diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index b8bf331..a7fe42f 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -79,7 +79,7 @@ jobs:
           format: cyclonedx-json
       - name: Attest build provenance
         id: attest-provenance
-        uses: actions/attest-build-provenance@e8998f949152b193b063cb0ec769d69d929409be # v2
+        uses: actions/attest-build-provenance@a2bbfa25375fe432b6a289bc6b6cd05ecd0c4c32 # v4.1.0
         with:
           subject-path: ${{ matrix.artifact }}
       - name: Attest CycloneDX SBOM