diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
index 72cacae..6cbeb71 100644
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -8,8 +8,8 @@
 # DEFGROUP: GitHub.Workflow.Template
 # INGROUP: MokoStandards.Security
 # REPO: https://github.com/mokoconsulting-tech/MokoStandards
-# PATH: /templates/workflows/generic/codeql-analysis.yml.template
-# VERSION: 03.09.03
+# PATH: /templates/workflows/generic/codeql-analysis.yml
+# VERSION: 04.05.00
 # BRIEF: CodeQL security scanning workflow (generic — all repo types)
 # NOTE: Deployed to .github/workflows/codeql-analysis.yml in governed repos.
 #       CodeQL does not support PHP directly; JavaScript scans JSON/YAML/shell.
@@ -21,7 +21,14 @@ on:
   push:
     branches:
       - main
-      - version/*
+      - dev/**
+      - rc/**
+      - version/**
+  pull_request:
+    branches:
+      - main
+      - dev/**
+      - rc/**
   schedule:
     # Weekly on Monday at 06:00 UTC
     - cron: '0 6 * * 1'