diff --git a/.github/actions/check-code/action.yml b/.github/actions/check-code/action.yml
new file mode 100644
index 00000000..ec796004
--- /dev/null
+++ b/.github/actions/check-code/action.yml
@@ -0,0 +1,12 @@
+name: "check-code"
+description: "run linting and type checking"
+
+runs:
+  using: "composite"
+  steps:
+    - run: npm run lint
+      shell: bash
+    - run: npm run types
+      shell: bash
+    - run: npm run typecheck
+      shell: bash
diff --git a/.github/actions/code-checks/action.yml b/.github/actions/code-checks/action.yml
deleted file mode 100644
index 8b9888a9..00000000
--- a/.github/actions/code-checks/action.yml
+++ /dev/null
@@ -1,17 +0,0 @@
-name: "Code Checks"
-description: "Run tests, linting, and other common jobs"
-runs:
-  using: "composite"
-  steps:
-    - name: Install dependencies
-      run: npm ci
-      shell: bash
-    - name: Lint
-      run: npm run lint
-      shell: bash
-    - name: Generate types
-      run: npm run types
-      shell: bash
-    - name: Typecheck
-      run: npm run typecheck
-      shell: bash
diff --git a/.github/actions/install-node/action.yml b/.github/actions/install-node/action.yml
new file mode 100644
index 00000000..f29c2ad0
--- /dev/null
+++ b/.github/actions/install-node/action.yml
@@ -0,0 +1,12 @@
+name: "install-node"
+description: "setup node environment and install dependencies"
+
+runs:
+  using: "composite"
+  steps:
+    - uses: actions/setup-node@v4
+      with:
+        node-version: "24"
+        cache: "npm"
+    - run: npm ci
+      shell: bash
diff --git a/.github/workflows/pre-run.yml b/.github/workflows/pre-run.yml
new file mode 100644
index 00000000..03b6d892
--- /dev/null
+++ b/.github/workflows/pre-run.yml
@@ -0,0 +1,21 @@
+name: pre-run
+
+on:
+  workflow_call:
+    outputs:
+      is-not-fork:
+        description: "is the repository the original project"
+        value: ${{ jobs.check-fork.outputs.is_not_fork }}
+  workflow_dispatch:
+
+permissions:
+  contents: read
+
+jobs:
+  check-fork:
+    runs-on: ubuntu-latest
+    outputs:
+      is_not_fork: ${{ steps.check.outputs.is_not_fork }}
+    steps:
+      - id: check
+        run: echo "is_not_fork=${{ github.repository_owner == 'stx-labs' }}" >> "$GITHUB_OUTPUT"
diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml
index eb8da105..3ed03c2f 100644
--- a/.github/workflows/publish.yml
+++ b/.github/workflows/publish.yml
@@ -1,4 +1,5 @@
-name: Publish
+name: publish
+
 on:
   push:
     branches:
@@ -8,18 +9,15 @@ on:
 permissions:
   id-token: write # Required for OIDC
   contents: write
-  pull-requests: write
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
 
 jobs:
-  publish_npm:
-    name: Publish production NPM packages
+  publish-npm:
     runs-on: ubuntu-latest
     if: "contains(github.event.head_commit.message, 'chore: version packages')"
     steps:
       - uses: actions/checkout@v4
-      - uses: actions/setup-node@v4
-        with:
-          node-version: "24"
-          cache: "npm"
-      - run: npm ci
+      - uses: ./.github/actions/install-node
       - run: npx lerna publish from-package --yes
diff --git a/.github/workflows/pull-request.yml b/.github/workflows/pull-request.yml
new file mode 100644
index 00000000..17dbb42e
--- /dev/null
+++ b/.github/workflows/pull-request.yml
@@ -0,0 +1,29 @@
+name: pull-request
+
+on:
+  pull_request:
+  workflow_dispatch:
+
+permissions:
+  contents: read
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
+  cancel-in-progress: true
+
+jobs:
+  pre-run:
+    uses: ./.github/workflows/pre-run.yml
+
+  commitlint:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: wagoid/commitlint-github-action@b948419dd99f3fd78a6548d48f94e3df7f6bf3ed # 6.2.1
+
+  code-checks:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: ./.github/actions/install-node
+      - uses: ./.github/actions/check-code
diff --git a/.github/workflows/pull_request.yml b/.github/workflows/pull_request.yml
deleted file mode 100644
index a1aa5030..00000000
--- a/.github/workflows/pull_request.yml
+++ /dev/null
@@ -1,96 +0,0 @@
-name: Pull Request
-on: [pull_request, workflow_dispatch]
-
-jobs:
-  check_fork:
-    name: Disable jobs for forks
-    runs-on: ubuntu-latest
-    outputs:
-      is_not_fork: ${{ steps.is_not_fork.outputs.is_not_fork }}
-    steps:
-      - name: Check for secret
-        id: is_not_fork
-        env:
-          NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
-        run: |
-          echo "Is a fork: ${{ env.NPM_TOKEN == '' }}"
-          echo "::set-output name=is_not_fork::${{ env.NPM_TOKEN != '' }}"
-
-  commitlint:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v3
-        with:
-          fetch-depth: 0
-      - uses: wagoid/commitlint-github-action@v5
-
-  code_checks:
-    name: Code checks
-    runs-on: ubuntu-latest
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v2
-        with:
-          ref: ${{ github.event.pull_request.head.ref }}
-      - name: Set up Node.js
-        uses: actions/setup-node@v3
-        with:
-          node-version: '18'
-          cache: 'npm'
-      - name: Code Checks
-        uses: ./.github/actions/code-checks
-
-  publish_npm_betas:
-    name: Publish NPM beta versions
-    runs-on: ubuntu-latest
-    needs: [check_fork]
-    if: needs.check_fork.outputs.is_not_fork == 'true'
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v2
-        with:
-          ref: ${{ github.event.pull_request.head.ref }}
-      - name: Set up Node.js
-        uses: actions/setup-node@v3
-        with:
-          node-version: '18'
-          cache: 'npm'
-      - name: Install monorepo deps
-        run: npm ci
-      - name: Setup .npmrc
-        env:
-          NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
-        run: echo "//registry.npmjs.org/:_authToken=$NPM_TOKEN" > ~/.npmrc
-      - name: Get git branch
-        id: git-branch
-        run: echo "::set-output name=branch::$(git rev-parse --abbrev-ref HEAD | cut -d'/' -f2 )"
-      - name: Get git commit
-        id: git-commit
-        run: echo "::set-output name=sha::$(git rev-parse --short HEAD)"
-      - name: Set preid
-        id: preid
-        run: |
-          if [ "${{ steps.git-branch.outputs.branch }}" = "beta" ]; then
-            echo "preid=beta" >> "$GITHUB_OUTPUT"
-          else
-            echo "preid=alpha.${{ steps.git-commit.outputs.sha }}" >> "$GITHUB_OUTPUT"
-          fi
-      - name: Setup git
-        run: |
-          git config --local user.email "action@github.com"
-          git config --local user.name "GitHub Action"
-      - name: Publish to NPM
-        env:
-          BRANCH: ${{ steps.git-branch.outputs.branch }}
-          PREID: ${{ steps.preid.outputs.preid }}
-        run: npx lerna publish prepatch --preid $PREID --dist-tag pr --yes --no-push
-      - name: Get package versions
-        id: versions
-        run: |
-          echo "connect=$(cat packages/connect/package.json | jq -r '.version')" >> "$GITHUB_OUTPUT"
-          echo "connectreact=$(cat packages/connect-react/package.json | jq -r '.version')" >> "$GITHUB_OUTPUT"
-          echo "connectui=$(cat packages/connect-ui/package.json | jq -r '.version')" >> "$GITHUB_OUTPUT"
-      - uses: janniks/pull-request-fixed-header@v1.0.1
-        with:
-          header: "> This PR was published to npm with versions:\n> - connect `npm install @stacks/connect@${{ steps.versions.outputs.connect }} --save-exact`\n> - connect-react `npm install @stacks/connect-react@${{ steps.versions.outputs.connectreact }} --save-exact`\n> - connect-ui `npm install @stacks/connect-ui@${{ steps.versions.outputs.connectui }} --save-exact`"
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
diff --git a/.github/workflows/version.yml b/.github/workflows/version.yml
index d8a01102..49caf052 100644
--- a/.github/workflows/version.yml
+++ b/.github/workflows/version.yml
@@ -1,4 +1,5 @@
-name: Version
+name: version
+
 on:
   push:
     branches:
@@ -9,34 +10,30 @@ permissions:
   contents: write
   pull-requests: write
 
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+
 jobs:
-  code_checks:
-    name: Code checks
+  code-checks:
     if: "!contains(github.event.head_commit.message, 'chore: version packages')"
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v4
-      - uses: actions/setup-node@v4
-        with:
-          node-version: "24"
-          cache: "npm"
-      - uses: ./.github/actions/code-checks
+      - uses: ./.github/actions/install-node
+      - uses: ./.github/actions/check-code
 
-  version:
-    runs-on: ubuntu-latest
-    if: "!contains(github.event.head_commit.message, 'chore: version packages')"
-    needs: [code_checks]
-    steps:
-      - uses: actions/checkout@v4
-      - uses: actions/setup-node@v4
-        with:
-          node-version: "24"
-          cache: "npm"
-      - run: npm ci
-      - uses: changesets/action@e0145edc7d9d8679003495b11f87bd8ef63c0cba
-        with:
-          title: "chore: version packages"
-          commit: "chore: version packages"
-          commitMode: "github-api"
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+  # TODO: RE-ENABLE VERSION WHEN PERMISSIONS ARE FIXED
+  # version:
+  #   runs-on: ubuntu-latest
+  #   if: "!contains(github.event.head_commit.message, 'chore: version packages')"
+  #   needs: [code-checks]
+  #   steps:
+  #     - uses: actions/checkout@v4
+  #     - uses: ./.github/actions/install-node
+  #     - uses: changesets/action@e0145edc7d9d8679003495b11f87bd8ef63c0cba
+  #       with:
+  #         title: "chore: version packages"
+  #         commit: "chore: version packages"
+  #         commitMode: "github-api"
+  #       env:
+  #         GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}