diff --git a/.github/workflows/audit.yaml b/.github/workflows/audit.yaml
index 077b254df4c..80ba858549c 100644
--- a/.github/workflows/audit.yaml
+++ b/.github/workflows/audit.yaml
@@ -52,7 +52,7 @@ jobs:
             cargo generate-lockfile --verbose
           fi
 
-      - uses: EmbarkStudios/cargo-deny-action@3f4a782664881cf5725d0ffd23969fcce89fd868 # v1.6.3
+      - uses: EmbarkStudios/cargo-deny-action@8371184bd11e21dcf8ac82ebf8c9c9f74ebf7268 # v2.0.1
         with:
           arguments: --locked --all-features
           command: check ${{ matrix.checks }}
diff --git a/.github/workflows/block-merge.yaml b/.github/workflows/block-merge.yaml
index 16b671cffc2..8de0bf037d3 100644
--- a/.github/workflows/block-merge.yaml
+++ b/.github/workflows/block-merge.yaml
@@ -9,7 +9,7 @@ jobs:
     runs-on: ubuntu-latest
 
     steps:
-      - uses: mheap/github-action-required-labels@5847eef68201219cf0a4643ea7be61e77837bbce # v5.4.1
+      - uses: mheap/github-action-required-labels@d25134c992b943fb6ad00c25ea00eb5988c0a9dd # v5.4.2
         with:
           mode: exactly
           count: 0
diff --git a/deny.toml b/deny.toml
index 9c37afdb1be..9f7dde7edcf 100644
--- a/deny.toml
+++ b/deny.toml
@@ -1,19 +1,10 @@
 [advisories]
-vulnerability = "deny"
-unmaintained = "deny"
-notice = "warn"
 ignore = []
 
 [licenses]
-unlicensed = "deny"
 allow = [
   "MIT",
 ]
-deny = []
-copyleft = "deny"
-allow-osi-fsf-free = "neither"
-default = "deny"
-confidence-threshold = 0.8
 
 [bans]
 multiple-versions = "deny"
@@ -26,7 +17,4 @@ skip-tree = []
 [sources]
 unknown-registry = "deny"
 unknown-git = "deny"
-allow-registry = [
-  "https://github.com/rust-lang/crates.io-index",
-]
 allow-git = []