diff --git a/.github/workflows/action-security.yml b/.github/workflows/action-security.yml
index 215f928..34630b0 100644
--- a/.github/workflows/action-security.yml
+++ b/.github/workflows/action-security.yml
@@ -117,14 +117,14 @@ jobs:
 
       - name: Upload Trivy results
         if: steps.verify-sarif.outputs.has_trivy == 'true'
-        uses: github/codeql-action/upload-sarif@4e94bd11f71e507f7f87df81788dff88d1dacbfb # v4.31.0
+        uses: github/codeql-action/upload-sarif@0499de31b99561a6d14a36a5f662c2a54f91beee # v4.31.2
         with:
           sarif_file: 'trivy-results.sarif'
           category: 'trivy'
 
       - name: Upload Gitleaks results
         if: steps.verify-sarif.outputs.has_gitleaks == 'true'
-        uses: github/codeql-action/upload-sarif@4e94bd11f71e507f7f87df81788dff88d1dacbfb # v4.31.0
+        uses: github/codeql-action/upload-sarif@0499de31b99561a6d14a36a5f662c2a54f91beee # v4.31.2
         with:
           sarif_file: 'gitleaks-report.sarif'
           category: 'gitleaks'
diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
index 54feb1a..86fad94 100644
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -37,15 +37,15 @@ jobs:
         uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
 
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@4e94bd11f71e507f7f87df81788dff88d1dacbfb # v4.31.0
+        uses: github/codeql-action/init@0499de31b99561a6d14a36a5f662c2a54f91beee # v4.31.2
         with:
           languages: ${{ matrix.language }}
           queries: security-and-quality
 
       - name: Autobuild
-        uses: github/codeql-action/autobuild@4e94bd11f71e507f7f87df81788dff88d1dacbfb # v4.31.0
+        uses: github/codeql-action/autobuild@0499de31b99561a6d14a36a5f662c2a54f91beee # v4.31.2
 
       - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@4e94bd11f71e507f7f87df81788dff88d1dacbfb # v4.31.0
+        uses: github/codeql-action/analyze@0499de31b99561a6d14a36a5f662c2a54f91beee # v4.31.2
         with:
           category: '/language:${{matrix.language}}'
diff --git a/.github/workflows/pr-lint.yml b/.github/workflows/pr-lint.yml
index d686ba6..de55847 100644
--- a/.github/workflows/pr-lint.yml
+++ b/.github/workflows/pr-lint.yml
@@ -101,7 +101,7 @@ jobs:
 
       - name: Upload SARIF Report
         if: always() && hashFiles('megalinter-reports/sarif/*.sarif')
-        uses: github/codeql-action/upload-sarif@4e94bd11f71e507f7f87df81788dff88d1dacbfb # v4.31.0
+        uses: github/codeql-action/upload-sarif@0499de31b99561a6d14a36a5f662c2a54f91beee # v4.31.2
         with:
           sarif_file: megalinter-reports/sarif
           category: megalinter
diff --git a/.github/workflows/test-actions.yml b/.github/workflows/test-actions.yml
index d6de6da..087cfb9 100644
--- a/.github/workflows/test-actions.yml
+++ b/.github/workflows/test-actions.yml
@@ -73,7 +73,7 @@ jobs:
         if: always()
 
       - name: Upload SARIF file
-        uses: github/codeql-action/upload-sarif@4e94bd11f71e507f7f87df81788dff88d1dacbfb # v4.31.0
+        uses: github/codeql-action/upload-sarif@0499de31b99561a6d14a36a5f662c2a54f91beee # v4.31.2
         if: always() && hashFiles('_tests/reports/test-results.sarif') != ''
         with:
           sarif_file: _tests/reports/test-results.sarif
diff --git a/ansible-lint-fix/action.yml b/ansible-lint-fix/action.yml
index cc747a2..d0439ea 100644
--- a/ansible-lint-fix/action.yml
+++ b/ansible-lint-fix/action.yml
@@ -184,6 +184,6 @@ runs:
 
     - name: Upload SARIF Report
       if: steps.check-files.outputs.files_found == 'true'
-      uses: github/codeql-action/upload-sarif@4e94bd11f71e507f7f87df81788dff88d1dacbfb # v4.31.0
+      uses: github/codeql-action/upload-sarif@0499de31b99561a6d14a36a5f662c2a54f91beee # v4.31.2
       with:
         sarif_file: ansible-lint.sarif
diff --git a/biome-check/action.yml b/biome-check/action.yml
index aa4ef28..25283fc 100644
--- a/biome-check/action.yml
+++ b/biome-check/action.yml
@@ -233,6 +233,6 @@ runs:
 
     - name: Upload Biome Results
       if: always()
-      uses: github/codeql-action/upload-sarif@4e94bd11f71e507f7f87df81788dff88d1dacbfb # v4.31.0
+      uses: github/codeql-action/upload-sarif@0499de31b99561a6d14a36a5f662c2a54f91beee # v4.31.2
       with:
         sarif_file: biome-report.sarif
diff --git a/codeql-analysis/action.yml b/codeql-analysis/action.yml
index b0a6f88..33f5c49 100644
--- a/codeql-analysis/action.yml
+++ b/codeql-analysis/action.yml
@@ -189,7 +189,7 @@ runs:
         echo "Using build mode: $build_mode"
 
     - name: Initialize CodeQL
-      uses: github/codeql-action/init@4e94bd11f71e507f7f87df81788dff88d1dacbfb # v4.31.0
+      uses: github/codeql-action/init@0499de31b99561a6d14a36a5f662c2a54f91beee # v4.31.2
       with:
         languages: ${{ inputs.language }}
         queries: ${{ inputs.queries }}
@@ -202,12 +202,12 @@ runs:
         threads: ${{ inputs.threads }}
 
     - name: Autobuild
-      uses: github/codeql-action/autobuild@4e94bd11f71e507f7f87df81788dff88d1dacbfb # v4.31.0
+      uses: github/codeql-action/autobuild@0499de31b99561a6d14a36a5f662c2a54f91beee # v4.31.2
       if: ${{ steps.set-build-mode.outputs.build-mode == 'autobuild' }}
 
     - name: Perform CodeQL Analysis
       id: analysis
-      uses: github/codeql-action/analyze@4e94bd11f71e507f7f87df81788dff88d1dacbfb # v4.31.0
+      uses: github/codeql-action/analyze@0499de31b99561a6d14a36a5f662c2a54f91beee # v4.31.2
       with:
         category: ${{ steps.set-category.outputs.category }}
         upload: ${{ inputs.upload-results }}
diff --git a/csharp-lint-check/action.yml b/csharp-lint-check/action.yml
index bdc54b5..3090842 100644
--- a/csharp-lint-check/action.yml
+++ b/csharp-lint-check/action.yml
@@ -111,6 +111,6 @@ runs:
         fi
 
     - name: Upload SARIF Report
-      uses: github/codeql-action/upload-sarif@4e94bd11f71e507f7f87df81788dff88d1dacbfb # v4.31.0
+      uses: github/codeql-action/upload-sarif@0499de31b99561a6d14a36a5f662c2a54f91beee # v4.31.2
       with:
         sarif_file: dotnet-format.sarif
diff --git a/eslint-check/action.yml b/eslint-check/action.yml
index 143c093..fd9090f 100644
--- a/eslint-check/action.yml
+++ b/eslint-check/action.yml
@@ -414,7 +414,7 @@ runs:
 
     - name: Upload ESLint Results
       if: always() && inputs.report-format == 'sarif'
-      uses: github/codeql-action/upload-sarif@4e94bd11f71e507f7f87df81788dff88d1dacbfb # v4.31.0
+      uses: github/codeql-action/upload-sarif@0499de31b99561a6d14a36a5f662c2a54f91beee # v4.31.2
       with:
         sarif_file: ${{ inputs.working-directory }}/reports/eslint.sarif
         category: eslint
diff --git a/go-lint/action.yml b/go-lint/action.yml
index 5f74591..c18d720 100644
--- a/go-lint/action.yml
+++ b/go-lint/action.yml
@@ -413,7 +413,7 @@ runs:
 
     - name: Upload Lint Results
       if: always() && inputs.report-format == 'sarif'
-      uses: github/codeql-action/upload-sarif@4e94bd11f71e507f7f87df81788dff88d1dacbfb # v4.31.0
+      uses: github/codeql-action/upload-sarif@0499de31b99561a6d14a36a5f662c2a54f91beee # v4.31.2
       with:
         sarif_file: ${{ inputs.working-directory }}/reports/golangci-lint.sarif
         category: golangci-lint
diff --git a/prettier-check/action.yml b/prettier-check/action.yml
index 4082795..1b4998a 100644
--- a/prettier-check/action.yml
+++ b/prettier-check/action.yml
@@ -432,7 +432,7 @@ runs:
 
     - name: Upload Prettier Results
       if: always() && inputs.report-format == 'sarif'
-      uses: github/codeql-action/upload-sarif@4e94bd11f71e507f7f87df81788dff88d1dacbfb # v4.31.0
+      uses: github/codeql-action/upload-sarif@0499de31b99561a6d14a36a5f662c2a54f91beee # v4.31.2
       with:
         sarif_file: ${{ inputs.working-directory }}/reports/prettier.sarif
         category: prettier
diff --git a/python-lint-fix/action.yml b/python-lint-fix/action.yml
index 3d811a7..b24f8ec 100644
--- a/python-lint-fix/action.yml
+++ b/python-lint-fix/action.yml
@@ -370,7 +370,7 @@ runs:
 
     - name: Upload SARIF Report
       if: steps.check-files.outputs.result == 'found'
-      uses: github/codeql-action/upload-sarif@4e94bd11f71e507f7f87df81788dff88d1dacbfb # v4.31.0
+      uses: github/codeql-action/upload-sarif@0499de31b99561a6d14a36a5f662c2a54f91beee # v4.31.2
       with:
         sarif_file: ${{ inputs.working-directory }}/reports/flake8.sarif
         category: 'python-lint'
diff --git a/terraform-lint-fix/action.yml b/terraform-lint-fix/action.yml
index a80ce10..8def2f2 100644
--- a/terraform-lint-fix/action.yml
+++ b/terraform-lint-fix/action.yml
@@ -302,7 +302,7 @@ runs:
 
     - name: Upload SARIF Report
       if: steps.check-files.outputs.found == 'true' && inputs.format == 'sarif'
-      uses: github/codeql-action/upload-sarif@4e94bd11f71e507f7f87df81788dff88d1dacbfb # v4.31.0
+      uses: github/codeql-action/upload-sarif@0499de31b99561a6d14a36a5f662c2a54f91beee # v4.31.2
       with:
         sarif_file: ${{ env.VALIDATED_WORKING_DIR }}/reports/tflint.sarif
         category: terraform-lint