diff --git a/.github/workflows/semgrep.yaml b/.github/workflows/semgrep.yaml
index abcc600..dbbff24 100644
--- a/.github/workflows/semgrep.yaml
+++ b/.github/workflows/semgrep.yaml
@@ -29,7 +29,7 @@ jobs:
 
       # Upload findings to GitHub Advanced Security Dashboard [step 2/2]
       - name: Upload SARIF file for GitHub Advanced Security Dashboard
-        uses: github/codeql-action/upload-sarif@5d4e8d1aca955e8d8589aabd499c5cae939e33c7 # v4.31.9
+        uses: github/codeql-action/upload-sarif@b20883b0cd1f46c72ae0ba6d1090936928f9fa30 # v4.32.0
         with:
           sarif_file: semgrep.sarif
         if: always()
diff --git a/setup.cfg b/setup.cfg
index 12edec4..31bbc0c 100644
--- a/setup.cfg
+++ b/setup.cfg
@@ -51,7 +51,7 @@ install_requires =
     black
     click==8.3.1
     coverage
-    PyJWT==2.10.1
+    PyJWT==2.11.0
 
 [options.entry_points]
 certbot.plugins =
diff --git a/setup.py b/setup.py
index a75d294..f665985 100644
--- a/setup.py
+++ b/setup.py
@@ -20,7 +20,7 @@
     "black",
     "click==8.3.1",
     "coverage",
-    "PyJWT==2.10.1"
+    "PyJWT==2.11.0"
 ]
 
 # read the contents of your README file