diff --git a/.github/workflows/ci-standard-checks-workflow.yaml b/.github/workflows/ci-standard-checks-workflow.yaml
index 3855f6b..e233709 100644
--- a/.github/workflows/ci-standard-checks-workflow.yaml
+++ b/.github/workflows/ci-standard-checks-workflow.yaml
@@ -29,7 +29,7 @@ jobs:
     runs-on: [ "${{ inputs.runner }}" ]
     steps:
       - name: Check Out Source Code
-        uses: actions/checkout@v6
+        uses: actions/checkout@v7
         with:
           fetch-depth: 0
       - uses: actions/setup-node@v6
diff --git a/.github/workflows/create-github-release.yaml b/.github/workflows/create-github-release.yaml
index 0061b8d..700af4f 100644
--- a/.github/workflows/create-github-release.yaml
+++ b/.github/workflows/create-github-release.yaml
@@ -15,7 +15,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
-        uses: actions/checkout@v6
+        uses: actions/checkout@v7
 
       - uses: go-semantic-release/action@v1
         with:
diff --git a/.github/workflows/frontend-library-pr-release-workflow.yml b/.github/workflows/frontend-library-pr-release-workflow.yml
index 8ec392f..4d61ced 100644
--- a/.github/workflows/frontend-library-pr-release-workflow.yml
+++ b/.github/workflows/frontend-library-pr-release-workflow.yml
@@ -83,7 +83,7 @@ jobs:
     
     steps:
       - name: Check out Git repository
-        uses: actions/checkout@v6
+        uses: actions/checkout@v7
         with:
           fetch-depth: 0  # Required for SonarCloud and semantic-release
       
diff --git a/.github/workflows/go-lint-workflow.yaml b/.github/workflows/go-lint-workflow.yaml
index 8744c6e..bd173af 100644
--- a/.github/workflows/go-lint-workflow.yaml
+++ b/.github/workflows/go-lint-workflow.yaml
@@ -54,10 +54,10 @@ jobs:
 
     steps:
       - name: Check out Git repository
-        uses: actions/checkout@v6
+        uses: actions/checkout@v7
 
       - name: Check out repository containing linter config
-        uses: actions/checkout@v6
+        uses: actions/checkout@v7
         with:
           repository: ${{ inputs.golangci-lint-config-repo }}
           ref: ${{ inputs.golangci-lint-config-repo-ref }}
diff --git a/.github/workflows/graphql-generate-persisted-operations.yml b/.github/workflows/graphql-generate-persisted-operations.yml
index b6ca1a9..eb5fab4 100644
--- a/.github/workflows/graphql-generate-persisted-operations.yml
+++ b/.github/workflows/graphql-generate-persisted-operations.yml
@@ -26,7 +26,7 @@ jobs:
 
     steps:
       - name: Checkout code
-        uses: actions/checkout@v6
+        uses: actions/checkout@v7
 
       - name: Set up Node.js
         uses: actions/setup-node@v6
diff --git a/.github/workflows/image-multiarch.yaml b/.github/workflows/image-multiarch.yaml
index 460f7c0..40c8775 100644
--- a/.github/workflows/image-multiarch.yaml
+++ b/.github/workflows/image-multiarch.yaml
@@ -60,7 +60,7 @@ jobs:
     runs-on: [ "${{ inputs.runner }}" ]
     steps:
       - name: Checkout
-        uses: actions/checkout@v6
+        uses: actions/checkout@v7
       - name: Set up QEMU
         if: ${{ contains(inputs.platforms, ',') }}
         uses: docker/setup-qemu-action@v4
diff --git a/.github/workflows/plantuml.yml b/.github/workflows/plantuml.yml
index 748e198..f26114e 100644
--- a/.github/workflows/plantuml.yml
+++ b/.github/workflows/plantuml.yml
@@ -19,7 +19,7 @@ jobs:
     runs-on: ubuntu-latest
     if: ${{ github.actor != 'dependabot[bot]' }}
     steps:
-      - uses: actions/checkout@v6
+      - uses: actions/checkout@v7
         with:
           # Checkout the Pull Request branch, so that we are not in a detached head state.
           # and can push the re-generated diagrams to the HEAD of the same branch.
diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml
index d44f4b1..620c389 100644
--- a/.github/workflows/release.yaml
+++ b/.github/workflows/release.yaml
@@ -7,7 +7,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
-        uses: actions/checkout@v6
+        uses: actions/checkout@v7
       - name: Update major version tag
         run: |
           git config --global user.email "security@typeform.com"
diff --git a/.github/workflows/sonarcloud-scan.yml b/.github/workflows/sonarcloud-scan.yml
index 97b3802..5fcb695 100644
--- a/.github/workflows/sonarcloud-scan.yml
+++ b/.github/workflows/sonarcloud-scan.yml
@@ -63,7 +63,7 @@ jobs:
     
     steps:
       - name: Check out Git repository
-        uses: actions/checkout@v6
+        uses: actions/checkout@v7
         with:
           fetch-depth: 0  # Required for SonarCloud to analyze git history
       
diff --git a/shared-actions/run-cypress-functional/action.yml b/shared-actions/run-cypress-functional/action.yml
index ffca8b1..f20d86a 100644
--- a/shared-actions/run-cypress-functional/action.yml
+++ b/shared-actions/run-cypress-functional/action.yml
@@ -71,7 +71,7 @@ runs:
   using: 'composite'
   steps:
     - name: Check out Git repository
-      uses: actions/checkout@v6
+      uses: actions/checkout@v7
     
     - name: Setup Node with Cache
       uses: Typeform/.github/shared-actions/setup-node-with-cache@v1
diff --git a/shared-actions/run-cypress-visual/action.yml b/shared-actions/run-cypress-visual/action.yml
index 0a06b6c..466a248 100644
--- a/shared-actions/run-cypress-visual/action.yml
+++ b/shared-actions/run-cypress-visual/action.yml
@@ -89,7 +89,7 @@ runs:
   using: 'composite'
   steps:
     - name: Check out Git repository
-      uses: actions/checkout@v6
+      uses: actions/checkout@v7
     
     - name: Setup Node with Cache
       uses: Typeform/.github/shared-actions/setup-node-with-cache@v1
diff --git a/shared-actions/run-playwright-visual/action.yml b/shared-actions/run-playwright-visual/action.yml
index 12d6e30..72477e9 100644
--- a/shared-actions/run-playwright-visual/action.yml
+++ b/shared-actions/run-playwright-visual/action.yml
@@ -92,7 +92,7 @@ runs:
   using: 'composite'
   steps:
     - name: Check out Git repository
-      uses: actions/checkout@v6
+      uses: actions/checkout@v7
 
     - name: Setup Node with Cache
       uses: Typeform/.github/shared-actions/setup-node-with-cache@v1
diff --git a/workflow-templates/frontend-canary-cleanup.yml b/workflow-templates/frontend-canary-cleanup.yml
index c528a4f..253546f 100644
--- a/workflow-templates/frontend-canary-cleanup.yml
+++ b/workflow-templates/frontend-canary-cleanup.yml
@@ -20,7 +20,7 @@ jobs:
           echo "Deploy was not successful, deploy workflow exited with status:  ${{ github.event.workflow_run.conclusion}}. You may need to revert your PR."
 
       - name: Check out Git repository
-        uses: actions/checkout@v6
+        uses: actions/checkout@v7
 
       - name: Set up Node.js
         uses: actions/setup-node@v6
diff --git a/workflow-templates/library-checks-and-release.yml b/workflow-templates/library-checks-and-release.yml
index 8e4cce3..9a0fbcc 100644
--- a/workflow-templates/library-checks-and-release.yml
+++ b/workflow-templates/library-checks-and-release.yml
@@ -21,7 +21,7 @@ jobs:
 
     steps:
       - name: Check out Git repository
-        uses: actions/checkout@v6
+        uses: actions/checkout@v7
 
       - name: Set up Node.js
         uses: actions/setup-node@v6
diff --git a/workflow-templates/secrets-scan.yml b/workflow-templates/secrets-scan.yml
index 3262b5b..256cc45 100644
--- a/workflow-templates/secrets-scan.yml
+++ b/workflow-templates/secrets-scan.yml
@@ -11,9 +11,9 @@ jobs:
 
     steps:
       - name: Check Out Source Code
-        uses: actions/checkout@v6
+        uses: actions/checkout@v7
         with:
-          # By default, actions/checkout@v6 does a shallow clone with
+          # By default, actions/checkout@v7 does a shallow clone with
           # depth 1. 0 means 'fetch the whole history'. We use it here
           # since we don't know how many commits a PR could have. If
           # you're repo is very large and cloning is slow, you could