diff --git a/.github/workflows/combine-dependencies.yml b/.github/workflows/combine-dependencies.yml
new file mode 100644
index 0000000000..d44461ff5a
--- /dev/null
+++ b/.github/workflows/combine-dependencies.yml
@@ -0,0 +1,23 @@
+name: Combine Dependencies
+
+on: workflow_dispatch
+
+# The minimum permissions required to run this Action
+permissions:
+  contents: write
+  pull-requests: write
+  checks: read
+
+jobs:
+  combine-prs:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Combine dependencies
+        id: combine-dependencies
+        uses: github/combine-prs@v5.0.0
+        with:
+          pr_title: Combined dependencies # The title of the pull request to create
+          select_label: dependencies # The label which marks PRs that should be combined.
+          labels: combined-dependencies # Add a label to the combined PR
+          ci_required: "false" # Whether or not CI should be passing to combine the PR
diff --git a/Pipfile b/Pipfile
index d4ec3623ad..55b0861a8e 100644
--- a/Pipfile
+++ b/Pipfile
@@ -28,7 +28,7 @@ dry-rest-permissions = "==0.1.10"
 drf-nested-routers = "==0.93.4"
 drf-spectacular = "==0.26.4"
 "fhir.resources" = "==6.5.0"
-gunicorn = "==21.2.0"
+gunicorn = "==22.0.0"
 healthy-django = "==0.1.0"
 jsonschema = "==4.20.0"
 jwcrypto = "==1.5.6"
diff --git a/Pipfile.lock b/Pipfile.lock
index 6473b6e5ca..db18bde303 100644
--- a/Pipfile.lock
+++ b/Pipfile.lock
@@ -1,7 +1,7 @@
 {
     "_meta": {
         "hash": {
-            "sha256": "73c334f2423e700407b90c54bc4a9d1d0668bbae2a9ccc596c42d46611b934f4"
+            "sha256": "f03a9449ab0a958ac22c6dc8bc3b80bb87bd70eb03fb763da57af273f98c928b"
         },
         "pipfile-spec": 6,
         "requires": {
@@ -537,12 +537,12 @@
         },
         "gunicorn": {
             "hashes": [
-                "sha256:3213aa5e8c24949e792bcacfc176fef362e7aac80b76c56f6b5122bf350722f0",
-                "sha256:88ec8bff1d634f98e61b9f65bc4bf3cd918a90806c6f5c48bc5603849ec81033"
+                "sha256:350679f91b24062c86e386e198a15438d53a7a8207235a78ba1b53df4c4378d9",
+                "sha256:4a0b436239ff76fb33f11c07a16482c521a7e09c1ce3cc293c2330afe01bec63"
             ],
             "index": "pypi",
-            "markers": "python_version >= '3.5'",
-            "version": "==21.2.0"
+            "markers": "python_version >= '3.7'",
+            "version": "==22.0.0"
         },
         "healthy-django": {
             "hashes": [