diff --git a/.github/workflows/checks.yml b/.github/workflows/checks.yml
new file mode 100644
index 0000000..9984c66
--- /dev/null
+++ b/.github/workflows/checks.yml
@@ -0,0 +1,31 @@
+name: Checks
+
+on:
+  pull_request:
+    branches:
+      - main
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v4
+    - uses: dtolnay/rust-toolchain@stable
+
+    - name: Install cargo-audit
+      run: cargo install cargo-audit
+
+    - name: Format code with rustfmt
+      run: cargo fmt --all -- --check
+
+    - name: Lint code with clippy
+      run: cargo clippy --all -- --deny warnings
+
+    - name: Check for known vulnerabilities with cargo-audit
+      run: cargo audit
+
+    - name: Build project
+      run: cargo build --all --release
+
+    - name: Run tests
+      run: cargo test --all
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index f72540d..8e6a152 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -5,9 +5,22 @@ on:
   push:
     tags:
       - 'v[0-9]+.[0-9]+.[0-9]+'
-
+      
 jobs:
+  pre-check:
+    name: Pre-check
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - run: |
+          if [[ "$(git describe --tags --abbrev=0)" != "v$(grep -m1 -F 'version =' Cargo.toml | cut -d\" -f2)" ]]; then
+            echo "Error: The git tag does not match the Cargo.toml version."
+            exit 1
+          fi
+          echo "Success: The git tag matches the Cargo.toml version."
+
   build:
+    needs: pre-check
     strategy:
       matrix:
         name:
diff --git a/Cargo.toml b/Cargo.toml
index fe44a93..138d70f 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -2,6 +2,7 @@
 name = "keyweave"
 version = "0.1.0"
 edition = "2021"
+authors = ["Bart van der Braak <bart@vanderbraak.nl>"]
 
 [dependencies]
 azure_identity = "0.17.0"
diff --git a/src/main.rs b/src/main.rs
index 042a0f2..10a8149 100644
--- a/src/main.rs
+++ b/src/main.rs
@@ -6,7 +6,7 @@ use std::fs::File;
 use std::io::Write;
 
 #[derive(Parser)]
-#[clap(version = "0.1.0", author = "Bart van der Braak <bart@vanderbraak.nl>")]
+#[clap(author, version, about, long_about = None)]
 struct Opts {
     #[clap(
         short,
@@ -39,10 +39,7 @@ async fn fetch_secrets_from_key_vault(
     filter: Option<&str>,
 ) -> Result<Vec<(String, String)>, Box<dyn std::error::Error>> {
     let credential = DefaultAzureCredential::default();
-    let client = KeyvaultClient::new(
-        &vault_url,
-        std::sync::Arc::new(credential),
-    )?.secret_client();
+    let client = KeyvaultClient::new(vault_url, std::sync::Arc::new(credential))?.secret_client();
 
     let mut secret_values = Vec::new();
     let mut secret_pages = client.list_secrets().into_stream();