diff --git a/.github/FUNDING.yml b/.github/FUNDING.yml
new file mode 100644
index 0000000..9fde76a
--- /dev/null
+++ b/.github/FUNDING.yml
@@ -0,0 +1,4 @@
+github:
+- oapi-codegen
+- jamietanna
+open_collective: oapi-codegen
diff --git a/.github/release-drafter.yml b/.github/release-drafter.yml
new file mode 100644
index 0000000..ca2b5cc
--- /dev/null
+++ b/.github/release-drafter.yml
@@ -0,0 +1,72 @@
+# Configuration for Release Drafter: https://github.com/toolmantim/release-drafter
+name-template: $NEXT_PATCH_VERSION
+tag-template: $NEXT_PATCH_VERSION
+
+# Emoji reference: https://gitmoji.carloscuesta.me/
+categories:
+  - title: ☢️ Breaking changes
+    labels:
+      - "☢️ breaking change"
+  - title: 🎉 Notable changes
+    labels:
+      - "notable changes"
+  - title: 🚀 New features and improvements
+    labels:
+      - enhancement
+  - title: 🐛 Bug fixes
+    labels:
+      - bug
+  - title: 📝 Documentation updates
+    labels:
+      - documentation
+  - title: 👻 Maintenance
+    labels:
+      - chore
+      - maintenance
+  - title: 🚦 Tests
+    labels:
+      - test
+  - title: ✍ Other changes
+  - title: 📦 Dependency updates
+    labels:
+      - dependencies
+    collapse-after: 5
+  - title: 🔐 Security
+    labels:
+      - "🔐 security"
+exclude-labels:
+  - skip-changelog
+  - invalid
+  - dependencies-test-only
+
+template: |
+  > [!CAUTION]
+  > Please fill out the "Notable Changes" section with information about each of the features, for instance how https://github.com/oapi-codegen/oapi-codegen/releases/tag/v2.2.0 was done
+
+  $CHANGES
+
+  ## Sponsors
+
+  We would like to thank our sponsors for their support during this release.
+
+  > [!CAUTION]
+  > Please make sure that all the current sponsors (from our README) are added here.
+  >
+  > Please also note that the URLs will need pinning to the release we're about to publish.
+
+  i.e.
+
+  <p align="center">
+    <a href="https://elastic.co?utm_source=oapi-codegen+repo&utm_medium=github+sponsorship">
+      <picture>
+        <source media="(prefers-color-scheme: light)" srcset="https://raw.githubusercontent.com/oapi-codegen/oapi-codegen/v2.4.0/.github/sponsors/elastic-light.svg">
+        <source media="(prefers-color-scheme: dark)" srcset="https://raw.githubusercontent.com/oapi-codegen/oapi-codegen/v2.4.0/.github/sponsors/elastic-dark.svg">
+        <img alt="Elastic logo" src="https://raw.githubusercontent.com/oapi-codegen/oapi-codegen/v2.4.0/.github/sponsors/elastic-dark.svg" height="100px">
+      </picture>
+    </a>
+  </p>
+
+autolabeler:
+  - label: 'documentation'
+    files:
+      - '*.md'
diff --git a/SECURITY.md b/SECURITY.md
new file mode 100644
index 0000000..e85599f
--- /dev/null
+++ b/SECURITY.md
@@ -0,0 +1,49 @@
+# Security Policy
+
+As a key component in the implementation of API clients and servers, [`oapi-codegen`](https://github.com/oapi-codegen/oapi-codegen) is in an critical position to keep secure.
+
+## Supported versions
+
+Only `oapi-codegen`'s latest minor version is generally supported.
+
+Related: [`oapi-codegen`'s support model (`SUPPORT.md`)](https://github.com/oapi-codegen/oapi-codegen/blob/HEAD/SUPPORT.md)
+
+However, depending on the severity of a given security vulnerability, there may be case(s) where this would lead to a backport of the patch on a currently unsupported version.
+
+## Reporting Security Issues
+
+<!-- Via https://github.com/github/.github/blob/main/SECURITY.md -->
+
+If you believe you have found a security vulnerability in `oapi-codegen` or any of the related projects in [the `oapi-codegen` GitHub organisation](https://github.com/oapi-codegen/), please report it to us through coordinated disclosure.
+
+> [!IMPORTANT]
+> **Please do not report security vulnerabilities through public GitHub issues, discussions, or pull requests.**
+
+Please report the vulnerability through the GitHub security advisories page.
+
+For instance, for the core `oapi-codegen` CLI, you would report it [on this page](https://github.com/oapi-codegen/oapi-codegen/security/advisories/).
+
+Please include as much of the information listed below as you can to help us better understand and resolve the issue:
+
+* The type of issue (e.g., buffer overflow, SQL injection, or cross-site scripting)
+* Full paths of source file(s) related to the manifestation of the issue
+* The location of the affected source code (tag/branch/commit or direct URL)
+* Any special configuration required to reproduce the issue
+* Step-by-step instructions to reproduce the issue
+* Proof-of-concept or exploit code (if possible)
+* Impact of the issue, including how an attacker might exploit the issue
+
+This information will help us triage your report more quickly.
+
+## CVEs in dependencies
+
+If a dependency that `oapi-codegen` (or its child projects) contains a CVE, we will look to patch that dependency in the following cases:
+
+- The dependency's CVE is exploitable using static analysis, via [`govulncheck`](https://pkg.go.dev/golang.org/x/vuln/cmd/govulncheck)
+- The dependency's CVE requires a mix of some code changes and a version bump to address the CVE
+- If we are generally updating dependencies (for instance part of general hygiene or as part of updating dependencies ahead of a release)
+
+> [!NOTE]
+> Given the Go ecosystem allows projects to override dependency updates, this allows consumers of `oapi-codegen` to upgrade dependencies separate to `oapi-codegen` making changes upstream.
+>
+> We will strive to make sure that we do update these dependencies on a regular basis, but until a fix or release is made, it is possible to override the version in your `go.mod`.
diff --git a/profile/README.md b/profile/README.md
index 744f884..0289400 100644
--- a/profile/README.md
+++ b/profile/README.md
@@ -1,13 +1,30 @@
 # oapi-codegen
 
-Community organisation for the Go OpenAPI code generator, [deepmap/oapi-codegen](https://github.com/deepmap/oapi-codegen) and its related projects.
+Community organisation for the Go OpenAPI code generator, [oapi-codegen/oapi-codegen](https://github.com/oapi-codegen/oapi-codegen) and its related projects.
+
+The project is maintained in according to [its governance](https://github.com/oapi-codegen/governance/).
 
 ## Projects
 
-- [deepmap/oapi-codegen](https://github.com/deepmap/oapi-codegen)
+`oapi-codegen` is primarily operated out of two core projects:
+
+- [oapi-codegen/oapi-codegen](https://github.com/oapi-codegen/oapi-codegen)
 - [oapi-codegen/runtime](https://github.com/oapi-codegen/runtime)
+
+Additionally, there are the following HTTP middleware bindings for performing request/response validation against the OpenAPI spec: 
+
 - [oapi-codegen/nethttp-middleware](https://github.com/oapi-codegen/nethttp-middleware)
 - [oapi-codegen/fiber-middleware](https://github.com/oapi-codegen/fiber-middleware)
 - [oapi-codegen/iris-middleware](https://github.com/oapi-codegen/iris-middleware)
 - [oapi-codegen/echo-middleware](https://github.com/oapi-codegen/echo-middleware)
 - [oapi-codegen/gin-middleware](https://github.com/oapi-codegen/gin-middleware)
+
+## Non-OpenAPI projects
+
+Additionally, there is [the `nullable` package](https://github.com/oapi-codegen/nullable):
+
+> An implementation of a `Nullable` type for JSON bodies, indicating whether the field is absent, set to `null`, or set to a value
+
+And the lesser used `testutil` project, which can provide a more fluent means to create HTTP requests, and validate them:
+
+- [oapi-codegen/testutil](https://github.com/oapi-codegen/testutil)
diff --git a/rulesets/No default branch deletions.json b/rulesets/No default branch deletions.json
new file mode 100644
index 0000000..273242a
--- /dev/null
+++ b/rulesets/No default branch deletions.json	
@@ -0,0 +1,25 @@
+{
+  "id": 8386067,
+  "name": "No default branch deletions",
+  "target": "branch",
+  "source_type": "Repository",
+  "source": "oapi-codegen/oapi-codegen",
+  "enforcement": "active",
+  "conditions": {
+    "ref_name": {
+      "exclude": [],
+      "include": [
+        "~DEFAULT_BRANCH"
+      ]
+    }
+  },
+  "rules": [
+    {
+      "type": "deletion"
+    },
+    {
+      "type": "non_fast_forward"
+    }
+  ],
+  "bypass_actors": []
+}
\ No newline at end of file
diff --git a/rulesets/No updates_deletion of tags.json b/rulesets/No updates_deletion of tags.json
new file mode 100644
index 0000000..f58a006
--- /dev/null
+++ b/rulesets/No updates_deletion of tags.json	
@@ -0,0 +1,30 @@
+{
+  "id": 8381596,
+  "name": "No updates/deletion of tags",
+  "target": "tag",
+  "source_type": "Repository",
+  "source": "oapi-codegen/oapi-codegen",
+  "enforcement": "active",
+  "conditions": {
+    "ref_name": {
+      "exclude": [
+        "refs/tags/next"
+      ],
+      "include": [
+        "~ALL"
+      ]
+    }
+  },
+  "rules": [
+    {
+      "type": "deletion"
+    },
+    {
+      "type": "non_fast_forward"
+    },
+    {
+      "type": "update"
+    }
+  ],
+  "bypass_actors": []
+}
\ No newline at end of file
diff --git a/rulesets/Only maintainers can create tags.json b/rulesets/Only maintainers can create tags.json
new file mode 100644
index 0000000..63df9c0
--- /dev/null
+++ b/rulesets/Only maintainers can create tags.json	
@@ -0,0 +1,33 @@
+{
+  "id": 8381588,
+  "name": "Only maintainers can create tags",
+  "target": "tag",
+  "source_type": "Repository",
+  "source": "oapi-codegen/oapi-codegen",
+  "enforcement": "active",
+  "conditions": {
+    "ref_name": {
+      "exclude": [],
+      "include": [
+        "~ALL"
+      ]
+    }
+  },
+  "rules": [
+    {
+      "type": "creation"
+    }
+  ],
+  "bypass_actors": [
+    {
+      "actor_id": null,
+      "actor_type": "OrganizationAdmin",
+      "bypass_mode": "always"
+    },
+    {
+      "actor_id": 8502102,
+      "actor_type": "Team",
+      "bypass_mode": "always"
+    }
+  ]
+}
\ No newline at end of file
diff --git a/rulesets/README.md b/rulesets/README.md
new file mode 100644
index 0000000..a513d95
--- /dev/null
+++ b/rulesets/README.md
@@ -0,0 +1,8 @@
+# Repository Rulesets
+
+JSON exports of [Repository Rulesets](https://docs.github.com/en/repositories/configuring-branches-and-merges-in-your-repository/managing-rulesets/about-rulesets) for branches and tags that `oapi-codegen`'s org uses.
+
+> [!NOTE]
+> This may not be in-sync with the actual Rulesets on a given repository.
+
+When importing these, be sure to check that the status checks expected are correct.
diff --git a/rulesets/`main` branch.json b/rulesets/`main` branch.json
new file mode 100644
index 0000000..e9bfcce
--- /dev/null
+++ b/rulesets/`main` branch.json	
@@ -0,0 +1,59 @@
+{
+  "id": 8386144,
+  "name": "`main` branch",
+  "target": "branch",
+  "source_type": "Repository",
+  "source": "oapi-codegen/oapi-codegen",
+  "enforcement": "active",
+  "conditions": {
+    "ref_name": {
+      "exclude": [],
+      "include": [
+        "~DEFAULT_BRANCH"
+      ]
+    }
+  },
+  "rules": [
+    {
+      "type": "required_status_checks",
+      "parameters": {
+        "strict_required_status_checks_policy": false,
+        "do_not_enforce_on_create": false,
+        "required_status_checks": [
+          {
+            "context": "build / CI",
+            "integration_id": 15368
+          }
+        ]
+      }
+    },
+    {
+      "type": "pull_request",
+      "parameters": {
+        "required_approving_review_count": 1,
+        "dismiss_stale_reviews_on_push": false,
+        "required_reviewers": [],
+        "require_code_owner_review": true,
+        "require_last_push_approval": false,
+        "required_review_thread_resolution": false,
+        "allowed_merge_methods": [
+          "merge",
+          "squash",
+          "rebase"
+        ]
+      }
+    }
+  ],
+  "bypass_actors": [
+    {
+      "actor_id": null,
+      "actor_type": "OrganizationAdmin",
+      "bypass_mode": "always"
+    },
+    {
+      "actor_id": 8502102,
+      "actor_type": "Team",
+      "bypass_mode": "always"
+    }
+  ]
+}
\ No newline at end of file