diff --git a/.github/workflows/sbom-generation-callable.yml b/.github/workflows/sbom-generation-callable.yml
index 0b2fe2a9b17..0840ea31fb7 100644
--- a/.github/workflows/sbom-generation-callable.yml
+++ b/.github/workflows/sbom-generation-callable.yml
@@ -56,7 +56,7 @@ jobs:
           output-file: sbom-source.cdx.json
 
       - name: Attest SBOM for source release
-        uses: actions/attest-sbom@07e74fc4e78d1aad915e867f9a094073a9f71527 # v4.0.0
+        uses: actions/attest@59d89421af93a897026c735860bf21b6eb4f7b26 # v4.1.0
         with:
           subject-path: './package.json'
           sbom-path: 'sbom-source.cdx.json'