diff --git a/.github/workflows/sonarcloud.yml b/.github/workflows/sonarcloud.yml
index c45e64d8c..f5d705717 100644
--- a/.github/workflows/sonarcloud.yml
+++ b/.github/workflows/sonarcloud.yml
@@ -34,6 +34,6 @@ jobs:
       # Note: Coverage is handled separately by ci.yml; this workflow focuses on static analysis
       - name: SonarCloud Scan
         if: env.SONAR_TOKEN != ''
-        uses: SonarSource/sonarqube-scan-action@59db25f34e16620e48ab4bb9e4a5dce155cb5432 # v7
+        uses: SonarSource/sonarqube-scan-action@7006c4492b2e0ee0f816d36501671557c97f5995 # v7
         env:
           SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}