diff --git a/.github/workflows/code-analysis.yml b/.github/workflows/code-analysis.yml
index c070c8e..78b43db 100644
--- a/.github/workflows/code-analysis.yml
+++ b/.github/workflows/code-analysis.yml
@@ -9,9 +9,9 @@ jobs:
   spectral:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@ee0669bd1cc54295c223e0bb666b733df41de1c5 # v2
       - name: CloudGuard Code Security Scan
-        uses: checkpointsw/spectral-github-action@v4
+        uses: checkpointsw/spectral-github-action@9650ea07069ebcb84dcd16236c9c241012ec7f83 # v4
         with:
           spectral-dsn: ${{ env.SPECTRAL_DSN }}
           spectral-args: scan --fail-on-error --engines secrets,iac,oss --asset-mapping github.${{ github.repository_owner }}