diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml
index cde3a60..3fe1097 100644
--- a/.github/workflows/scorecards.yml
+++ b/.github/workflows/scorecards.yml
@@ -30,7 +30,7 @@ jobs:
         env:
           SCORECARD_READ_TOKEN: ${{ secrets.SCORECARD_READ_TOKEN }}
         if: env.SCORECARD_READ_TOKEN != null
-        uses: ossf/scorecard-action@f10ec7151e838890a3fbfa27875a33f80869977b # v1.0.4
+        uses: ossf/scorecard-action@6c071aca8599d63e8125a51b6b698c0f9e75bc54 # v1.0.4
         with:
           results_file: results.sarif
           results_format: sarif
diff --git a/Dockerfile b/Dockerfile
index 411382e..c4422b2 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -14,7 +14,7 @@ COPY            . ./
 RUN             make install
 
 # minimalist runtime
-FROM alpine:3.15.4
+FROM alpine:3.16.0
 LABEL           org.label-schema.build-date=$BUILD_DATE \
                 org.label-schema.name="golang-repo-template" \
                 org.label-schema.description="" \