diff --git a/.github/workflows/code.yml b/.github/workflows/code.yml
index bcb30f21..1695c20b 100644
--- a/.github/workflows/code.yml
+++ b/.github/workflows/code.yml
@@ -136,7 +136,7 @@ jobs:
       - name: Github Release
         # We pin to the SHA, not the tag, for security reasons.
         # https://docs.github.com/en/actions/learn-github-actions/security-hardening-for-github-actions#using-third-party-actions
-        uses: softprops/action-gh-release@a74c6b72af54cfa997e81df42d94703d6313a2d0 # v0.1.15
+        uses: softprops/action-gh-release@c062e08bd532815e2082a85e87e3ef29c3e6d191 # v0.1.15
         with:
           prerelease: ${{ contains(github.ref_name, 'a') || contains(github.ref_name, 'b') || contains(github.ref_name, 'rc') }}
           # upload distribution files and lockfiles plus the support YAML schema