diff --git a/.github/dependabot.yml b/.github/dependabot.yml
index deedfec5fd..923cab3e99 100644
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -9,6 +9,13 @@ updates:
     directory: "/"
     schedule:
       interval: "monthly"
+    groups:
+      workflow-actions:
+        patterns:
+          - "*"
+    allow:
+      - dependency-name: "actions/*"
+      - dependency-name: "redhat-actions/*"
     assignees: [ "marko-bekhta" ]
   - package-ecosystem: "maven"
     directory: "/" # Location of package manifests
diff --git a/.github/hibernate-github-bot.yml b/.github/hibernate-github-bot.yml
index 5b7c84882f..71ad0e6a9a 100644
--- a/.github/hibernate-github-bot.yml
+++ b/.github/hibernate-github-bot.yml
@@ -7,7 +7,7 @@ jira:
       # Examples:
       # Bump some-dep-GAV from some-version to some-version in the build-dependencies group
       # Bump the build-dependencies group with 2 updates
-      titlePattern: "Bump.*the build-dependencies group( across \\d+ director(ies|y))?( with \\d+ updates?)?"
+      titlePattern: "Bump.*the (build-dependencies|workflow-actions) group.*+"
   ignoreFiles:
     # Git
     - ".git*"
@@ -47,3 +47,9 @@ develocity:
         replacement: "$1"
       - pattern: "org.hibernate.validator|Hibernate Validator|main|HEAD|\\d+.\\d+|PR-\\d+"
         replacement: "" # Just remove these tags
+licenseAgreement:
+  enabled: true
+  ignore:
+    # We ignore all dependabot PRs for a license check:
+    - user: dependabot[bot]
+      titlePattern: "Bump.*"