diff --git a/.github/workflows/changelog.yml b/.github/workflows/changelog.yml
index a3254389..c6bbe39b 100644
--- a/.github/workflows/changelog.yml
+++ b/.github/workflows/changelog.yml
@@ -14,6 +14,6 @@ jobs:
         uses: actions/checkout@v4
 
       - name: Enforce changelog entry
-        uses: dangoslen/changelog-enforcer@v2
+        uses: dangoslen/changelog-enforcer@v3
         with:
           skipLabels: 'skip-changelog'
diff --git a/.github/workflows/dependabot-auto-merge.yml b/.github/workflows/dependabot-auto-merge.yml
index af48dc56..106d3699 100644
--- a/.github/workflows/dependabot-auto-merge.yml
+++ b/.github/workflows/dependabot-auto-merge.yml
@@ -1,9 +1,9 @@
 name: Dependabot auto-merge
 
 on:  # yamllint disable-line rule:truthy
-  pull_request_target:
-    types:
-      - opened
+  pull_request:
+    branches:
+      - master
 
 permissions:
   contents: write
@@ -14,14 +14,11 @@ jobs:
     runs-on: ubuntu-latest
     if: ${{ github.actor == 'dependabot[bot]' }}
     steps:
-      - name: Enable auto-merge for Dependabot PRs
+      - name: Enable auto-merge
         run: gh pr merge --auto --squash "$PR_URL"
         env:
           PR_URL: ${{github.event.pull_request.html_url}}
           GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}
 
-  auto-approve:
-    runs-on: ubuntu-latest
-    if: github.actor == 'dependabot[bot]'
-    steps:
-      - uses: hmarr/auto-approve-action@v4
+      - name: Auto-approve
+        uses: hmarr/auto-approve-action@v4