diff --git a/.gitattributes b/.gitattributes
index 9073910f..2170adcd 100644
--- a/.gitattributes
+++ b/.gitattributes
@@ -24,7 +24,6 @@ js/test/ export-ignore
 .styleci.yml export-ignore
 .travis.yml export-ignore
 .vscode export-ignore
-codacy-analysis.yml export-ignore
 crowdin.yml export-ignore
 BADGES.md export-ignore
 CODE_OF_CONDUCT.md export-ignore
diff --git a/codacy-analysis.yml b/.github/workflows/codacy-analysis.yml
similarity index 92%
rename from codacy-analysis.yml
rename to .github/workflows/codacy-analysis.yml
index 31d065cd..05637cc9 100644
--- a/codacy-analysis.yml
+++ b/.github/workflows/codacy-analysis.yml
@@ -24,11 +24,11 @@ jobs:
     steps:
       # Checkout the repository to the GitHub Actions runner
       - name: Checkout code
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
 
       # Execute Codacy Analysis CLI and generate a SARIF output with the security issues identified during the analysis
       - name: Run Codacy Analysis CLI
-        uses: codacy/codacy-analysis-cli-action@1.1.0
+        uses: codacy/codacy-analysis-cli-action@4
         with:
           # Check https://github.com/codacy/codacy-analysis-cli#project-token to get your project token from your Codacy repository
           # You can also omit the token and run the tools that support default configurations
@@ -44,6 +44,6 @@ jobs:
 
       # Upload the SARIF file generated in the previous step
       - name: Upload SARIF results file
-        uses: github/codeql-action/upload-sarif@v1
+        uses: github/codeql-action/upload-sarif@v4
         with:
           sarif_file: results.sarif