diff --git a/.github/workflows/pr.yml b/.github/workflows/pr.yml
index 9443d34ea8..a77bf51620 100644
--- a/.github/workflows/pr.yml
+++ b/.github/workflows/pr.yml
@@ -14,9 +14,10 @@ env:
   PUSH_UPBOUND: "False"
   PUSH_PACKAGE: "True"
   PUSH_IMAGE: "True"
+  GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
 
 jobs:
-  check-allow-merge:
+  check-allow-merge-labels:
     runs-on: ubuntu-latest
     steps:
       # Labels in the context don't get updated so they are stuck at what's set during creation
@@ -29,6 +30,65 @@ jobs:
           ${{ contains(fromJSON(env.LABELS), 'hotfix') }} && exit 0
           echo "ERROR: You can only merge to master from develop or hotfixes."
           exit 1
+
+  check-allow-merge-component:
+    runs-on: ubuntu-latest
+    needs: open-pr-component
+    if: always()
+    steps:
+      - name: Find PR for branch in Component
+        id: find_pr
+        run: |
+          REQUIRED_BRANCH="${{ env.APP_NAME }}/${{ github.event.pull_request.number }}/${{ github.event.pull_request.head.ref }}"
+          echo "🔍 Looking for open PR in $COMPONENT_REPO from branch '$REQUIRED_BRANCH'..."
+
+          PR_JSON=$(gh pr list \
+            --repo "$COMPONENT_REPO" \
+            --head "$REQUIRED_BRANCH" \
+            --state open \
+            --json number,title \
+            -q '.[0]')
+
+          if [ -z "$PR_JSON" ] || [ "$PR_JSON" = "null" ]; then
+            echo "No open PR found from '$REQUIRED_BRANCH' in $COMPONENT_REPO"
+            echo "found=no" >> "$GITHUB_OUTPUT"
+            exit 1
+          fi
+
+          PR_NUMBER=$(echo "$PR_JSON" | jq -r '.number')
+          echo "✅ Found PR #$PR_NUMBER"
+          echo "found=yes" >> "$GITHUB_OUTPUT"
+          echo "number=$PR_NUMBER" >> "$GITHUB_OUTPUT"
+
+      - name: Fail if no open PR found
+        if: steps.find_pr.outputs.found == 'no'
+        run: |
+          echo "❌ Blocking merge: Required PR in $COMPONENT_REPO from $REQUIRED_BRANCH not found."
+          exit 1
+
+      - name: Check if PR is approved
+        id: check_approval
+        run: |
+          PR_NUMBER=${{ steps.find_pr.outputs.number }}
+          echo "🔍 Checking approvals on PR #$PR_NUMBER..."
+
+          APPROVED=$(gh pr view "$PR_NUMBER" \
+            --repo "$COMPONENT_REPO" \
+            --json reviews \
+            -q '.reviews | map(select(.state == "APPROVED")) | length')
+
+          echo "approved=$APPROVED" >> "$GITHUB_OUTPUT"
+
+      - name: Block merge if not approved
+        if: steps.check_approval.outputs.approved == '0'
+        run: |
+          echo "❌ Blocking merge: PR in $COMPONENT_REPO has not been approved."
+          exit 1
+
+      - name: All checks passed
+        if: steps.check_approval.outputs.approved != '0'
+        run: echo "✅ Dependency PR $COMPONENT_REPO is approved by at least one engineer. Merge allowed."
+
   check-labels:
     # Act doesn't set a pull request number by default, so we skip if it's 0
     if: github.event.pull_request.number != 0
@@ -101,7 +161,7 @@ jobs:
 
   open-pr-component:
     runs-on: ubuntu-latest
-    if: github.event.pull_request.number != 0 && github.event.action == 'opened'
+    if: github.event.pull_request.number != 0
     steps:
       - name: Get current labels
         uses: snnaplab/get-labels-action@v1