diff --git a/.github/workflows/security-scan.yml b/.github/workflows/security-scan.yml
index 89a89cd..4f34388 100644
--- a/.github/workflows/security-scan.yml
+++ b/.github/workflows/security-scan.yml
@@ -138,7 +138,7 @@ jobs:
         if: ${{ always() }}
         id: slsa
         continue-on-error: true
-        uses: actions/attest-build-provenance@ca0aaa1889e301c8331fbdb338d9475431b75b13
+        uses: actions/attest-build-provenance@c5efebd311e9a809e832398ca2b73bb429ff3508
         with:
           subject-path: |
             pip-audit.sarif