diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 151eacd..7df2a9c 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -21,11 +21,11 @@ jobs:
     steps:
       # Pin to SHA commit hash instead of mutable tag for supply chain security
       # Dependabot will automatically update this when new versions are released
-      - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3  # v6.0.0
+      - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8  # v6.0.1
 
       - name: Load GitHub credentials from 1Password
         id: load-github-credentials
-        uses: 1password/load-secrets-action@13f58eec611f8e5db52ec16247f58c508398f3e6  # v3.0.0
+        uses: 1password/load-secrets-action@8d0d610af187e78a2772c2d18d627f4c52d3fbfb  # v3.1.0
         with:
           export-env: false
         env: