diff --git a/.github/workflows/lint-yaml.yml b/.github/workflows/lint-yaml.yml
index 9b5710cb..3bb1d33f 100644
--- a/.github/workflows/lint-yaml.yml
+++ b/.github/workflows/lint-yaml.yml
@@ -36,7 +36,7 @@ jobs:
             line-length: warning
 
       - name: Install the latest version of uv
-        uses: astral-sh/setup-uv@681c641aba71e4a1c380be3ab5e12ad51f415867 # v7.1.6
+        uses: astral-sh/setup-uv@61cb8a9741eeb8a550a1b8544337180c0fc8476b # v7.2.0
 
       - name: Check GitHub actions
         run: uvx zizmor --min-severity medium .github/workflows/*.yml
diff --git a/zizmor.yml b/zizmor.yml
index afc373cb..a991eaa5 100644
--- a/zizmor.yml
+++ b/zizmor.yml
@@ -4,3 +4,7 @@ rules:
   dangerous-triggers:
     ignore:
       - build_images.yml
+  unpinned-uses:
+    config:
+      policies:
+        actions/*: ref-pin