* Automatically labels PRs based on change paths to make it easier to see what is in scope of a PR at a glance * Merges dependency security scanning into single CI workflows for Rust/TS changes