diff --git a/.github/workflows/labeler.yml b/.github/workflows/labeler.yml
index 8d02c13..734674f 100644
--- a/.github/workflows/labeler.yml
+++ b/.github/workflows/labeler.yml
@@ -18,7 +18,7 @@ jobs:
         # only use hashes to pick the action to execute (instead of tags or branches).
         # For more details read:
         # https://securitylab.github.com/research/github-actions-preventing-pwn-requests/
-        uses: actions/labeler@634933edcd8ababfe52f92936142cc22ac488b1b  # 6.0.1
+        uses: actions/labeler@f27b608878404679385c85cfa523b85ccb86e213  # 6.1.0
         with:
           repo-token: "${{ secrets.GITHUB_TOKEN }}"
           dot: true
diff --git a/.github/workflows/repo-config-migration.yaml b/.github/workflows/repo-config-migration.yaml
index f978a0a..ac910e6 100644
--- a/.github/workflows/repo-config-migration.yaml
+++ b/.github/workflows/repo-config-migration.yaml
@@ -47,7 +47,7 @@ jobs:
           app-id: ${{ secrets.FREQUENZ_AUTO_DEPENDABOT_APP_ID }}
           private-key: ${{ secrets.FREQUENZ_AUTO_DEPENDABOT_APP_PRIVATE_KEY }}
       - name: Migrate
-        uses: frequenz-floss/gh-action-dependabot-migrate@b389f72f9282346920150a67495efbae450ac07b # v1.1.0
+        uses: frequenz-floss/gh-action-dependabot-migrate@45994e185a9040449304a470e8f02d0e197873b4 # v1.1.1
         with:
           script-url-template: >-
             https://raw.githubusercontent.com/frequenz-floss/frequenz-repo-config-python/{version}/cookiecutter/migrate.py