diff --git a/.github/workflows/security.yaml b/.github/workflows/security.yaml
index 56a1f3b..837e530 100644
--- a/.github/workflows/security.yaml
+++ b/.github/workflows/security.yaml
@@ -37,7 +37,7 @@ jobs:
       - name: Run gitleaks
         # gitleaks/gitleaks-action — pinned by SHA, watched by Dependabot.
         # When bumping, replace the SHA AND the trailing version comment.
-        uses: gitleaks/gitleaks-action@ff98106e4c7b2bc287b24eaf42907196329070c7 # v2.3.7
+        uses: gitleaks/gitleaks-action@e0c47f4f8be36e29cdc102c57e68cb5cbf0e8d1e # v2.3.7
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}