diff --git a/.github/dependabot.yml b/.github/dependabot.yml
new file mode 100644
index 0000000..356130d
--- /dev/null
+++ b/.github/dependabot.yml
@@ -0,0 +1,34 @@
+version: 2
+updates:
+  # Maintain dependencies for python
+  - package-ecosystem: "pip"
+    target-branch: "main"
+    directory: "/"
+    schedule:
+      interval: "weekly"
+      day: "friday"
+    labels:
+      - "chore"
+    open-pull-requests-limit: 10
+
+  # Maintain dependencies for GitHub Actions
+  - package-ecosystem: "github-actions"
+    target-branch: "main"
+    directory: "/"
+    schedule:
+      interval: "weekly"
+      day: "friday"
+    labels:
+      - "chore"
+    open-pull-requests-limit: 10
+
+  # Maintain dependencies for Docker
+  - package-ecosystem: "docker"
+    target-branch: "main"
+    directory: "/"
+    schedule:
+      interval: "weekly"
+      day: "friday"
+    labels:
+      - "chore"
+    open-pull-requests-limit: 10
diff --git a/.github/mergify.yml b/.github/mergify.yml
new file mode 100644
index 0000000..91730df
--- /dev/null
+++ b/.github/mergify.yml
@@ -0,0 +1,29 @@
+pull_request_rules:
+
+  # ===============================================================================
+  # DEPENDABOT
+  # ===============================================================================
+
+  - name: Automatic Merge for Dependabot Minor Version Pull Requests
+    conditions:
+      - -draft
+      - author~=^dependabot(|-preview)\[bot\]$
+      - check-success='test (1.16.x, ubuntu-latest)'
+      - check-success='test (1.17.x, ubuntu-latest)'
+      - title~=bump [^\s]+ from ([\d]+)\..+ to \1\.
+    actions:
+      review:
+        type: APPROVE
+        message: Automatically approving dependabot pull request
+      merge:
+        method: rebase
+  - name: Alert on major version detection
+    conditions:
+      - author~=^dependabot(|-preview)\[bot\]$
+      - check-success='Python application / build (push)'
+      - -title~=bump [^\s]+ from ([\d]+)\..+ to \1\.
+    actions:
+      comment:
+        message: "⚠️ @wheresalice: this is a major version bump and requires your attention"
+      assign:
+        users: ["wheresalice"]
diff --git a/requirements.txt b/requirements.txt
index 2940f4d..3949f7c 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -1,13 +1,32 @@
-Django>=4.0,<5.0
-psycopg2-binary>=2.8
-django-phonenumber-field[phonenumberslite]
-twilio
-gunicorn
-django-environ
-whitenoise
-pybrake
-behave-django
-freezegun
-requests
-codename-generator
-polib
+accumulation-tree==0.6.2
+asgiref==3.5.2
+beautifulsoup4==4.11.1
+behave==1.2.6
+behave-django==1.4.0
+certifi==2022.12.7
+charset-normalizer==2.1.1
+codename-generator==1.1.3
+Django==4.1.4
+django-environ==0.9.0
+django-phonenumber-field==7.0.1
+freezegun==1.2.2
+gunicorn==20.1.0
+idna==3.4
+parse==1.19.0
+parse-type==0.6.0
+phonenumberslite==8.13.2
+polib==1.1.1
+psycopg2-binary==2.9.5
+pybrake==1.10.0
+PyJWT==2.6.0
+python-dateutil==2.8.2
+pytz==2022.6
+pyudorandom==1.0.0
+requests==2.28.1
+six==1.16.0
+soupsieve==2.3.2.post1
+sqlparse==0.4.3
+tdigest==0.5.2.2
+twilio==7.15.4
+urllib3==1.26.13
+whitenoise==6.2.0