diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
new file mode 100644
index 0000000..066b011
--- /dev/null
+++ b/.github/workflows/codeql.yml
@@ -0,0 +1,99 @@
+# For most projects, this workflow file will not need changing; you simply need
+# to commit it to your repository.
+#
+# You may wish to alter this file to override the set of languages analyzed,
+# or to provide custom queries or build logic.
+#
+# ******** NOTE ********
+# We have attempted to detect the languages in your repository. Please check
+# the `language` matrix defined below to confirm you have the correct set of
+# supported CodeQL languages.
+#
+name: "CodeQL Advanced"
+
+on:
+  push:
+    branches: [ "main" ]
+  pull_request:
+    branches: [ "main" ]
+  schedule:
+    - cron: '28 3 * * 4'
+
+jobs:
+  analyze:
+    name: Analyze (${{ matrix.language }})
+    # Runner size impacts CodeQL analysis time. To learn more, please see:
+    #   - https://gh.io/recommended-hardware-resources-for-running-codeql
+    #   - https://gh.io/supported-runners-and-hardware-resources
+    #   - https://gh.io/using-larger-runners (GitHub.com only)
+    # Consider using larger runners or machines with greater resources for possible analysis time improvements.
+    runs-on: ${{ (matrix.language == 'swift' && 'macos-latest') || 'ubuntu-latest' || 'windows-latest' }}
+    permissions:
+      # required for all workflows
+      security-events: write
+
+      # required to fetch internal or private CodeQL packs
+      packages: read
+
+      # only required for workflows in private repositories
+      actions: read
+      contents: read
+
+    strategy:
+      fail-fast: false
+      matrix:
+        include:
+        - language: python
+          build-mode: none
+        # CodeQL supports the following values keywords for 'language': 'actions', 'c-cpp', 'csharp', 'go', 'java-kotlin', 'javascript-typescript', 'python', 'ruby', 'rust', 'swift'
+        # Use `c-cpp` to analyze code written in C, C++ or both
+        # Use 'java-kotlin' to analyze code written in Java, Kotlin or both
+        # Use 'javascript-typescript' to analyze code written in JavaScript, TypeScript or both
+        # To learn more about changing the languages that are analyzed or customizing the build mode for your analysis,
+        # see https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/customizing-your-advanced-setup-for-code-scanning.
+        # If you are analyzing a compiled language, you can modify the 'build-mode' for that language to customize how
+        # your codebase is analyzed, see https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v4
+
+    # Add any setup steps before running the `github/codeql-action/init` action.
+    # This includes steps like installing compilers or runtimes (`actions/setup-node`
+    # or others). This is typically only required for manual builds.
+    # - name: Setup runtime (example)
+    #   uses: actions/setup-example@v1
+
+    # Initializes the CodeQL tools for scanning.
+    - name: Initialize CodeQL
+      uses: github/codeql-action/init@v4
+      with:
+        languages: ${{ matrix.language }}
+        build-mode: ${{ matrix.build-mode }}
+        # If you wish to specify custom queries, you can do so here or in a config file.
+        # By default, queries listed here will override any specified in a config file.
+        # Prefix the list here with "+" to use these queries and those in the config file.
+
+        # For more details on CodeQL's query packs, refer to: https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs
+        # queries: security-extended,security-and-quality
+
+    # If the analyze step fails for one of the languages you are analyzing with
+    # "We were unable to automatically build your code", modify the matrix above
+    # to set the build mode to "manual" for that language. Then modify this step
+    # to build your code.
+    # ℹ️ Command-line programs to run using the OS shell.
+    # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
+    - name: Run manual build steps
+      if: matrix.build-mode == 'manual'
+      shell: bash
+      run: |
+        echo 'If you are using a "manual" build mode for one or more of the' \
+          'languages you are analyzing, replace this with the commands to build' \
+          'your code, for example:'
+        echo '  make bootstrap'
+        echo '  make release'
+        exit 1
+
+    - name: Perform CodeQL Analysis
+      uses: github/codeql-action/analyze@v4
+      with:
+        category: "/language:${{matrix.language}}"
diff --git a/bot.py b/bot.py
index ab2e9f8..32755ba 100644
--- a/bot.py
+++ b/bot.py
@@ -11,6 +11,7 @@
 from services.health_monitor import HealthMonitor
 from services.metadata_monitor import MetadataMonitor
 from services.state_manager import StateManager
+from pls_parser import parse_pls
 import shout_errors
 import urllib_hack
 from dotenv import load_dotenv
@@ -810,8 +811,9 @@ async def refresh_stream(interaction: discord.Interaction):
   await stop_playback(interaction.guild)
   await play_stream(interaction, url)
 
-# Start playing music from the stream
-#  Check connection/status of server
+#  Start playing music from the stream
+#  Check connection/status of stream
+#  Check if stream link is .pls and parse it first
 #  Get stream connection to server
 #  Connect to voice channel
 #  Start ffmpeg transcoding stream
@@ -821,6 +823,20 @@ async def play_stream(interaction, url):
   if not url:
     logger.warning("No stream currently set, can't play nothing")
     raise shout_errors.NoStreamSelected
+    
+  # Handle .pls playlist files
+  slice = urllib.parse.urlparse(url)
+  path = slice.path 
+  pls = path.find('.pls')
+  if pls != -1:
+    logger.debug(f"Detected .pls file, attempting to parse: {url}")
+    await interaction.edit_original_response(content="❓ Looks Like this is a `.pls`, Let's see if I can figure it out...")
+    stream_url = await parse_pls(url)
+    if not stream_url:
+      # catch all
+      logger.error("Failed to parse .pls or no valid stream URL found")
+      raise shout_errors.StreamOffline()
+    url = stream_url
 
   # Connect to voice channel author is currently in
   voice_state = getattr(interaction.user, 'voice', None)   # voice channel check, explicitly set to None if not found for some reason
@@ -884,7 +900,7 @@ async def play_stream(interaction, url):
   # 4080 bytes per tick * 8 chunks = 32640 + 8 marker bytes = 32648 bits buffer (8 chunks)
   # 4080 bytes per tick * 4 Chunks = 16320 + 4 marker bytes = 16324 bits per analysis (4 chunks)
   try:
-    music_stream = discord.FFmpegOpusAudio(source=url, options="-analyzeduration 16324 -rtbufsize 32648 -filter:a loudnorm=I=-30:LRA=7:TP=-3 -reconnect 1 -reconnect_streamed 1 -reconnect_delay_max 120 -tls_verify 0")
+    music_stream = discord.FFmpegOpusAudio(source=url, options="-analyzeduration 16324 -rtbufsize 32648 -filter:a loudnorm=I=-30:LRA=7:TP=-3 -reconnect 1 -reconnect_streamed 1 -reconnect_delay_max 120 -tls_verify 0 -protocol_whitelist http,https,tls,pipe")
     await asyncio.sleep(1)  # Give FFmpeg a moment to start
   except Exception as e:
     logger.error(f"Failed to start FFmpeg stream: {e}")
diff --git a/pls_parser.py b/pls_parser.py
new file mode 100644
index 0000000..f812ab1
--- /dev/null
+++ b/pls_parser.py
@@ -0,0 +1,58 @@
+import asyncio
+import logging
+from typing import Optional
+
+logger = logging.getLogger('discord')
+
+async def parse_pls(url: str) -> Optional[str]:
+    """
+    parse a .pls playlist file using curl, Returns the first 
+    valid stream URL found as a string.
+    
+    Args:
+        url: URL to the .pls file
+    
+    Returns:
+        The first valid stream URL found in the playlist, or None if no valid URLs found
+    """
+    try:
+        # Use curl to stream the playlist file line by line
+        # iTunes user-agent to mimic a media player (safest bet for servers that block curl)
+        curl = await asyncio.create_subprocess_exec(
+            'curl', '-L', '-N', '-A', '"iTunes/9.1.1"', '--silent', f'{url}',
+            stdout=asyncio.subprocess.PIPE,
+            stderr=asyncio.subprocess.PIPE
+        )
+        # check if we have a valid stdout, if not stop early 
+        while True:
+            output = await curl.stdout.readline()
+            if not output:
+                break
+            # look for "file1=" if we have data   
+            try:
+                string = output.decode('utf-8').strip()
+                if string.lower().startswith('file1='):
+                    stream_url = string.split('=', 1)[1].strip()                        
+                    try:
+                        curl.kill()  # we got it, die now
+                        await curl.wait()  # Wait for it to die
+                    except:
+                        pass  # closed by itself
+                    logger.debug(f"Found Stream Link to be: {stream_url}")
+                    return stream_url
+            except UnicodeDecodeError:
+                continue
+
+        # Was unsuccessful, let's try to clean up
+        try:
+            curl.kill()  
+            await curl.wait()  
+        except:
+            pass  # closed by itself
+        logger.warning(f"No valid stream URL found in playlist: {url}")
+        return None
+        
+    except Exception as e:
+        # we tried our best
+        logger.error(f"Error parsing playlist stream: {url} - {str(e)}")
+        return None