ci: relax external dependency policy checks

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>

.github/workflows/dependency-review.yml

@@ -27,3 +27,6 @@ jobs:
           persist-credentials: false
       - name: 'Dependency Review'
         uses: actions/dependency-review-action@2031cfc080254a8a887f58cffee85186f0e49e48 # v4
+        with:
+          fail-on-severity: high
+          show-openssf-scorecard: false

.github/workflows/dlc.yml

@@ -29,6 +29,7 @@ jobs:
       - name: "Run FOSSA Scan"
         uses: fossas/fossa-action@ff70fe9fe17cbd2040648f1c45e8ec4e4884dcf3 # main
         if: ${{ env.HAS_FOSSA_KEY == 'true' }}
+        continue-on-error: true
         env:
           FOSSA_API_KEY: ${{ secrets.FOSSA_API_KEY }}
         with:
@@ -37,6 +38,7 @@ jobs:
       - name: "Run FOSSA Test"
         uses: fossas/fossa-action@ff70fe9fe17cbd2040648f1c45e8ec4e4884dcf3 # main
         if: ${{ env.HAS_FOSSA_KEY == 'true' }}
+        continue-on-error: true
         env:
           FOSSA_API_KEY: ${{ secrets.FOSSA_API_KEY }}
         with: