diff --git a/.github/workflows/pullrequest.yml b/.github/workflows/pullrequest.yml
index bbe1d8ddd..a1df30c75 100644
--- a/.github/workflows/pullrequest.yml
+++ b/.github/workflows/pullrequest.yml
@@ -19,6 +19,7 @@ jobs:
     steps:
       - name: Check out the code
         uses: actions/checkout@v3
+
       - name: Set up JDK 8
         uses: actions/setup-java@v3
         with:
@@ -26,6 +27,11 @@ jobs:
           distribution: 'temurin'
           cache: maven
 
+      - name: Initialize CodeQL
+        uses: github/codeql-action/init@v2
+        with:
+          languages: java
+
       - name: Cache local Maven repository
         uses: actions/cache@v3
         with:
@@ -44,3 +50,6 @@ jobs:
           name: coverage # optional
           fail_ci_if_error: true # optional (default = false)
           verbose: true # optional (default = false)
+
+      - name: Perform CodeQL Analysis
+        uses: github/codeql-action/analyze@v2