diff --git a/.github/dependabot.yml b/.github/dependabot.yml
new file mode 100644
index 0000000..35800cb
--- /dev/null
+++ b/.github/dependabot.yml
@@ -0,0 +1,12 @@
+# To get started with Dependabot version updates, you'll need to specify which
+# package ecosystems to update and where the package manifests are located.
+# Please see the documentation for all configuration options:
+# https://docs.github.com/github/administering-a-repository/configuration-options-for-dependency-updates
+
+version: 2
+updates:
+  # Maintain dependencies for GitHub Actions
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "weekly"
diff --git a/.github/workflows/cicd.yml b/.github/workflows/cicd.yml
index 93f6ee3..4352941 100644
--- a/.github/workflows/cicd.yml
+++ b/.github/workflows/cicd.yml
@@ -36,7 +36,7 @@ jobs:
             test-tasks: test # scoverage doesn’t support Scala 3
 
     steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v3
 
       #----------- JDK -----------
       - name: Set up JDK 11
@@ -46,7 +46,7 @@ jobs:
 
       #----------- CACHE -----------
       - name: Cache SBT
-        uses: actions/cache@v2.1.4
+        uses: actions/cache@v3.0.6
         with:
           # A list of files, directories, and wildcard patterns to cache and restore
           path: |
@@ -68,7 +68,7 @@ jobs:
     needs: [build]
     if: github.event_name != 'pull_request'
     steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v3
 
       #----------- JDK -----------
       - name: Set up JDK 11
@@ -78,7 +78,7 @@ jobs:
 
       #----------- CACHE -----------
       - name: Cache SBT
-        uses: actions/cache@v2.1.4
+        uses: actions/cache@v3.0.6
         with:
           # A list of files, directories, and wildcard patterns to cache and restore
           path: |
diff --git a/.github/workflows/codacy.yml b/.github/workflows/codacy.yml
index 3ef63c5..6bfa1b0 100644
--- a/.github/workflows/codacy.yml
+++ b/.github/workflows/codacy.yml
@@ -35,7 +35,7 @@ jobs:
     steps:
       # Checkout the repository to the GitHub Actions runner
       - name: Checkout code
-        uses: actions/checkout@v2
+        uses: actions/checkout@v3
 
       # Execute Codacy Analysis CLI and generate a SARIF output with the security issues identified during the analysis
       - name: Run Codacy Analysis CLI
@@ -55,6 +55,6 @@ jobs:
 
       # Upload the SARIF file generated in the previous step
       - name: Upload SARIF results file
-        uses: github/codeql-action/upload-sarif@v1
+        uses: github/codeql-action/upload-sarif@v2
         with:
           sarif_file: results.sarif
diff --git a/.mergify.yml b/.mergify.yml
index 46a6199..2201f3b 100644
--- a/.mergify.yml
+++ b/.mergify.yml
@@ -10,7 +10,7 @@ pull_request_rules:
       - label!=work-in-progress
     actions:
       merge:
-        method: merge
+        method: rebase
         priority: high
   - name: automatic merge for master when CI passes and author is steward
     conditions:
@@ -22,5 +22,17 @@ pull_request_rules:
       - base=main
     actions:
       merge:
-        method: merge
-        priority: medium
\ No newline at end of file
+        method: rebase
+        priority: medium
+  - name: automatic merge for master when CI passes and author is dependabot
+    conditions:
+      - author=dependabot[bot]
+      - check-success=codecov/patch
+      - check-success=codecov/project
+      - check-success=build (Scala2)
+      - check-success=build (Scala3)
+      - base=main
+    actions:
+      merge:
+        method: rebase
+        priority: medium