diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index 4d58ae4..0ffe005 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -32,7 +32,7 @@ jobs:
           cache: pip
 
       - name: Set up uv
-        uses: astral-sh/setup-uv@ba17a16c0afc72ea47311891c76009518d0cf1aa
+        uses: astral-sh/setup-uv@ed07c7622496a021a7c05439fd0c5f19a610125b
 
       - name: Generate coverage report
         run: |
@@ -54,7 +54,7 @@ jobs:
 
       - name: SonarQube scan
         if: ${{ secrets.SONAR_TOKEN != '' && secrets.SONAR_PROJECT_KEY != '' && secrets.SONAR_ORGANIZATION != '' }}
-        uses: SonarSource/sonarqube-scan-action@59db25f34e16620e48ab4bb9e4a5dce155cb5432
+        uses: SonarSource/sonarqube-scan-action@7006c4492b2e0ee0f816d36501671557c97f5995
         with:
           args: >
             -Dsonar.projectKey=${{ secrets.SONAR_PROJECT_KEY }}
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 530dfdf..8da3d52 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -30,7 +30,7 @@ jobs:
           cache: pip
 
       - name: Set up uv
-        uses: astral-sh/setup-uv@ba17a16c0afc72ea47311891c76009518d0cf1aa
+        uses: astral-sh/setup-uv@ed07c7622496a021a7c05439fd0c5f19a610125b
 
       - name: Run test suite
         run: uv run --with-requirements requirements.txt python -m unittest discover -s tests -p 'test_*.py'