diff --git a/.github/workflows/docker-publish.yml b/.github/workflows/docker-publish.yml
index adc5220..fe25423 100644
--- a/.github/workflows/docker-publish.yml
+++ b/.github/workflows/docker-publish.yml
@@ -207,7 +207,7 @@ jobs:
 
       - name: Upload Trivy scan results
         if: "!(github.event_name == 'schedule' && steps.get-version.outputs.skip == 'true')"
-        uses: github/codeql-action/upload-sarif@6e4b8622b82fab3c6ad2a7814fad1effc7615bc8 # v3.28.4
+        uses: github/codeql-action/upload-sarif@ee117c905ab18f32fa0f66c2fe40ecc8013f3e04 # v3.28.4
         with:
           sarif_file: "trivy-results.sarif"
         continue-on-error: true