diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml
index 916bc43..08a2486 100644
--- a/.github/workflows/scorecard.yml
+++ b/.github/workflows/scorecard.yml
@@ -33,13 +33,13 @@ jobs:
           publish_results: true
 
       - name: 'Upload Artifact'
-        uses: actions/upload-artifact@97a0fba1372883ab732affbe8f94b823f91727db # v3.pre.node20
+        uses: actions/upload-artifact@4.6.2 # v4.6.2
         with:
           name: SARIF file
           path: results.sarif
           retention-days: 5
 
       - name: 'Upload to Code-Scanning'
-        uses: github/codeql-action/upload-sarif@fc7e4a0fa01c3cca5fd6a1fddec5c0740c977aa2 # v3.28.14
+        uses: github/codeql-action/upload-sarif@3.28.17 # 3.28.17
         with:
           sarif_file: results.sarif