diff --git a/.github/workflows/semgrep.yaml b/.github/workflows/semgrep.yaml
index f00e1e5..7e6dba9 100644
--- a/.github/workflows/semgrep.yaml
+++ b/.github/workflows/semgrep.yaml
@@ -29,7 +29,7 @@ jobs:
 
       # Upload findings to GitHub Advanced Security Dashboard [step 2/2]
       - name: Upload SARIF file for GitHub Advanced Security Dashboard
-        uses: github/codeql-action/upload-sarif@662472033e021d55d94146f66f6058822b0b39fd # v3.27.0
+        uses: github/codeql-action/upload-sarif@aa578102511db1f4524ed59b8cc2bae4f6e88195 # v3.27.6
         with:
           sarif_file: semgrep.sarif
         if: always()
diff --git a/setup.cfg b/setup.cfg
index 1b95e4e..9133b38 100644
--- a/setup.cfg
+++ b/setup.cfg
@@ -51,7 +51,7 @@ install_requires =
     black
     click==8.1.7
     coverage
-    PyJWT==2.9.0
+    PyJWT==2.10.1
 
 [options.entry_points]
 certbot.plugins =
diff --git a/setup.py b/setup.py
index deda2c5..2e157c8 100644
--- a/setup.py
+++ b/setup.py
@@ -20,7 +20,7 @@
     "black",
     "click==8.1.7",
     "coverage",
-    "PyJWT==2.9.0"
+    "PyJWT==2.10.1"
 ]
 
 # read the contents of your README file