ci: update dependency-review-config

- add `CC0-1.0` as valid licenses
- excludes `thingies@1.21.0` which is `MIT and Unlicense`

Author: alan-agius4

.github/dependency-review-config.yml

@@ -1,12 +1,19 @@
 vulnerability_check: false
 allow_licenses:
-  - '0BSD'
+  # Regular valid open source licenses supported by Google.
   - 'Apache-2.0'
   - 'BlueOak-1.0.0'
   - 'BSD-2-Clause'
   - 'BSD-3-Clause'
-  - 'CC-BY-4.0'
   - 'ISC'
   - 'MIT'
   - 'Python-2.0'
+  # Have a full copyright grant. Validated by opensource team.
   - 'Unlicense'
+  - 'CC0-1.0'
+  - '0BSD'
+  # All CC-BY licenses have a full copyright grant and attribution section.
+  - 'CC-BY-3.0'
+  - 'CC-BY-4.0'
+allow-dependencies-licenses:
+  - 'pkg:npm/thingies@1.21.0' #  MIT and Unlicense