diff --git a/.github/workflows/analysis.yml b/.github/workflows/analysis.yml
index d15f7ef..eacc8bb 100644
--- a/.github/workflows/analysis.yml
+++ b/.github/workflows/analysis.yml
@@ -29,7 +29,7 @@ jobs:
       - uses: actions/checkout@v6
 
       - name: Run Trivy vulnerability scanner in repo mode
-        uses: aquasecurity/trivy-action@0.35.0
+        uses: aquasecurity/trivy-action@v0.36.0
         with:
           format: "sarif"
           output: "trivy-results.sarif"
diff --git a/.github/workflows/merge.yml b/.github/workflows/merge.yml
index 62e6c59..4b7b0d6 100644
--- a/.github/workflows/merge.yml
+++ b/.github/workflows/merge.yml
@@ -25,7 +25,7 @@ jobs:
     steps:
       - uses: actions/checkout@v6
       - name: Conventional Changelog Update
-        uses: TriPSs/conventional-changelog-action@91be4f3188da74fe85de9caffcebc80b26d43b5b # v6.3.0
+        uses: TriPSs/conventional-changelog-action@952b14bbc4be87e8458a6ac5926fc655608b1b19 # v6.3.1
         id: changelog
         with:
           github-token: ${{ github.token }}