diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
index 0ec669e7b..969a516b6 100644
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -24,7 +24,7 @@ jobs:
 
     steps:
       - name: Checkout
-        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
 
       - name: Initialize CodeQL
         uses: github/codeql-action/init@v4
diff --git a/package-lock.json b/package-lock.json
index 439a20502..296e789a5 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -31,7 +31,7 @@
         "https-proxy-agent": "7.0.6",
         "ignore": "7.0.5",
         "ini": "6.0.0",
-        "isomorphic-git": "1.36.1",
+        "isomorphic-git": "1.36.3",
         "jose": "6.1.3",
         "livereload-js": "4.0.2",
         "node-fetch": "3.3.2",
@@ -6408,9 +6408,9 @@
       "license": "ISC"
     },
     "node_modules/isomorphic-git": {
-      "version": "1.36.1",
-      "resolved": "https://registry.npmjs.org/isomorphic-git/-/isomorphic-git-1.36.1.tgz",
-      "integrity": "sha512-fC8SRT8MwoaXDK8G4z5biPEbqf2WyEJUb2MJ2ftSd39/UIlsnoZxLGux+lae0poLZO4AEcx6aUVOh5bV+P8zFA==",
+      "version": "1.36.3",
+      "resolved": "https://registry.npmjs.org/isomorphic-git/-/isomorphic-git-1.36.3.tgz",
+      "integrity": "sha512-bHF1nQTjL0IfSo13BHDO8oQ6SvYNQduTAdPJdSmrJ5JwZY2fsyjLujEXav5hqPCegSCAnc75ZsBUHqT/NqR7QA==",
       "license": "MIT",
       "dependencies": {
         "async-lock": "^1.4.1",
diff --git a/package.json b/package.json
index 5a19c09f6..e3e12c0f7 100644
--- a/package.json
+++ b/package.json
@@ -65,7 +65,7 @@
     "https-proxy-agent": "7.0.6",
     "ignore": "7.0.5",
     "ini": "6.0.0",
-    "isomorphic-git": "1.36.1",
+    "isomorphic-git": "1.36.3",
     "jose": "6.1.3",
     "livereload-js": "4.0.2",
     "node-fetch": "3.3.2",