diff --git a/.github/workflows/supply-chain-security.yml b/.github/workflows/supply-chain-security.yml
index d4f6471..02463a5 100644
--- a/.github/workflows/supply-chain-security.yml
+++ b/.github/workflows/supply-chain-security.yml
@@ -39,6 +39,6 @@ jobs:
           path: ${{ steps.scan.outputs.sarif }}
 
       - name: upload Anchore scan SARIF report
-        uses: github/codeql-action/upload-sarif@v3
+        uses: github/codeql-action/upload-sarif@v4
         with:
           sarif_file: ${{ steps.scan.outputs.sarif }}