diff --git a/.github/workflows/verify-commit-pins.yaml b/.github/workflows/verify-commit-pins.yaml
index ee2e8ec74..2ecbb9152 100644
--- a/.github/workflows/verify-commit-pins.yaml
+++ b/.github/workflows/verify-commit-pins.yaml
@@ -13,7 +13,7 @@ jobs:
     if: github.event.pull_request.draft == false
     steps:
       - uses: actions/checkout@v4
-      - uses: zgosalvez/github-actions-ensure-sha-pinned-actions@b1b635d24259e8a047a6ce7d6501ea432aa7a830 # 3.0.2
+      - uses: zgosalvez/github-actions-ensure-sha-pinned-actions@76d1d8e0b075d7190b5d59b86da91c7bdbcc99b2 # 3.0.7
         with:
           # We only want to allow official GitHub Actions
           allowlist: |