diff --git a/.github/actions/setup/action.yaml b/.github/actions/setup/action.yaml
index 7c8b672c8..52a435a14 100644
--- a/.github/actions/setup/action.yaml
+++ b/.github/actions/setup/action.yaml
@@ -14,7 +14,7 @@ runs:
     - name: Install mise
       env:
         MISE_VERSION: 2025.7.2 # renovate: datasource=github-releases packageName=jdx/mise
-      uses: jdx/mise-action@5cb1df66ed5e1fb3c670ea0b62fd17a76979826a # v2.3.1
+      uses: jdx/mise-action@c37c93293d6b742fc901e1406b8f764f6fb19dac # v2.4.4
       with:
         version: ${{ env.MISE_VERSION }}
 
diff --git a/.github/workflows/codeql-analysis.yaml b/.github/workflows/codeql-analysis.yaml
index 5a3411d2b..06961fed0 100644
--- a/.github/workflows/codeql-analysis.yaml
+++ b/.github/workflows/codeql-analysis.yaml
@@ -46,7 +46,7 @@ jobs:
 
     steps:
       - name: Checkout repository
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0
         with:
           persist-credentials: false
 
diff --git a/.github/workflows/dependency-review.yaml b/.github/workflows/dependency-review.yaml
index 22e6d31b2..9a08bbc62 100644
--- a/.github/workflows/dependency-review.yaml
+++ b/.github/workflows/dependency-review.yaml
@@ -19,6 +19,6 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout Repository
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0
       - name: Dependency Review
         uses: actions/dependency-review-action@da24556b548a50705dd671f47852072ea4c105d9 # v4.7.1
diff --git a/.github/workflows/github-app.yaml b/.github/workflows/github-app.yaml
index c6ddc3eda..fc2cdb02e 100644
--- a/.github/workflows/github-app.yaml
+++ b/.github/workflows/github-app.yaml
@@ -37,7 +37,7 @@ jobs:
     steps:
       - id: get-workflow-app-token
         name: Get Workflow Access Token
-        uses: actions/create-github-app-token@df432ceedc7162793a195dd1713ff69aefc7379e # v2.0.6
+        uses: actions/create-github-app-token@a8d616148505b5069dccd32f177bb87d7f39123b # v2.1.1
         with:
           app-id: ${{ secrets.APPLICATION_ID }}
           private-key: ${{ secrets.APPLICATION_PRIVATE_KEY }}
diff --git a/.github/workflows/main.yaml b/.github/workflows/main.yaml
index 3a9e2d694..993697dd8 100644
--- a/.github/workflows/main.yaml
+++ b/.github/workflows/main.yaml
@@ -27,7 +27,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: ⤵ Checkout Branch
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0
         with:
           ref: ${{ github.head_ref }}
 
diff --git a/.github/workflows/manage-cache.yaml b/.github/workflows/manage-cache.yaml
index 3839c04a7..bac5a4dff 100644
--- a/.github/workflows/manage-cache.yaml
+++ b/.github/workflows/manage-cache.yaml
@@ -48,7 +48,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: ⤵ Checkout Branch
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0
         with:
           ref: ${{ env.REF }}
 
diff --git a/.github/workflows/manage-issues.yaml b/.github/workflows/manage-issues.yaml
index 60f1a0c4d..e04e50a6a 100644
--- a/.github/workflows/manage-issues.yaml
+++ b/.github/workflows/manage-issues.yaml
@@ -17,7 +17,7 @@ jobs:
     steps:
       - id: get-workflow-app-token
         name: Get Workflow Access Token
-        uses: actions/create-github-app-token@df432ceedc7162793a195dd1713ff69aefc7379e # v2.0.6
+        uses: actions/create-github-app-token@a8d616148505b5069dccd32f177bb87d7f39123b # v2.1.1
         with:
           app-id: ${{ secrets.APPLICATION_ID }}
           private-key: ${{ secrets.APPLICATION_PRIVATE_KEY }}
@@ -62,7 +62,7 @@ jobs:
     steps:
       - id: get-workflow-app-token
         name: Get Workflow Access Token
-        uses: actions/create-github-app-token@df432ceedc7162793a195dd1713ff69aefc7379e # v2.0.6
+        uses: actions/create-github-app-token@a8d616148505b5069dccd32f177bb87d7f39123b # v2.1.1
         with:
           app-id: ${{ secrets.APPLICATION_ID }}
           private-key: ${{ secrets.APPLICATION_PRIVATE_KEY }}
diff --git a/.github/workflows/scorecard.yaml b/.github/workflows/scorecard.yaml
index 078c77dca..3b14630da 100644
--- a/.github/workflows/scorecard.yaml
+++ b/.github/workflows/scorecard.yaml
@@ -30,7 +30,7 @@ jobs:
 
     steps:
       - name: Checkout code
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0
         with:
           persist-credentials: false
 
diff --git a/mise.toml b/mise.toml
index 39828f321..bf7f47fd0 100644
--- a/mise.toml
+++ b/mise.toml
@@ -5,6 +5,6 @@ _.path = [
 ]
 
 [tools]
-node = "22.17.0"
+node = "22.19.0"
 pnpm = "10.15.0"
 python = "3.13.1"