diff --git a/.github/workflows/bump-version.yml b/.github/workflows/bump-version.yml
index 5272643..dc5d599 100644
--- a/.github/workflows/bump-version.yml
+++ b/.github/workflows/bump-version.yml
@@ -4,6 +4,7 @@ permissions:
   contents: write
   pull-requests: write
   packages: write
+  security-events: write # Required for CodeQL to upload results
 
 on:
   workflow_dispatch:
@@ -75,7 +76,19 @@ jobs:
           npm version ${{ inputs.bump_type }} --no-git-tag-version
           git add package.json
           git commit -m "chore: bump version to ${{ needs.prepare.outputs.next_version }}"
-          git push
+
+      - name: Initialize CodeQL
+        uses: github/codeql-action/init@v3
+        with:
+          languages: javascript
+      
+      - name: Perform CodeQL Analysis
+        uses: github/codeql-action/analyze@v3
+        with:
+          upload: true
+
+      - name: Push changes
+        run: git push
 
   release-draft:
     needs: [prepare, bump-package]
@@ -90,4 +103,4 @@ jobs:
           draft: true
           prerelease: ${{ inputs.bump_type == 'alpha' || inputs.bump_type == 'beta' }}
           tag_name: v${{ needs.prepare.outputs.next_version }}
-          generate_release_notes: true
+          generate_release_notes: true
\ No newline at end of file