diff --git a/.github/workflows/dependency_review.yml b/.github/workflows/dependency_review.yml
index 0aa6eef..4e30fa9 100644
--- a/.github/workflows/dependency_review.yml
+++ b/.github/workflows/dependency_review.yml
@@ -2,6 +2,10 @@ name: Dependency Review
 
 on: [pull_request]
 
+permissions:
+  contents: read
+  pull-requests: write
+
 jobs:
   dependency_review:
-    uses: route06/actions/.github/workflows/dependency_review.yml@55b3a3db392059a08cee1d8c1b4b022e14c7ceda # v2.5.0
+    uses: route06/actions/.github/workflows/dependency_review.yml@155715656c4cd9079f1213d08d058e78dd00cae7 # v2.6.0
diff --git a/.github/workflows/schedule.yml b/.github/workflows/schedule.yml
index 7d351e6..9e8263f 100644
--- a/.github/workflows/schedule.yml
+++ b/.github/workflows/schedule.yml
@@ -11,7 +11,7 @@ jobs:
       checks: read
       contents: read
       security-events: write
-    uses: route06/actions/.github/workflows/codeql_core.yml@55b3a3db392059a08cee1d8c1b4b022e14c7ceda # v2.5.0
+    uses: route06/actions/.github/workflows/codeql_core.yml@155715656c4cd9079f1213d08d058e78dd00cae7 # v2.6.0
     with:
       language: "go"
   pushover:
diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
index e5a3bf8..25d5c84 100644
--- a/.github/workflows/test.yml
+++ b/.github/workflows/test.yml
@@ -29,7 +29,7 @@ jobs:
       checks: read
       contents: read
       security-events: write
-    uses: route06/actions/.github/workflows/codeql.yml@55b3a3db392059a08cee1d8c1b4b022e14c7ceda # v2.5.0
+    uses: route06/actions/.github/workflows/codeql.yml@155715656c4cd9079f1213d08d058e78dd00cae7 # v2.6.0
   test:
     runs-on: ubuntu-latest
     timeout-minutes: 5