diff --git a/.github/workflows/check-ci-cd-auth.yml b/.github/workflows/check-ci-cd-auth.yml
index 58f5f6a5..4a54b9e9 100644
--- a/.github/workflows/check-ci-cd-auth.yml
+++ b/.github/workflows/check-ci-cd-auth.yml
@@ -21,7 +21,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout code
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
       - name: Configure AWS credentials
         uses: aws-actions/configure-aws-credentials@v3
         with:
diff --git a/.github/workflows/ci-docs.yml b/.github/workflows/ci-docs.yml
index 8ce042be..0a28f1d7 100644
--- a/.github/workflows/ci-docs.yml
+++ b/.github/workflows/ci-docs.yml
@@ -6,15 +6,14 @@ on:
       - main
   pull_request:
 
-
 jobs:
   lint-markdown:
     name: Lint markdown
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
       # This is the GitHub Actions-friendly port of the linter used in the Makefile.
       - uses: gaurav-nelson/github-action-markdown-link-check@1.0.15
         with:
-          use-quiet-mode: 'yes'  # errors only.
-          config-file: '.github/workflows/markdownlint-config.json'
+          use-quiet-mode: "yes" # errors only.
+          config-file: ".github/workflows/markdownlint-config.json"
diff --git a/.github/workflows/ci-infra-service.yml b/.github/workflows/ci-infra-service.yml
index 6e3bed7c..7c486c99 100644
--- a/.github/workflows/ci-infra-service.yml
+++ b/.github/workflows/ci-infra-service.yml
@@ -28,7 +28,7 @@ jobs:
       id-token: write
 
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
 
       - uses: hashicorp/setup-terraform@v2
         with:
diff --git a/.github/workflows/ci-infra.yml b/.github/workflows/ci-infra.yml
index f7f9a4bf..d9e4698d 100644
--- a/.github/workflows/ci-infra.yml
+++ b/.github/workflows/ci-infra.yml
@@ -21,7 +21,7 @@ jobs:
     name: Lint GitHub Actions workflows
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
       - name: Download actionlint
         id: get_actionlint
         run: bash <(curl https://raw.githubusercontent.com/rhysd/actionlint/main/scripts/download-actionlint.bash)
@@ -33,14 +33,14 @@ jobs:
     name: Lint scripts
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
       - name: Shellcheck
         run: make infra-lint-scripts
   check-terraform-format:
     name: Check Terraform format
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
       - uses: hashicorp/setup-terraform@v2
         with:
           terraform_version: 1.8.3
@@ -53,7 +53,7 @@ jobs:
     name: Validate Terraform modules
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
       - uses: hashicorp/setup-terraform@v2
         with:
           terraform_version: 1.8.3
@@ -64,7 +64,7 @@ jobs:
     name: Check compliance with checkov
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
       - uses: actions/setup-python@v4
         with:
           python-version: "3.10"
@@ -88,7 +88,7 @@ jobs:
       pull-requests: write
 
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
       - name: Run tfsec check
         uses: aquasecurity/tfsec-pr-commenter-action@v1.2.0
         with:
diff --git a/.github/workflows/database-migrations.yml b/.github/workflows/database-migrations.yml
index dc61e264..aa228c72 100644
--- a/.github/workflows/database-migrations.yml
+++ b/.github/workflows/database-migrations.yml
@@ -31,7 +31,7 @@ jobs:
       id-token: write
 
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
 
       - name: Configure AWS credentials
         uses: ./.github/actions/configure-aws-credentials
diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml
index c5b4b6e0..e46b8767 100644
--- a/.github/workflows/deploy.yml
+++ b/.github/workflows/deploy.yml
@@ -31,7 +31,7 @@ jobs:
       contents: read
       id-token: write
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
 
       - name: Configure AWS credentials
         uses: ./.github/actions/configure-aws-credentials
diff --git a/.github/workflows/template-only-cd.yml b/.github/workflows/template-only-cd.yml
index a00e680a..261a8004 100644
--- a/.github/workflows/template-only-cd.yml
+++ b/.github/workflows/template-only-cd.yml
@@ -22,11 +22,11 @@ jobs:
           - navapbc/platform-test-nextjs
     steps:
       - name: Checkout template-infra repo
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
         with:
           path: template-infra
       - name: Checkout project repo
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
         with:
           path: project-repo
           repository: ${{ matrix.project_repo }}
diff --git a/.github/workflows/template-only-ci-app.yml b/.github/workflows/template-only-ci-app.yml
index dd2025cf..67f7fe70 100644
--- a/.github/workflows/template-only-ci-app.yml
+++ b/.github/workflows/template-only-ci-app.yml
@@ -19,6 +19,6 @@ jobs:
     runs-on: ubuntu-latest
 
     steps:
-    - uses: actions/checkout@v3
+    - uses: actions/checkout@v4
     - name: Run build
       run: make release-build
diff --git a/.github/workflows/template-only-ci-infra.yml b/.github/workflows/template-only-ci-infra.yml
index 37bf248d..d8538bdd 100644
--- a/.github/workflows/template-only-ci-infra.yml
+++ b/.github/workflows/template-only-ci-infra.yml
@@ -24,7 +24,7 @@ jobs:
     name: Lint template scripts
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
       - name: Shellcheck
         run: make -f template-only.mak lint-template-scripts
   test:
@@ -32,7 +32,7 @@ jobs:
     runs-on: ubuntu-latest
 
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
       - uses: hashicorp/setup-terraform@v2
         with:
           terraform_version: 1.8.3
diff --git a/.github/workflows/vulnerability-scans.yml b/.github/workflows/vulnerability-scans.yml
index 53e5968f..232f34b6 100644
--- a/.github/workflows/vulnerability-scans.yml
+++ b/.github/workflows/vulnerability-scans.yml
@@ -18,7 +18,7 @@ jobs:
     runs-on: ubuntu-latest
 
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
 
       # Scans Dockerfile for any bad practices or issues
       - name: Scan Dockerfile by hadolint
@@ -37,7 +37,7 @@ jobs:
     runs-on: ubuntu-latest
 
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
 
       - name: Build and tag Docker image for scanning
         id: build-image
@@ -67,7 +67,7 @@ jobs:
     runs-on: ubuntu-latest
 
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
 
       - name: Build and tag Docker image for scanning
         id: build-image
@@ -91,7 +91,7 @@ jobs:
     runs-on: ubuntu-latest
 
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
 
       - name: Build and tag Docker image for scanning
         id: build-image