diff --git a/.github/workflows/pathogen-repo-ci.yaml b/.github/workflows/pathogen-repo-ci.yaml
index da0ccff..5d8ebff 100644
--- a/.github/workflows/pathogen-repo-ci.yaml
+++ b/.github/workflows/pathogen-repo-ci.yaml
@@ -187,7 +187,7 @@ jobs:
         env:
           token-available: ${{ secrets.DOCKER_TOKEN_PUBLIC_READ_ONLY != '' }}
         name: Log in to docker.io
-        uses: docker/login-action@v3
+        uses: docker/login-action@v4
         with:
           registry: docker.io
           username: nextstrainbot
@@ -197,7 +197,7 @@ jobs:
       # nextstrain/docker-base.  The automatic GITHUB_TOKEN is restricted to
       # read-only access by the "permissions:" block above.
       - name: Log in to ghcr.io
-        uses: docker/login-action@v3
+        uses: docker/login-action@v4
         with:
           registry: ghcr.io
           username: ${{ github.actor }}
diff --git a/.github/workflows/pathogen-repo-ci.yaml.in b/.github/workflows/pathogen-repo-ci.yaml.in
index b1c0a54..46aff5e 100644
--- a/.github/workflows/pathogen-repo-ci.yaml.in
+++ b/.github/workflows/pathogen-repo-ci.yaml.in
@@ -158,7 +158,7 @@ jobs:
         env:
           token-available: ${{ secrets.DOCKER_TOKEN_PUBLIC_READ_ONLY != '' }}
         name: Log in to docker.io
-        uses: docker/login-action@v3
+        uses: docker/login-action@v4
         with:
           registry: docker.io
           username: nextstrainbot
@@ -169,7 +169,7 @@ jobs:
       # nextstrain/docker-base.  The automatic GITHUB_TOKEN is restricted to
       # read-only access by the "permissions:" block above.
       - name: Log in to ghcr.io
-        uses: docker/login-action@v3
+        uses: docker/login-action@v4
         with:
           registry: ghcr.io
           username: ${{ github.actor }}