diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index db3809d6..437d739e 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -16,7 +16,7 @@ permissions: read-all
 
 jobs:
   build:
-    uses: miracum/.github/.github/workflows/standard-build.yaml@6e79e87ffce2b28fa1052cbe3ac78f9ab7a2ea77 # v1.11.3
+    uses: miracum/.github/.github/workflows/standard-build.yaml@a4eaba9236579e026f335874deae5bc70651c15c # v1.12.0
     permissions:
       contents: read
       id-token: write
@@ -148,14 +148,14 @@ jobs:
 
       - name: Upload cluster dump
         if: always()
-        uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # v4.3.4
+        uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4.3.6
         with:
           name: kind-cluster-dump.txt
           path: |
             kind-cluster-dump.txt
 
   lint:
-    uses: miracum/.github/.github/workflows/standard-lint.yaml@6e79e87ffce2b28fa1052cbe3ac78f9ab7a2ea77 # v1.11.3
+    uses: miracum/.github/.github/workflows/standard-lint.yaml@a4eaba9236579e026f335874deae5bc70651c15c # v1.12.0
     permissions:
       contents: read
       pull-requests: write
@@ -170,7 +170,7 @@ jobs:
       github-token: ${{ secrets.GITHUB_TOKEN }}
 
   release:
-    uses: miracum/.github/.github/workflows/standard-release.yaml@6e79e87ffce2b28fa1052cbe3ac78f9ab7a2ea77 # v1.11.3
+    uses: miracum/.github/.github/workflows/standard-release.yaml@a4eaba9236579e026f335874deae5bc70651c15c # v1.12.0
     needs:
       - lint
       - build
diff --git a/.github/workflows/schedule.yaml b/.github/workflows/schedule.yaml
index 5511d6b4..6cc854a5 100644
--- a/.github/workflows/schedule.yaml
+++ b/.github/workflows/schedule.yaml
@@ -10,7 +10,7 @@ permissions: read-all
 
 jobs:
   schedule:
-    uses: miracum/.github/.github/workflows/standard-schedule.yaml@6e79e87ffce2b28fa1052cbe3ac78f9ab7a2ea77 # v1.11.3
+    uses: miracum/.github/.github/workflows/standard-schedule.yaml@a4eaba9236579e026f335874deae5bc70651c15c # v1.12.0
     permissions:
       contents: read
       issues: write
diff --git a/.github/workflows/scorecard.yaml b/.github/workflows/scorecard.yaml
index 46a52a6c..e3efa341 100644
--- a/.github/workflows/scorecard.yaml
+++ b/.github/workflows/scorecard.yaml
@@ -59,7 +59,7 @@ jobs:
       # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
       # format to the repository Actions tab.
       - name: "Upload artifact"
-        uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # v4.3.4
+        uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4.3.6
         with:
           name: SARIF file
           path: results.sarif
@@ -67,6 +67,6 @@ jobs:
 
       # Upload the results to GitHub's code scanning dashboard.
       - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@afb54ba388a7dca6ecae48f608c4ff05ff4cc77a # v3.25.15
+        uses: github/codeql-action/upload-sarif@2c779ab0d087cd7fe7b826087247c2c81f27bfa6 # v3.26.5
         with:
           sarif_file: results.sarif
diff --git a/.github/workflows/validate-fhir-resources.yaml b/.github/workflows/validate-fhir-resources.yaml
index 73ac9c5f..5ee0a068 100644
--- a/.github/workflows/validate-fhir-resources.yaml
+++ b/.github/workflows/validate-fhir-resources.yaml
@@ -12,7 +12,7 @@ jobs:
   validate-fhir-resource:
     name: Validate FHIR resources
     runs-on: ubuntu-22.04
-    container: ghcr.io/miracum/ig-build-tools:v2.1.3@sha256:171494f5e32d29c2865e071359e17f96a73fdfff7652e354a05a83c5582cc4c7
+    container: ghcr.io/miracum/ig-build-tools:v2.1.5@sha256:4571ddd801664e2ee8883ae9c22f88d2c5dfe1175b1e93f042ae8bfa9a7e185a
     steps:
       - name: Checkout code
         uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7