diff --git a/.github/workflows/dependency-update.yml b/.github/workflows/dependency-update.yml
old mode 100755
new mode 100644
index e00b789..15533ba
--- a/.github/workflows/dependency-update.yml
+++ b/.github/workflows/dependency-update.yml
@@ -81,7 +81,7 @@ jobs:
           --enableExperimental
     
     - name: Upload OWASP results
-      uses: actions/upload-artifact@v3
+      uses: actions/upload-artifact@v7
       with:
         name: dependency-check-report
         path: reports/
diff --git a/.github/workflows/ecosystem-compliance-audit.yml b/.github/workflows/ecosystem-compliance-audit.yml
index e84f325..0cb63b7 100644
--- a/.github/workflows/ecosystem-compliance-audit.yml
+++ b/.github/workflows/ecosystem-compliance-audit.yml
@@ -53,7 +53,7 @@ jobs:
           node compliance/audit.js $ARGS
 
       - name: Upload compliance report
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@v7
         with:
           name: compliance-report-${{ github.run_number }}
           path: |
diff --git a/.github/workflows/onepassword-rotation-audit.yml b/.github/workflows/onepassword-rotation-audit.yml
index 61e4969..838fe43 100644
--- a/.github/workflows/onepassword-rotation-audit.yml
+++ b/.github/workflows/onepassword-rotation-audit.yml
@@ -75,7 +75,7 @@ jobs:
 
           echo "status=${status}" >> "$GITHUB_OUTPUT"
       - name: Upload rotation report
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@v7
         with:
           name: onepassword-rotation-report
           path: reports/secret-rotation
diff --git a/.github/workflows/org-governance-autopilot.yml b/.github/workflows/org-governance-autopilot.yml
index 9c26f1c..bcd700f 100644
--- a/.github/workflows/org-governance-autopilot.yml
+++ b/.github/workflows/org-governance-autopilot.yml
@@ -81,7 +81,7 @@ jobs:
 
       - name: Upload governance artifacts
         if: always()
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@v7
         with:
           name: governance-rulesets-${{ github.run_id }}
           path: |
diff --git a/.github/workflows/org-webhook-compliance-audit.yml b/.github/workflows/org-webhook-compliance-audit.yml
index 8a72bb3..d826bc1 100644
--- a/.github/workflows/org-webhook-compliance-audit.yml
+++ b/.github/workflows/org-webhook-compliance-audit.yml
@@ -64,7 +64,7 @@ jobs:
 
       - name: Upload webhook audit artifacts
         if: always()
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@v7
         with:
           name: webhook-audit-${{ github.run_id }}
           path: compliance/webhook-audit
diff --git a/.github/workflows/reusable-package-publish.yml b/.github/workflows/reusable-package-publish.yml
index bef9e2b..d539b7a 100644
--- a/.github/workflows/reusable-package-publish.yml
+++ b/.github/workflows/reusable-package-publish.yml
@@ -72,7 +72,7 @@ jobs:
           npm pack
           echo "tarball=$(ls *.tgz)" >> $GITHUB_OUTPUT
 
-      - uses: actions/upload-artifact@v4
+      - uses: actions/upload-artifact@v7
         with:
           name: package
           path: '*.tgz'