diff --git a/.github/workflows/static-analysis.yaml b/.github/workflows/static-analysis.yaml
new file mode 100644
index 000000000..3f9254847
--- /dev/null
+++ b/.github/workflows/static-analysis.yaml
@@ -0,0 +1,58 @@
+name: "Static Analysis"
+
+on: [push]
+
+jobs:
+  codeql:
+    name: Analyze with CodeQL
+    runs-on: ubuntu-22.04
+
+    strategy:
+      fail-fast: false
+      matrix:
+        language: ['cpp']
+
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v2
+      with:
+        fetch-depth: 1
+
+    - name: apt-get install packages
+      run: sudo apt-get update -qq &&
+           sudo apt-get install --no-install-recommends -y
+               bison
+               build-essential
+               flex
+               git
+               gperf
+               libcurl4-openssl-dev
+               libgtk-3-dev
+               libhtml-parser-perl
+               libjpeg-dev
+               libpng-dev
+               librsvg2-dev
+               pkg-config
+
+    - name: Build and install project libs
+      run: |
+          export TARGET_WORKSPACE="$(pwd)/projects"
+          source docs/env.sh
+          ns-clone -n -s
+          ns-make-tools install
+          ns-make-libs install
+
+    # Initializes the CodeQL tools for scanning.
+    - name: Initialize CodeQL
+      uses: github/codeql-action/init@v2
+      with:
+        languages: ${{ matrix.language }}
+
+    - name: Build NetSurf
+      run: |
+          export TARGET_WORKSPACE="$(pwd)/projects"
+          source docs/env.sh
+          make -j"$(nproc)"
+
+    - name: Perform CodeQL Analysis
+      uses: github/codeql-action/analyze@v2