diff --git a/.github/workflows/dependabot.yml b/.github/workflows/dependabot.yml
new file mode 100644
index 000000000..f9da5d0b0
--- /dev/null
+++ b/.github/workflows/dependabot.yml
@@ -0,0 +1,20 @@
+
+name: Auto-approve and enable auto-merge on dependabot PRs
+on: pull_request_target
+
+jobs:
+  auto-approve-and-automerge:
+    # sources:
+    # https://github.com/hmarr/auto-approve-action
+    # https://github.com/marketplace/actions/enable-pull-request-automerge#dependabot-example
+    runs-on: ubuntu-latest
+    permissions:
+      pull-requests: write
+    if: github.actor == 'dependabot[bot]'
+    steps:
+      - name: Auto-approve PR
+        uses: hmarr/auto-approve-action@v3
+      - name: Enable auto-merge
+        run: gh pr merge --merge --auto ${{ github.event.pull_request.number }}
+        env:
+          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}