diff --git a/.github/dependabot.yml b/.github/dependabot.yml
new file mode 100644
index 0000000..d1a7a95
--- /dev/null
+++ b/.github/dependabot.yml
@@ -0,0 +1,11 @@
+# To get started with Dependabot version updates, you'll need to specify which
+# package ecosystems to update and where the package manifests are located.
+# Please see the documentation for all configuration options:
+# https://docs.github.com/github/administering-a-repository/configuration-options-for-dependency-updates
+
+version: 2
+updates:
+  - package-ecosystem: "npm"
+    directory: "/" # Location of package manifests
+    schedule:
+      interval: "weekly"
diff --git a/.github/workflows/commitlint.yml b/.github/workflows/commitlint.yml
new file mode 100644
index 0000000..098bbdd
--- /dev/null
+++ b/.github/workflows/commitlint.yml
@@ -0,0 +1,40 @@
+name: commitlint
+
+on:
+  workflow_call:
+  push:
+  pull_request:
+    branches: ["master"]
+
+jobs:
+  commitlint:
+    runs-on: ubuntu-22.04
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+      - name: Install required dependencies
+        run: |
+          sudo apt update
+          sudo apt install -y sudo
+          sudo apt install -y git curl
+
+      - uses: actions/setup-node@v3
+        with:
+          node-version: 20
+      - name: node setup
+        run: npm i
+      - name: Print versions
+        run: |
+          git --version
+          node --version
+          npm --version
+          npx commitlint --version
+
+      - name: Validate current commit (last commit) with commitlint
+        if: github.event_name == 'push'
+        run: npx commitlint --last --verbose
+
+      - name: Validate PR commits with commitlint
+        if: github.event_name == 'pull_request'
+        run: npx commitlint --from ${{ github.event.pull_request.head.sha }}~${{ github.event.pull_request.commits }} --to ${{ github.event.pull_request.head.sha }} --verbose
diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml
new file mode 100644
index 0000000..179ead3
--- /dev/null
+++ b/.github/workflows/publish.yml
@@ -0,0 +1,28 @@
+# TODO: ENABLE / UNCOMMENT WHEN NPM_TOKEN IS SET in secrets REPO
+# name: publish
+
+# on:
+#   push:
+#     tags:
+#       - "v*"
+
+# jobs:
+#   tests:
+#     uses: ./.github/workflows/tests.yml
+#   publish-npm:
+#     needs: [tests]
+#     runs-on: ubuntu-latest
+#     steps:
+#       - uses: actions/checkout@v4
+#       - name: Use Node.js ${{ matrix.node-version }}
+#         uses: actions/setup-node@v3
+#         with:
+#           node-version: '20.x'
+#           registry-url: 'https://registry.npmjs.org'
+#       - name: Publish to npm
+#         run: |
+#           npm install
+#           npm publish --access public
+#         env:
+#           NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
+#           #kick
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
new file mode 100644
index 0000000..fa6751f
--- /dev/null
+++ b/.github/workflows/release.yml
@@ -0,0 +1,38 @@
+# TODO: ENABLE / UNCOMMENT WHEN NPM_TOKEN IS SET in secrets REPO
+# name: release
+
+# on:
+#   push:
+#     branches: ["master"]
+#     tags-ignore: ['**']
+
+# jobs:
+#   tests:
+#     uses: ./.github/workflows/tests.yml
+#   tag-release:
+#     runs-on: ubuntu-latest
+#     needs: [tests]
+#     steps:
+#       - uses: actions/checkout@v4
+#         with: # important, must be defined on checkout to kick publish (defining in setup/node doesn't work)
+#           token: ${{ secrets.GH_TOKEN }}
+#       - name: Use Node.js ${{ matrix.node-version }}
+#         uses: actions/setup-node@v3
+#         with:
+#           node-version: '20.x'
+#           # cache: "npm" # needs lockfile if enabled
+
+#       - name: tag release
+#         run: |
+#           # ignore if commit message is chore(release): ...
+#           if [[ $(git log -1 --pretty=%B) =~ ^chore\(release\):.* ]]; then
+#             echo "Commit message starts with 'chore(release):', skipping release"
+#             exit 0
+#           fi
+#           git config --local user.email "creadbot@github.com"
+#           git config --local user.name "creadbot_github"
+#           set -v
+#           npm install
+#           npx commit-and-tag-version
+#           git push
+#           git push --tags
diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml
new file mode 100644
index 0000000..60b63e9
--- /dev/null
+++ b/.github/workflows/tests.yml
@@ -0,0 +1,24 @@
+name: tests
+
+on:
+  workflow_call:
+  pull_request:
+    branches: ["master"]
+
+jobs:
+  test:
+    strategy:
+      matrix:
+        node-version: ['18.x', '20.x', '22.x']
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - name: Use Node.js ${{ matrix.node-version }}
+        uses: actions/setup-node@v3
+        with:
+          node-version: ${{ matrix.node-version }}
+          # cache: "npm" # needs lockfile if enabled
+
+      - run: npm install
+      - run: npm run lint
+      - run: npm test
diff --git a/.travis.yml b/.travis.yml
deleted file mode 100644
index d7c126a..0000000
--- a/.travis.yml
+++ /dev/null
@@ -1,6 +0,0 @@
----
-language: node_js
-node_js:
-  - stable
-  - 14
-  - 12
diff --git a/package.json b/package.json
index 48216aa..26c7a6f 100644
--- a/package.json
+++ b/package.json
@@ -61,6 +61,8 @@
     "@commitlint/cli": "^19",
     "@commitlint/config-conventional": "^19",
     "better-npm-audit": "3.7.3",
+    "commit-and-tag-version": "12",
+    "commitlint": "19",
     "eslint": "8",
     "eslint-config-prettier": "9",
     "eslint-config-standard": "17",