diff --git a/.github/workflows/scan.yml b/.github/workflows/scan.yml
index 52ae435a..1a62b109 100644
--- a/.github/workflows/scan.yml
+++ b/.github/workflows/scan.yml
@@ -76,7 +76,7 @@ jobs:
         uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # v2
         
       - name: Run Gosec Security Scanner
-        uses: securego/gosec@607d607b516bf301996678c68dc371a0dba9a938 # master
+        uses: securego/gosec@a9b0ef0a1136cc93caacd1ca281a8b6d883946e5 # master
         with:
           # we let the report trigger content trigger a failure using the GitHub Security features.
           args: '-no-fail -fmt sarif -out results.sarif ./...'