diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
index c1fad963..0078bac2 100644
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -25,7 +25,7 @@ jobs:
   scan:
     name: 'Audit Repository'
     # yamllint disable-line rule:line-length
-    uses: lfit/releng-reusable-workflows/.github/workflows/reuse-python-codeql.yaml@4231fda07b06d356c904fe39a868522393dee4bb # v0.2.21
+    uses: lfit/releng-reusable-workflows/.github/workflows/reuse-python-codeql.yaml@b4c8bfdea114d034bfa6ed2fe2c9775bc091d5ca # v0.2.28
     permissions:
       security-events: write
       # required to fetch internal or private CodeQL packs