diff --git a/.github/dependabot.yml b/.github/dependabot.yml
new file mode 100644
index 0000000..57535d9
--- /dev/null
+++ b/.github/dependabot.yml
@@ -0,0 +1,10 @@
+version: 2
+updates:
+- package-ecosystem: "pip"
+  directory: "/"
+  schedule:
+    interval: "daily"
+- package-ecosystem: "github-actions"
+  directory: "/"
+  schedule:
+    interval: "daily"
diff --git a/.github/labeler.yml b/.github/labeler.yml
new file mode 100644
index 0000000..aa9b60f
--- /dev/null
+++ b/.github/labeler.yml
@@ -0,0 +1,63 @@
+Tests:
+- changed-files:
+  - any-glob-to-any-file: [ "tests/**/*" ]
+
+Dependencies:
+- changed-files:
+  - any-glob-to-any-file:
+    - "requirements.txt"
+    - "setup.py"
+    - "pyproject.toml"
+    - "poetry.lock"
+    - "pixi.toml"
+    - "pixi.lock"
+    - "Pipfile"
+    - "Pipfile.lock"
+    - "requirements/*.txt"
+    - "requirements/*.in"
+
+Build:
+- changed-files:
+  - any-glob-to-any-file:
+    - "Dockerfile*"
+    - "docker-compose*.yml"
+    - "Makefile"
+
+Documentation:
+- changed-files:
+  - any-glob-to-any-file:
+    - "docs/**/*"
+    - "*.md"
+    - "*.rst"
+
+Config:
+- changed-files:
+  - any-glob-to-any-file:
+    - ".pre-commit-config.yaml"
+    - "config/**/*"
+    - "settings/**/*"
+    - "*.ini"
+    - "*.cfg"
+    - "*.conf"
+
+CI/CD:
+- changed-files:
+  - any-glob-to-any-file:
+    - ".github/**/*"
+    - "tox.ini"
+    - ".coveragerc"
+
+# Add 'feature' label to any PR where the head branch name starts with `feature` or has a `feature` section in the name
+feature:
+- head-branch:
+  - '^feature'
+  - 'feature'
+
+# Add 'bugfix' label to branches with bug/fix/hotfix prefixes
+bugfix:
+- head-branch: [ '^bug', '^fix', '^hotfix' ]
+
+# Add 'breaking' label for major version bumps or breaking change commits
+breaking:
+- title: [ '^BREAKING CHANGE', 'BREAKING-CHANGE' ]
+- body: [ 'BREAKING CHANGE:', 'BREAKING-CHANGE:' ]
diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
new file mode 100644
index 0000000..30d0c0d
--- /dev/null
+++ b/.github/workflows/codeql.yml
@@ -0,0 +1,25 @@
+# .github/workflows/codeql.yml
+name: CodeQL Analysis
+
+on:
+  push:
+    branches: [ main, master ]
+  pull_request:
+    branches: [ main, master ]
+  schedule:
+  - cron: '0 0 * * 0'
+
+jobs:
+  analyze:
+    runs-on: ubuntu-latest
+    permissions:
+      security-events: write
+
+    steps:
+    - uses: actions/checkout@v4
+    - name: Initialize CodeQL
+      uses: github/codeql-action/init@v3
+      with:
+        languages: python
+    - name: Perform CodeQL Analysis
+      uses: github/codeql-action/analyze@v3
diff --git a/.github/workflows/labeler.yml b/.github/workflows/labeler.yml
new file mode 100644
index 0000000..e57cd86
--- /dev/null
+++ b/.github/workflows/labeler.yml
@@ -0,0 +1,12 @@
+name: "Pull Request Labeler"
+on:
+- pull_request_target
+
+jobs:
+  labeler:
+    permissions:
+      contents: read
+      pull-requests: write
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/labeler@v5