diff --git a/.github/workflows/push.yml b/.github/workflows/push.yml
index 717ad01..fc754e4 100644
--- a/.github/workflows/push.yml
+++ b/.github/workflows/push.yml
@@ -140,7 +140,7 @@ jobs:
       security-events: write
     steps:
       - name: run trivy vulnerability scanner
-        uses: aquasecurity/trivy-action@915b19bbe73b92a6cf82a1bc12b087c9a19a5fe2
+        uses: aquasecurity/trivy-action@0.29.0
         with:
           image-ref: 'ghcr.io/${{ github.repository }}:${{ needs.branch_meta.outputs.sha }}'
           format: 'sarif'
@@ -155,4 +155,4 @@ jobs:
         if: ${{ always() }}
         uses: github/codeql-action/upload-sarif@v3
         with:
-          sarif_file: 'trivy-results.sarif'
\ No newline at end of file
+          sarif_file: 'trivy-results.sarif'
diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
index f6605b7..5018886 100644
--- a/.github/workflows/test.yml
+++ b/.github/workflows/test.yml
@@ -66,7 +66,7 @@ jobs:
           distribution: 'temurin'
           java-version: '21'
       - name: SonarCloud upload coverage
-        uses: SonarSource/sonarcloud-github-action@v3.0.0
+        uses: SonarSource/sonarcloud-github-action@v4.0.0
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
           SONAR_TOKEN: ${{ secrets.SONARCLOUD_TOKEN }}