diff --git a/.github/dependabot.yml b/.github/dependabot.yml
new file mode 100644
index 00000000..48544b94
--- /dev/null
+++ b/.github/dependabot.yml
@@ -0,0 +1,12 @@
+version: 2
+
+updates:
+  - package-ecosystem: "dotnet"
+    directory: "/"
+    schedule:
+      interval: "weekly"
+
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "weekly"
diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
index 88d6105c..0a4f28b9 100644
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -1,10 +1,11 @@
 name: "Code Scanning - Action"
-
 on:
-  push:
-    branches: [main]
-  pull_request:
-    branches: [main]
+  workflow_run:
+    workflows: ['.NET'] # runs after .NET workflow
+    types:
+      - completed
+    branches:
+      - 'main'
 
 jobs:
   CodeQL-Build:
diff --git a/.github/workflows/publish-log4brains.yml b/.github/workflows/publish-log4brains.yml
index 4b176863..9204c73c 100644
--- a/.github/workflows/publish-log4brains.yml
+++ b/.github/workflows/publish-log4brains.yml
@@ -1,8 +1,11 @@
 name: Publish Log4brains
 on:
-  push:
+  workflow_run:
+    workflows: ['.NET'] # runs after .NET workflow
+    types:
+      - completed
     branches:
-      - main
+      - 'main'
 jobs:
   build-and-publish:
     runs-on: ubuntu-latest