diff --git a/.github/workflows/e2e.yml b/.github/workflows/e2e.yml
index 5ea50ad..95443cd 100644
--- a/.github/workflows/e2e.yml
+++ b/.github/workflows/e2e.yml
@@ -60,7 +60,7 @@ jobs:
           github-token: ${{ steps.get_token.outputs.token }}
           cluster-name:  ${{ env.SERVERLESS_PROJECT }}
 
-      - uses: google-github-actions/get-secretmanager-secrets@e5bb06c2ca53b244f978d33348d18317a7f263ce # v2.2.2
+      - uses: google-github-actions/get-secretmanager-secrets@a8440875e1c2892062aef9061228d4f1af8f919b # v2.2.3
         with:
           export_to_environment: true
           secrets: |-
diff --git a/.github/workflows/prerelease.yml b/.github/workflows/prerelease.yml
index f6e4f0f..ff082cd 100644
--- a/.github/workflows/prerelease.yml
+++ b/.github/workflows/prerelease.yml
@@ -33,12 +33,12 @@ jobs:
         name: Release
         
       - name: Generate build provenance (Distribution)
-        uses: actions/attest-build-provenance@7668571508540a607bdfd90a87a560489fe372eb  # v2.1.0
+        uses: actions/attest-build-provenance@520d128f165991a6c774bcb264f323e3d70747f4  # v2.2.0
         with:
           subject-path: "${{ github.workspace }}/${{ env.RELEASE_DISTRO }}"
           
       - name: Generate build provenance (Packages)
-        uses: actions/attest-build-provenance@7668571508540a607bdfd90a87a560489fe372eb  # v2.1.0
+        uses: actions/attest-build-provenance@520d128f165991a6c774bcb264f323e3d70747f4  # v2.2.0
         with:
           subject-path: "${{ github.workspace }}/${{ env.RELEASE_PACKAGES }}"
 
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 67909b4..21a327e 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -41,17 +41,17 @@ jobs:
       run: ls -al ${{ env.RELEASE_DISTRO }}
       
     - name: Generate build provenance (Distribution)
-      uses: actions/attest-build-provenance@7668571508540a607bdfd90a87a560489fe372eb  # v2.1.0
+      uses: actions/attest-build-provenance@520d128f165991a6c774bcb264f323e3d70747f4  # v2.2.0
       with:
         subject-path: "${{ github.workspace }}/${{ env.RELEASE_DISTRO }}"
 
     - name: Generate build provenance (Packages)
-      uses: actions/attest-build-provenance@7668571508540a607bdfd90a87a560489fe372eb  # v2.1.0
+      uses: actions/attest-build-provenance@520d128f165991a6c774bcb264f323e3d70747f4  # v2.2.0
       with:
         subject-path: "${{ github.workspace }}/${{ env.RELEASE_PACKAGES }}"
         
     - name: Set up Docker Buildx
-      uses: docker/setup-buildx-action@6524bf65af31da8d45b59e8c27de4bd072b392f5 # v3.8.0
+      uses: docker/setup-buildx-action@f7ce87c1d6bead3e36075b2ce75da1f6cc28aaca # v3.9.0
 
     - name: Log in to the Elastic Container registry
       uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0
@@ -80,7 +80,7 @@ jobs:
     - name: Build and Push Profiler Docker Image
       id: docker-push
       continue-on-error: true # continue for now until we see it working in action
-      uses: docker/build-push-action@48aba3b46d1b1fec4febb7c5d0c644b249a11355  # v6.10.0
+      uses: docker/build-push-action@ca877d9245402d1537745e0e356eab47c3520991  # v6.13.0
       with:
         cache-from: type=gha
         cache-to: type=gha,mode=max
@@ -91,7 +91,7 @@ jobs:
         labels: ${{ steps.docker-meta.outputs.labels }}
 
     - name: Attest image
-      uses: actions/attest-build-provenance@7668571508540a607bdfd90a87a560489fe372eb  # v2.1.0
+      uses: actions/attest-build-provenance@520d128f165991a6c774bcb264f323e3d70747f4  # v2.2.0
       continue-on-error: true # continue for now until we see it working in action
       with:
         subject-name: ${{ env.DOCKER_IMAGE_NAME }}