diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 4b20a27..cca5aec 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -36,8 +36,16 @@ jobs:
             target
           key: cargo-cache-${{ runner.os }}-${{ hashFiles('**/Cargo.lock') }}
 
-      - name: Install cargo-deny v0.17.0
-        run: cargo install cargo-deny --version 0.17.0 --locked
+      - name: Install cargo-deny (fast)
+        uses: taiki-e/install-action@v2
+        with:
+          tool: cargo-deny
+
+      - name: Cache cargo-deny DB
+        uses: actions/cache@v4
+        with:
+          path: ~/.cargo/advisory-db
+          key: cargo-deny-advisory-db-${{ hashFiles('**/Cargo.toml') }}
 
       - name: Run CI checks
         run: |
diff --git a/deny.toml b/deny.toml
index d54bf37..80f57c0 100644
--- a/deny.toml
+++ b/deny.toml
@@ -3,17 +3,7 @@
 # We want really high confidence when inferring licenses from text
 confidence-threshold = 0.93
 allow = [
-    "Apache-2.0",
-    "Apache-2.0 WITH LLVM-exception",
-    "MIT",
-    "BSD-3-Clause",
-    "ISC",
-    "Unicode-3.0",
-    "Zlib",
-]
-exceptions = [
-    # Use exceptions for these as they only have a single user
-    { allow = ["CDLA-Permissive-2.0"], crate = "webpki-roots" },
+    "MIT"
 ]
 
 [sources]
@@ -21,6 +11,3 @@ unknown-registry = "deny"
 unknown-git = "deny"
 
 [advisories]
-unmaintained = "workspace"
-ignore = [
-]