diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index c5bf39ef..76bcebe8 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -28,7 +28,7 @@ jobs:
       - name: install cairo
         run: sudo apt-get install libcairo2-dev -y
       - name: checkout code
-        uses: actions/checkout@v5
+        uses: actions/checkout@v6
       - name: test
         run: make test
       - name: govulncheck
diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
index 0de62b7c..8c297616 100644
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -57,7 +57,7 @@ jobs:
         # your codebase is analyzed, see https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages
     steps:
     - name: Checkout repository
-      uses: actions/checkout@v5
+      uses: actions/checkout@v6
 
     # Initializes the CodeQL tools for scanning.
     - name: Initialize CodeQL