diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
deleted file mode 100644
index 1ea7e80..0000000
--- a/.github/workflows/codeql-analysis.yml
+++ /dev/null
@@ -1,51 +0,0 @@
-name: "Code scanning - action"
-
-on:
-  push:
-  pull_request:
-  schedule:
-    - cron: '0 23 * * 0'
-
-jobs:
-  CodeQL-Build:
-
-    runs-on: ubuntu-latest
-
-    steps:
-    - name: Checkout repository
-      uses: actions/checkout@v2
-      with:
-        # We must fetch at least the immediate parents so that if this is
-        # a pull request then we can checkout the head.
-        fetch-depth: 2
-
-    # If this run was triggered by a pull request event, then checkout
-    # the head of the pull request instead of the merge commit.
-    - run: git checkout HEAD^2
-      if: ${{ github.event_name == 'pull_request' }}
-      
-    # Initializes the CodeQL tools for scanning.
-    - name: Initialize CodeQL
-      uses: github/codeql-action/init@v1
-      # Override language selection by uncommenting this and choosing your languages
-      # with:
-      #   languages: go, javascript, csharp, python, cpp, java
-
-    # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
-    # If this step fails, then you should remove it and run the build manually (see below)
-    - name: Autobuild
-      uses: github/codeql-action/autobuild@v1
-
-    # ℹ️ Command-line programs to run using the OS shell.
-    # 📚 https://git.io/JvXDl
-
-    # ✏️ If the Autobuild fails above, remove it and uncomment the following three lines
-    #    and modify them (or add more) to build your code if your project
-    #    uses a compiled language
-
-    #- run: |
-    #   make bootstrap
-    #   make release
-
-    - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v1
diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
new file mode 100644
index 0000000..811ac26
--- /dev/null
+++ b/.github/workflows/main.yml
@@ -0,0 +1,40 @@
+name: Dotfiles Setup
+on: [push, pull_request]
+
+jobs:
+  build:
+    runs-on: macos-26
+    steps:
+      - uses: actions/checkout@v4
+      - name: Setup Environment
+        run: |
+          brew update
+          brew untap homebrew/cask || true
+          brew untap homebrew/core || true
+          brew cleanup
+          brew doctor || true
+          rm ~/.bashrc
+          rm ~/.bash_profile
+
+      - name: Install Dependencies
+        run: |
+          brew install ansible
+          ansible --version
+
+      - name: Syntax Check Playbook
+        run: ansible-playbook --syntax-check --list-tasks ansible/dotfiles.yml
+
+      - name: Run Playbook
+        run: ansible-playbook ansible/dotfiles.yml --skip-tags "packages,dnscrypt"
+
+      - name: Check if Playbook is idempotent
+        run: |
+          ansible-playbook ansible/dotfiles.yml --skip-tags "packages,dnscrypt" | grep -q 'changed=0.*failed=0' && (echo 'Idempotence test: pass' && exit 0) || (echo 'Idempotence test: fail' && exit 1)
+
+      - name: Debugging Checks
+        if: ${{ !cancelled() }}
+        run: |
+          brew doctor || true
+          brew list
+          brew cleanup
+          ls -la ~/
diff --git a/.travis.yml b/.travis.yml
deleted file mode 100644
index 3a09e8c..0000000
--- a/.travis.yml
+++ /dev/null
@@ -1,23 +0,0 @@
----
-os: osx
-osx_image: xcode10
-install:
-  - brew upgrade ansible
-  - ansible --version
-before_script:
-  - rm ~/.bashrc
-  - rm ~/.bash_profile
-  - brew doctor || true
-script:
-  - ansible-playbook --syntax-check --list-tasks ansible/dotfiles.yml
-  - ansible-playbook ansible/dotfiles.yml --skip-tags "packages,dnscrypt"
-  - >
-    ansible-playbook ansible/dotfiles.yml --skip-tags "packages,dnscrypt"
-    | grep -q 'changed=0.*failed=0'
-    && (echo 'Idempotence test: pass' && exit 0)
-    || (echo 'Idempotence test: fail' && exit 1)
-after_script:
-  - brew doctor || true
-  - brew list
-  - brew cleanup
-  - ls -la ~/
diff --git a/ansible/tasks/macos_defaults.yml b/ansible/tasks/macos_defaults.yml
index 8a10de6..04859b2 100644
--- a/ansible/tasks/macos_defaults.yml
+++ b/ansible/tasks/macos_defaults.yml
@@ -144,7 +144,6 @@
     - { domain: "com.apple.appstore", key: "WebKitDeveloperExtras", type: "bool", value: "true" }
     # Enable Debug Menu in the Mac App Store
     - { domain: "com.apple.appstore", key: "ShowDebugMenu", type: "bool", value: "true" }
-    - { domain: "~/Library/Preferences/org.gpgtools.gpgmail", key: "SignNewEmailsByDefault", type: "bool", value: "false" }
     # Use plain text mode for new TextEdit documents
     - { domain: "com.apple.TextEdit", key: "RichText", type: "int", value: "0" }
     #defaults write com.apple.TextEdit PlainTextEncoding -int 4