diff --git a/.github/dependency-scan-config.yaml b/.github/dependency-scan-config.yaml
index de1711a..5ba5759 100644
--- a/.github/dependency-scan-config.yaml
+++ b/.github/dependency-scan-config.yaml
@@ -3,6 +3,13 @@ show-openssf-scorecard: true
 license-check: true
 vulnerability-check: true
 comment-summary-in-pr: always
+fail-on-scopes: runtime
+
+# Add packages here if they fail the check and are ONLY used in development or in CI etc.
+# DO NOT ADD PACKAGES THAT ARE PACKAGED WITH THE BUILD
+allow-dependencies-licenses:
+  # Only used in CI
+  - pkg:githubactions/trufflesecurity/trufflehog
 
 # List of explicitly allowed licenses for EUPL 1.2 Inbound Compatibility
 # (Allows importing these libraries into a EUPL 1.2 project)
diff --git a/.github/workflows/shared-dependency-scan.yml b/.github/workflows/shared-dependency-scan.yml
index 2dc62ba..eb05fc2 100644
--- a/.github/workflows/shared-dependency-scan.yml
+++ b/.github/workflows/shared-dependency-scan.yml
@@ -17,4 +17,4 @@ jobs:
       - name: Dependency Review
         uses: actions/dependency-review-action@v4
         with:
-          config-file: HSLdevcom/jore4-tools/.github/dependency-scan-config.yaml@shared-dependency-licenses-v1
+          config-file: HSLdevcom/jore4-tools/.github/dependency-scan-config.yaml@main