diff --git a/.github/workflows/image-minimizer.yml b/.github/workflows/image-minimizer.yml
index 1d07cadd..567a5377 100644
--- a/.github/workflows/image-minimizer.yml
+++ b/.github/workflows/image-minimizer.yml
@@ -1,6 +1,3 @@
-# This workflow has write permissions on the repo
-# It MUST NOT check out a PR and run untrusted code
- 
 name: Image Minimizer
 
 on:
@@ -8,7 +5,7 @@ on:
     types: [created, edited]
   issues:
     types: [opened, edited]
-  pull_request_target:
+  pull_request:
     types: [opened, edited]
 
 permissions:
@@ -22,9 +19,9 @@ jobs:
       pull-requests: write
 
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
 
-      - uses: actions/setup-node@v3
+      - uses: actions/setup-node@v4
         with:
           node-version: 16
 
@@ -32,7 +29,7 @@ jobs:
         run: npm i probe-image-size@7.2.3 --ignore-scripts
 
       - name: Minimize simple images
-        uses: actions/github-script@v6
+        uses: actions/github-script@v7
         timeout-minutes: 3
         with:
           script: |