@ jobs:
           egress-policy: audit
 
       - name: Git Checkout
-        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
 
       - name: Download Stats (HEAD)
         uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7.0.0
diff --git a/.github/workflows/lighthouse.yml b/.github/workflows/lighthouse.yml
index 8d3cc737f5472..4cf85edffeb69 100644
--- a/.github/workflows/lighthouse.yml
+++ b/.github/workflows/lighthouse.yml
@@ -70,7 +70,7 @@ jobs:
           egress-policy: audit
 
       - name: Git Checkout
-        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
         with:
           # Provides the Pull Request commit SHA or the GitHub merge group ref
           ref: ${{ github.event_name == 'pull_request_target' && github.event.pull_request.head.sha || github.ref }}
diff --git a/.github/workflows/pnpm-updater.yml b/.github/workflows/pnpm-updater.yml
index 129500ad1e2b7..47c0914fc9f62 100644
--- a/.github/workflows/pnpm-updater.yml
+++ b/.github/workflows/pnpm-updater.yml
@@ -26,7 +26,7 @@ jobs:
           egress-policy: audit
 
       - name: Git Checkout
-        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
 
       - name: Setup pnpm
         uses: pnpm/action-setup@a7487c7e89a18df4991f7f222e4898a00d66ddda # v4.1.0
diff --git a/.github/workflows/publish-packages.yml b/.github/workflows/publish-packages.yml
index 1b00bb45a1e99..d6bcbf67f92e2 100644
--- a/.github/workflows/publish-packages.yml
+++ b/.github/workflows/publish-packages.yml
@@ -60,7 +60,7 @@ jobs:
           echo "✅ Commit is verified and trusted."
 
       - name: Checkout repository
-        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
         with:
           fetch-depth: 2 # Need at least 2 commits to detect changes between commits
 
diff --git a/.github/workflows/request-codeowner-review.yml b/.github/workflows/request-codeowner-review.yml
index f5a9147140789..261a992c1be36 100644
--- a/.github/workflows/request-codeowner-review.yml
+++ b/.github/workflows/request-codeowner-review.yml
@@ -13,7 +13,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
-        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
 
       - name: Request Codeowner Reviews
         uses: pkgjs/request-codeowner-review@d39b61c5e1399655dce6287b3b119af93dee235a # v1.1.0
diff --git a/.github/workflows/tmp-cloudflare-open-next-deploy.yml b/.github/workflows/tmp-cloudflare-open-next-deploy.yml
index e19aa64223733..594ae29987c5c 100644
--- a/.github/workflows/tmp-cloudflare-open-next-deploy.yml
+++ b/.github/workflows/tmp-cloudflare-open-next-deploy.yml
@@ -35,7 +35,7 @@ jobs:
           egress-policy: audit
 
       - name: Git Checkout
-        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
 
       - name: Set up pnpm
         uses: pnpm/action-setup@41ff72655975bd51cab0327fa583b6e92b6d3061 # v4.2.0
diff --git a/.github/workflows/translations-sync.yml b/.github/workflows/translations-sync.yml
index d05becf5fc2f1..e070b5df90059 100644
--- a/.github/workflows/translations-sync.yml
+++ b/.github/workflows/translations-sync.yml
@@ -31,7 +31,7 @@ jobs:
           egress-policy: audit
 
       - name: Checkout
-        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
         with:
           token: ${{ secrets.CROWDIN_GITHUB_BOT_TOKEN }}
 
diff --git a/.github/workflows/translations-upload.yml b/.github/workflows/translations-upload.yml
index 6fac126738fd9..07965c057226f 100644
--- a/.github/workflows/translations-upload.yml
+++ b/.github/workflows/translations-upload.yml
@@ -23,7 +23,7 @@ jobs:
           egress-policy: audit
 
       - name: Checkout
-        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
 
         # see all the options at https://github.com/crowdin/github-action
       - name: crowdin action