diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
index 9d8fd38..6de23a8 100644
--- a/.github/workflows/main.yml
+++ b/.github/workflows/main.yml
@@ -89,7 +89,7 @@ jobs:
           pip install .[test]
 
       - name: Bandit
-        run: bandit -r django_states -x django_states/tests -s B101 -f json -o report.json
+        run: bandit -c pyproject.toml -f json -o report.json .
 
       - name: Show report
         if: ${{ success() || failure() }}
@@ -105,7 +105,7 @@ jobs:
   tests:
     name: Python ${{ matrix.python-version }} / ${{ matrix.db }} / Django ${{ matrix.django-version}}
     runs-on: ubuntu-latest
-#    continue-on-error: ${{ matrix.django-version == '~=4.2.0' }}
+#    continue-on-error: ${{ matrix.django-version == '~=5.0' }}
     strategy:
       max-parallel: 4
       matrix:
@@ -154,7 +154,7 @@ jobs:
           DB_TYPE: ${{ matrix.db }}
           GOOGLE_MAPS_CLIENT_ID: ${{ secrets.GOOGLE_MAPS_CLIENT_ID }}
           GOOGLE_MAPS_API_KEY: ${{ secrets.GOOGLE_MAPS_API_KEY }}
-        run: export PYTHONPATH=`pwd` && coverage run demo_app/manage.py test --noinput --settings=demo_app.settings_test django_states.tests
+        run: export PYTHONPATH=`pwd` && coverage run
 
       - name: "Upload Coverage Results for PY:${{ matrix.python-version }} DB:${{ matrix.db}} DJ:${{ matrix.django-version }}"
         uses: actions/upload-artifact@v3
@@ -222,12 +222,9 @@ jobs:
         id: release
         env:
           PYTHONWARNINGS: once::DeprecationWarning
-          TASK_ALWAYS_EAGER: 1
           GITHUB_TOKEN: ${{ secrets.ORGANIZATIONAL_REPO_TOKEN }}
         run: |
-          bumper.py --directory . --exclude=.github,demo_app \
-            --version_files django_states/__init__.py \
-            --repo=pivotal-energy-solutions/django-states2 > out.json
+          bumper -P
           echo "bumped=$(jq '.bumped' out.json)" >> $GITHUB_OUTPUT
           echo "bump_version=$(jq '.bump_version' out.json)" >> $GITHUB_OUTPUT
           echo "bump_sha=$(jq '.bump_sha' out.json)" >> $GITHUB_OUTPUT
diff --git a/pyproject.toml b/pyproject.toml
index 7b88a11..3444e2a 100644
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -84,14 +84,15 @@ exclude = '''
   | dist
 )/
 '''
-extend-exclude = '''
-# A regex preceded with ^/ will apply only to files and directories
-# in the root of the project.
-/static/.py  # exclude a file named foo.py in the root of the project (in addition to the defaults)
-'''
+
+[tool.bandit]
+targets = ['django_states']
+exclude_dirs = ["django_states/tests"]
+skips = ["B101"]
 
 [tool.coverage.run]
 branch = true
+command_line = "demo_app/manage.py test --noinput --settings=demo_app.settings_test django_states.tests"
 omit = [
     "*/demo_app/**",
     "*/migrations/*",
@@ -104,4 +105,10 @@ precision = 1
 skip_covered = true
 skip_empty = true
 ignore_errors = true
-sort = "cover"
\ No newline at end of file
+sort = "cover"
+
+[tool.bumper]
+exclude = [".idea", ".github", "demo_app"]
+version_files = ["django_states/__init__.py"]
+repo = "pivotal-energy-solutions/django-states2"
+report = "out.json"