diff --git a/.github/workflows/semgrep.yml b/.github/workflows/semgrep.yml
index 91e6d59b8..8cc2c4f85 100644
--- a/.github/workflows/semgrep.yml
+++ b/.github/workflows/semgrep.yml
@@ -36,7 +36,7 @@ jobs:
       - name: Run Semgrep
         run: semgrep scan --sarif --output=semgrep.sarif --config=p/auto --config=p/dockerfile --config=p/typescript --config=p/javascript --metrics=off --verbose
       - name: Upload SARIF file for GitHub Advanced Security Dashboard
-        uses: github/codeql-action/upload-sarif@5eb3ed6614230b1931d5c08df9e096e4ba524f21 # CodeQL Bundle v2.16.1
+        uses: github/codeql-action/upload-sarif@7b0fb5a4ac3b38ee6ee9a3ab6ffe59c27e9c4d3b # CodeQL Bundle v2.16.1
         with:
           sarif_file: semgrep.sarif
         if: always()
\ No newline at end of file