diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
index 8fe3dc7..b7f6a3d 100644
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -41,7 +41,7 @@ jobs:
           echo "CODEQL_PYTHON=$(which python)" >> $GITHUB_ENV
 
       - name: Initialize CodeQL.
-        uses: github/codeql-action/init@0225834cc549ee0ca93cb085b92954821a145866 # v2
+        uses: github/codeql-action/init@305f6546310b9203e892c28c1484e82977f4f63d # v2
         with:
           languages: python
           # https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#analyzing-python-dependencies
@@ -50,7 +50,7 @@ jobs:
       # Autobuild attempts to build any compiled languages (C/C++, C#, or Java).
       # If this step fails, then you should remove it and run the build manually.
       - name: Autobuild
-        uses: github/codeql-action/autobuild@0225834cc549ee0ca93cb085b92954821a145866 # v2
+        uses: github/codeql-action/autobuild@305f6546310b9203e892c28c1484e82977f4f63d # v2
 
       - name: Perform CodeQL Analysis.
-        uses: github/codeql-action/analyze@0225834cc549ee0ca93cb085b92954821a145866 # v2
+        uses: github/codeql-action/analyze@305f6546310b9203e892c28c1484e82977f4f63d # v2