diff --git a/.github/workflows/devskim.yml b/.github/workflows/devskim.yml
index 9321ab1f..f71306b7 100644
--- a/.github/workflows/devskim.yml
+++ b/.github/workflows/devskim.yml
@@ -29,6 +29,6 @@ jobs:
         uses: microsoft/DevSkim-Action@v1
         
       - name: Upload DevSkim scan results to GitHub Security tab
-        uses: github/codeql-action/upload-sarif@v3
+        uses: github/codeql-action/upload-sarif@v4
         with:
           sarif_file: devskim-results.sarif
diff --git a/.github/workflows/njsscan.yml b/.github/workflows/njsscan.yml
index 62fcc440..17f562c0 100644
--- a/.github/workflows/njsscan.yml
+++ b/.github/workflows/njsscan.yml
@@ -36,6 +36,6 @@ jobs:
       with:
         args: '. --sarif --output results.sarif || true'
     - name: Upload njsscan report
-      uses: github/codeql-action/upload-sarif@v3
+      uses: github/codeql-action/upload-sarif@v4
       with:
         sarif_file: results.sarif