diff --git a/.github/workflows/tn-p1.yml b/.github/workflows/tn-p1.yml
index 519501f4..646d9893 100644
--- a/.github/workflows/tn-p1.yml
+++ b/.github/workflows/tn-p1.yml
@@ -23,7 +23,7 @@ jobs:
       checks: write
       pull-requests: write
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
 
       - uses: actions/setup-node@v4
         with:
diff --git a/.github/workflows/tn-snapshot.yml b/.github/workflows/tn-snapshot.yml
index 0230e9f7..d1f8492f 100644
--- a/.github/workflows/tn-snapshot.yml
+++ b/.github/workflows/tn-snapshot.yml
@@ -12,7 +12,7 @@ jobs:
       contents: read
       packages: write
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
 
       - uses: actions/setup-node@v4
         with:
diff --git a/.github/workflows/tn.yml b/.github/workflows/tn.yml
index 5749b958..51e8f6f5 100644
--- a/.github/workflows/tn.yml
+++ b/.github/workflows/tn.yml
@@ -26,7 +26,7 @@ jobs:
     # dependabot created branch has a very long name, which will cause issue for SonarCloud
     if: "!startsWith(github.head_ref, 'dependabot/')"
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
         with:
           fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis
       - uses: actions/download-artifact@v3
@@ -49,7 +49,7 @@ jobs:
     runs-on: ubuntu-latest
     if: github.event_name == 'push' && (contains(fromJson('["main", "ci-testing"]'), github.ref_name) || github.ref_type == 'tag' )
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
       - uses: actions/download-artifact@v3
         with:
           name: token-negotiator-dist