diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
index 9cdb943..abe02bf 100644
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -83,7 +83,7 @@ jobs:
 
     # Initializes the CodeQL tools for scanning.
     - name: Initialize CodeQL
-      uses: github/codeql-action/init@8ad4b6ec58178e8dbb44a62677274b3a5916baa9 # v4.32.2
+      uses: github/codeql-action/init@5e7a52feb2a3dfb87f88be2af33b9e2275f48de6 # v4.32.2
       with:
         languages: ${{ matrix.language }}
         build-mode: ${{ matrix.build-mode }}
@@ -112,6 +112,6 @@ jobs:
         exit 1
 
     - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@8ad4b6ec58178e8dbb44a62677274b3a5916baa9 # v4.32.2
+      uses: github/codeql-action/analyze@5e7a52feb2a3dfb87f88be2af33b9e2275f48de6 # v4.32.2
       with:
         category: "/language:${{matrix.language}}"
diff --git a/.github/workflows/scorecard-analysis.yml b/.github/workflows/scorecard-analysis.yml
index cb37ebb..91cad93 100644
--- a/.github/workflows/scorecard-analysis.yml
+++ b/.github/workflows/scorecard-analysis.yml
@@ -49,6 +49,6 @@ jobs:
       # Upload the results to GitHub's code scanning dashboard (optional).
       # Commenting out will disable upload of results to your repo's Code Scanning dashboard
       - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@8ad4b6ec58178e8dbb44a62677274b3a5916baa9 # v4.31.9
+        uses: github/codeql-action/upload-sarif@5e7a52feb2a3dfb87f88be2af33b9e2275f48de6 # v4.31.9
         with:
           sarif_file: scorecard-results.sarif
diff --git a/.github/workflows/security-scanners.yml b/.github/workflows/security-scanners.yml
index cdac6bd..658e026 100644
--- a/.github/workflows/security-scanners.yml
+++ b/.github/workflows/security-scanners.yml
@@ -57,7 +57,7 @@ jobs:
           name: gitleaks.sarif
           path: gitleaks-report_sarif.json
           if-no-files-found: error
-      - uses: github/codeql-action/upload-sarif@8ad4b6ec58178e8dbb44a62677274b3a5916baa9 # v4.32.2
+      - uses: github/codeql-action/upload-sarif@5e7a52feb2a3dfb87f88be2af33b9e2275f48de6 # v4.32.2
         continue-on-error: true
         with:
           sarif_file: gitleaks-report_sarif.json
@@ -96,7 +96,7 @@ jobs:
           name: bandit.sarif
           path: bandit-report_sarif.json
           if-no-files-found: error
-      - uses: github/codeql-action/upload-sarif@8ad4b6ec58178e8dbb44a62677274b3a5916baa9 # v4.32.2
+      - uses: github/codeql-action/upload-sarif@5e7a52feb2a3dfb87f88be2af33b9e2275f48de6 # v4.32.2
         continue-on-error: true
         with:
           sarif_file: bandit-report_sarif.json
@@ -130,7 +130,7 @@ jobs:
           name: grype.sarif
           path: grype-report_sarif.json
           if-no-files-found: error
-      - uses: github/codeql-action/upload-sarif@8ad4b6ec58178e8dbb44a62677274b3a5916baa9 # v4.32.2
+      - uses: github/codeql-action/upload-sarif@5e7a52feb2a3dfb87f88be2af33b9e2275f48de6 # v4.32.2
         continue-on-error: true
         with:
           sarif_file: grype-report_sarif.json
@@ -171,7 +171,7 @@ jobs:
           path: checkov-report_sarif.json
           if-no-files-found: error
       - name: Upload SARIF file
-        uses: github/codeql-action/upload-sarif@8ad4b6ec58178e8dbb44a62677274b3a5916baa9 # v4.32.2
+        uses: github/codeql-action/upload-sarif@5e7a52feb2a3dfb87f88be2af33b9e2275f48de6 # v4.32.2
         continue-on-error: true
         with:
           sarif_file: checkov-report_sarif.json
@@ -288,7 +288,7 @@ jobs:
           name: semgrep.sarif
           path: semgrep-report_sarif.json
           if-no-files-found: error
-      - uses: github/codeql-action/upload-sarif@8ad4b6ec58178e8dbb44a62677274b3a5916baa9 # v4.32.2
+      - uses: github/codeql-action/upload-sarif@5e7a52feb2a3dfb87f88be2af33b9e2275f48de6 # v4.32.2
         continue-on-error: true
         with:
           sarif_file: semgrep-report_sarif.json