diff --git a/.github/dependency-review-config.yml b/.github/dependency-review-config.yml
index af4a487..0610f80 100644
--- a/.github/dependency-review-config.yml
+++ b/.github/dependency-review-config.yml
@@ -1,23 +1,7 @@
 # Keep the initial policy focused on risky dependency changes first.
-# This allowlist is intentionally based on the licenses already present in the
-# current dependency tree so normal updates do not become noisy immediately.
+# Avoid a strict license allowlist here because it tends to make normal
+# Dependabot updates noisy across ecosystems and workflow dependencies.
 fail-on-severity: high
 fail-on-scopes:
   - runtime
-  - unknown
 license-check: true
-allow-licenses:
-  - Apache-2.0
-  - Apache-2.0 AND LGPL-3.0-or-later
-  - Apache-2.0 OR BSD-2-Clause
-  - BSD-2-Clause
-  - BSD-3-Clause
-  - BlueOak-1.0.0
-  - CC-BY-4.0
-  - CC0-1.0
-  - ISC
-  - MIT
-  - MPL-2.0
-  - PSF-2.0
-  - Python-2.0
-  - 0BSD
diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml
index f7233f6..b1c90b6 100644
--- a/.github/workflows/dependency-review.yml
+++ b/.github/workflows/dependency-review.yml
@@ -5,7 +5,6 @@ on:
 
 permissions:
   contents: read
-  pull-requests: write
 
 jobs:
   dependency-review: