diff --git a/.github/dependabot.yml b/.github/dependabot.yml
index 26da661..c29d473 100644
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -1,3 +1,7 @@
+# SPDX-FileCopyrightText: 2022-2023 The go-mail Authors
+#
+# SPDX-License-Identifier: CC0-1.0
+
 version: 2
 updates:
   - package-ecosystem: github-actions
diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml
index 3f34562..0b2622e 100644
--- a/.github/workflows/dependency-review.yml
+++ b/.github/workflows/dependency-review.yml
@@ -1,3 +1,7 @@
+# SPDX-FileCopyrightText: 2022-2023 The go-mail Authors
+#
+# SPDX-License-Identifier: CC0-1.0
+
 # Dependency Review Action
 #
 # This Action will scan dependency manifest files that change as part of a Pull Request,
diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml
index b4c4e07..310b0f2 100644
--- a/.github/workflows/scorecards.yml
+++ b/.github/workflows/scorecards.yml
@@ -1,3 +1,7 @@
+# SPDX-FileCopyrightText: 2022-2023 The go-mail Authors
+#
+# SPDX-License-Identifier: CC0-1.0
+
 # This workflow uses actions that are not certified by GitHub. They are provided
 # by a third-party and are governed by separate terms of service, privacy
 # policy, and support documentation.