diff --git a/CHANGELOG.md b/CHANGELOG.md
index 8724df719f..39e8d76b59 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -4,6 +4,10 @@
 
 No user facing changes.
 
+## 2.3.6 - 01 Jun 2023
+
+No user facing changes.
+
 ## 2.3.5 - 25 May 2023
 
 - Allow invalid URIs to be used as values to `artifactLocation.uri` properties. This reverses a change from [#1668](https://github.com/github/codeql-action/pull/1668) that inadvertently led to stricter validation of some URI values. [#1705](https://github.com/github/codeql-action/pull/1705)
diff --git a/node_modules/.package-lock.json b/node_modules/.package-lock.json
index 6d7a3e0b3d..c11cbf00d3 100644
--- a/node_modules/.package-lock.json
+++ b/node_modules/.package-lock.json
@@ -1,6 +1,6 @@
 {
   "name": "codeql",
-  "version": "2.3.6",
+  "version": "2.3.7",
   "lockfileVersion": 3,
   "requires": true,
   "packages": {
diff --git a/package-lock.json b/package-lock.json
index afdb7c7709..d31da2bed1 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -1,12 +1,12 @@
 {
   "name": "codeql",
-  "version": "2.3.6",
+  "version": "2.3.7",
   "lockfileVersion": 3,
   "requires": true,
   "packages": {
     "": {
       "name": "codeql",
-      "version": "2.3.6",
+      "version": "2.3.7",
       "license": "MIT",
       "dependencies": {
         "@actions/artifact": "^1.1.0",
diff --git a/package.json b/package.json
index f7af949a89..9b8f2b7004 100644
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "codeql",
-  "version": "2.3.6",
+  "version": "2.3.7",
   "private": true,
   "description": "CodeQL action",
   "scripts": {