diff --git a/.github/workflows/approve-and-merge.yml b/.github/workflows/approve-and-merge.yml
index bb9bc3c..29f59a8 100644
--- a/.github/workflows/approve-and-merge.yml
+++ b/.github/workflows/approve-and-merge.yml
@@ -19,7 +19,7 @@ jobs:
 
     - name: Generate GitHub application token
       id: generate-application-token
-      uses: peter-murray/workflow-application-token-action@baa1ef2638c3d9e5967b7c8b86219f8fc919e1bb # v3.0.1
+      uses: peter-murray/workflow-application-token-action@8e4e6fbf6fcc8a272781d97597969d21b3812974 # v4.0.0
       with:
         application_id: ${{ secrets.REVIEWER_APPLICATION_ID }}
         application_private_key: ${{ secrets.REVIEWER_APPLICATION_PRIVATE_KEY }}
diff --git a/.github/workflows/dependabot-approve.yml b/.github/workflows/dependabot-approve.yml
index c905d2a..7d7b63a 100644
--- a/.github/workflows/dependabot-approve.yml
+++ b/.github/workflows/dependabot-approve.yml
@@ -18,7 +18,7 @@ jobs:
 
       - name: Generate GitHub application token
         id: generate-application-token
-        uses: peter-murray/workflow-application-token-action@baa1ef2638c3d9e5967b7c8b86219f8fc919e1bb # v3.0.1
+        uses: peter-murray/workflow-application-token-action@8e4e6fbf6fcc8a272781d97597969d21b3812974 # v4.0.0
         with:
           application_id: ${{ secrets.REVIEWER_APPLICATION_ID }}
           application_private_key: ${{ secrets.REVIEWER_APPLICATION_PRIVATE_KEY }}