diff --git a/.github/dependabot.yml b/.github/dependabot.yml
new file mode 100644
index 00000000000..57535d922f0
--- /dev/null
+++ b/.github/dependabot.yml
@@ -0,0 +1,10 @@
+version: 2
+updates:
+- package-ecosystem: "pip"
+  directory: "/"
+  schedule:
+    interval: "daily"
+- package-ecosystem: "github-actions"
+  directory: "/"
+  schedule:
+    interval: "daily"
diff --git a/.github/labeler.yml b/.github/labeler.yml
new file mode 100644
index 00000000000..aa9b60f98e0
--- /dev/null
+++ b/.github/labeler.yml
@@ -0,0 +1,63 @@
+Tests:
+- changed-files:
+  - any-glob-to-any-file: [ "tests/**/*" ]
+
+Dependencies:
+- changed-files:
+  - any-glob-to-any-file:
+    - "requirements.txt"
+    - "setup.py"
+    - "pyproject.toml"
+    - "poetry.lock"
+    - "pixi.toml"
+    - "pixi.lock"
+    - "Pipfile"
+    - "Pipfile.lock"
+    - "requirements/*.txt"
+    - "requirements/*.in"
+
+Build:
+- changed-files:
+  - any-glob-to-any-file:
+    - "Dockerfile*"
+    - "docker-compose*.yml"
+    - "Makefile"
+
+Documentation:
+- changed-files:
+  - any-glob-to-any-file:
+    - "docs/**/*"
+    - "*.md"
+    - "*.rst"
+
+Config:
+- changed-files:
+  - any-glob-to-any-file:
+    - ".pre-commit-config.yaml"
+    - "config/**/*"
+    - "settings/**/*"
+    - "*.ini"
+    - "*.cfg"
+    - "*.conf"
+
+CI/CD:
+- changed-files:
+  - any-glob-to-any-file:
+    - ".github/**/*"
+    - "tox.ini"
+    - ".coveragerc"
+
+# Add 'feature' label to any PR where the head branch name starts with `feature` or has a `feature` section in the name
+feature:
+- head-branch:
+  - '^feature'
+  - 'feature'
+
+# Add 'bugfix' label to branches with bug/fix/hotfix prefixes
+bugfix:
+- head-branch: [ '^bug', '^fix', '^hotfix' ]
+
+# Add 'breaking' label for major version bumps or breaking change commits
+breaking:
+- title: [ '^BREAKING CHANGE', 'BREAKING-CHANGE' ]
+- body: [ 'BREAKING CHANGE:', 'BREAKING-CHANGE:' ]
diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
new file mode 100644
index 00000000000..30d0c0df7c9
--- /dev/null
+++ b/.github/workflows/codeql.yml
@@ -0,0 +1,25 @@
+# .github/workflows/codeql.yml
+name: CodeQL Analysis
+
+on:
+  push:
+    branches: [ main, master ]
+  pull_request:
+    branches: [ main, master ]
+  schedule:
+  - cron: '0 0 * * 0'
+
+jobs:
+  analyze:
+    runs-on: ubuntu-latest
+    permissions:
+      security-events: write
+
+    steps:
+    - uses: actions/checkout@v4
+    - name: Initialize CodeQL
+      uses: github/codeql-action/init@v3
+      with:
+        languages: python
+    - name: Perform CodeQL Analysis
+      uses: github/codeql-action/analyze@v3
diff --git a/.github/workflows/dependabot.yml b/.github/workflows/dependabot.yml
new file mode 100644
index 00000000000..9c51924990f
--- /dev/null
+++ b/.github/workflows/dependabot.yml
@@ -0,0 +1,16 @@
+name: Dependabot PR CI
+on:
+  schedule:
+    - cron: "0 */6 * * *" # Every six hours
+  workflow_dispatch:
+jobs:
+  auto-merge:
+    name: Auto Merge
+    runs-on: ubuntu-latest
+    steps:
+      - name: Merge minor/patch updates
+        uses: koj-co/dependabot-pr-action@v1
+        with:
+          token: ${{ secrets.GH_PAT }}
+          merge-minor: true
+          merge-patch: true
diff --git a/.github/workflows/labeler.yml b/.github/workflows/labeler.yml
new file mode 100644
index 00000000000..e57cd86e2b3
--- /dev/null
+++ b/.github/workflows/labeler.yml
@@ -0,0 +1,12 @@
+name: "Pull Request Labeler"
+on:
+- pull_request_target
+
+jobs:
+  labeler:
+    permissions:
+      contents: read
+      pull-requests: write
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/labeler@v5
diff --git a/.pre-commit-config.yml b/.pre-commit-config.yml
new file mode 100644
index 00000000000..0cf98ed6e49
--- /dev/null
+++ b/.pre-commit-config.yml
@@ -0,0 +1,56 @@
+repos:
+- repo: https://github.com/pre-commit/pre-commit-hooks
+  rev: v4.6.0
+  hooks:
+  - id: check-yaml # Check YAML files for syntax errors
+  - id: debug-statements # Check for debugger imports and py37+ breakpoint()
+  - id: end-of-file-fixer # Ensure files end in a newline
+  - id: trailing-whitespace # Trailing whitespace checker
+  - id: check-added-large-files # Check for large files added to git
+  - id: check-merge-conflict # Check for files that contain merge conflict strings
+- repo: https://github.com/pre-commit/pygrep-hooks
+  rev: v1.10.0 # Use the ref you want to point at
+  hooks:
+  - id: python-use-type-annotations # Check for missing type annotations
+  - id: python-check-blanket-noqa # Check for # noqa: all
+  - id: python-no-log-warn # Check for log.warn
+- repo: https://github.com/pycqa/isort
+  rev: 5.13.2
+  hooks:
+  - id: isort
+    args:
+    - -l 120
+    - --force-single-line-imports
+    - --profile black
+- repo: https://github.com/asottile/pyupgrade # Upgrade Python syntax
+  rev: v3.15.2
+  hooks:
+  - id: pyupgrade
+    args:
+    - --py310-plus
+- repo: https://github.com/psf/black # Format Python code
+  rev: 24.4.2
+  hooks:
+  - id: black
+    args:
+    - --line-length=120
+- repo: https://github.com/astral-sh/ruff-pre-commit
+  rev: v0.4.4
+  hooks:
+  - id: ruff
+    args:
+    - --line-length=120
+    - --fix
+    - --exit-non-zero-on-fix
+    - --preview
+- repo: https://github.com/jshwi/docsig # Check docstrings against function sig
+  rev: v0.53.2
+  hooks:
+  - id: docsig
+    args:
+    - --ignore-no-params # Allow docstrings without parameters
+    - --check-dunders # Check dunder methods
+    - --check-overridden # Check overridden methods
+    - --check-protected # Check protected methods
+    - --check-class # Check class docstrings
+    - --disable=E113 # Disable empty docstrings