diff --git a/.github/workflows/package.yml b/.github/workflows/package.yml
index 6a9f358f..a2b9afaf 100644
--- a/.github/workflows/package.yml
+++ b/.github/workflows/package.yml
@@ -26,11 +26,11 @@ jobs:
     # Pin your dependencies with https://github.com/mheap/pin-github-action
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@0d381219ddf674d61a7572ddd19d7941e271515c # pin@v2
+        uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # pin@v2
         with:
           egress-policy: audit
 
-      - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # pin@v4
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # pin@v4
 
       # Determine which PPA we should upload to
       - name: PPA
@@ -101,7 +101,7 @@ jobs:
           args: --no-sign
           ppa: ${{ steps.ppa.outputs.ppa }}
 
-      - uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # pin@v4
+      - uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # pin@v4
         with:
           name: Packages for ${{ matrix.distro }}
           path: output