diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml
index 20070fc8d..995f73e80 100644
--- a/.github/workflows/security.yml
+++ b/.github/workflows/security.yml
@@ -47,7 +47,7 @@ jobs:
       - if: env.SKIP_INTEGRITY_CHECK != 1
         name: Get updated dependencies or lockfile
         id: changed-files-specific
-        uses: tj-actions/changed-files@v37
+        uses: tj-actions/changed-files@2f7246cb26e8bb6709b6cbfc1fec7febfe82e96a # v38
         with:
           files: |
             .yarn/**