diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 69cff56..1598681 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -72,12 +72,12 @@ jobs:
       run: npm audit --audit-level moderate
       
     - name: Run CodeQL Analysis
-      uses: github/codeql-action/init@v3
+      uses: github/codeql-action/init@v4
       with:
         languages: javascript
         
     - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v3
+      uses: github/codeql-action/analyze@v4
 
   dependency-review:
     runs-on: ubuntu-latest
diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml
index 4d9c4cb..b1b9477 100644
--- a/.github/workflows/security.yml
+++ b/.github/workflows/security.yml
@@ -37,7 +37,7 @@ jobs:
         output: 'trivy-results.sarif'
         
     - name: Upload Trivy scan results
-      uses: github/codeql-action/upload-sarif@v3
+      uses: github/codeql-action/upload-sarif@v4
       if: always()
       with:
         sarif_file: 'trivy-results.sarif'
@@ -50,7 +50,7 @@ jobs:
         publish_results: true
         
     - name: Upload Scorecard results
-      uses: github/codeql-action/upload-sarif@v3
+      uses: github/codeql-action/upload-sarif@v4
       with:
         sarif_file: results.sarif