diff --git a/.github/workflows/dependabot-pr-trimmer.yaml b/.github/workflows/dependabot-pr-cleaner.yaml
similarity index 51%
rename from .github/workflows/dependabot-pr-trimmer.yaml
rename to .github/workflows/dependabot-pr-cleaner.yaml
index 83184ad1..3a36d857 100644
--- a/.github/workflows/dependabot-pr-trimmer.yaml
+++ b/.github/workflows/dependabot-pr-cleaner.yaml
@@ -13,14 +13,16 @@
 # limitations under the License.
 
 # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-# Trim parts of the Dependabot PR text that are unnecessary in the git history.
+# Clean up Dependabot PR text so that the git merge commits are more readable.
 #
-# The trimming needs to be performed before the PR is merged so that the commit
-# message is based on the trimmed version. This prevents us from using events
-# such as the PR getting closed or merged. Triggering on merge queue events is
-# also problematic, because a merge_queue event doesn't have the equivalent of
-# "pull_request.user" and we need that to test if the PR came from Dependabot.
-# So instead, this workflow triggers when auto-merge is enabled for the PR.
+# This removes HTML markup and some content that Dependabot always includes in
+# PR message bodies. The editing doesn't need to be done unless the PR will be
+# merged, but it does need to be done *before* the merge so the final commit
+# message is based on the edited version. We can't use the GitHub events for PRs
+# getting merged or closed (because that's too late). Triggering on merge queue
+# events is also problematic because those events don't have the equivalent of
+# "pull_request.user", which we need for testing if the PR came from Dependabot.
+# So instead, this workflow triggers when auto-merge is enabled for a PR.
 # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 name: Dependabot PR trimmer
@@ -44,7 +46,8 @@ permissions: read-all
 jobs:
   filter-message:
     name: Filter PR message body
-    runs-on: ubuntu-24.04
+    # Use a macos runner because it has textutil.
+    runs-on: macos-14
     timeout-minutes: 5
     permissions:
       contents: read
@@ -56,8 +59,15 @@ jobs:
           github.event_name == 'workflow_dispatch'
         env:
           GH_TOKEN: ${{github.token}}
-          pr-number: ${{inputs.pr-number || github.event.pull_request.number}}
+          pr: ${{inputs.pr-number || github.event.pull_request.number}}
         run: |
-          gh pr view ${{env.pr-number}} -R ${{github.repository}} --json body -q .body |\
-            sed '/(dependabot-automerge-end)/,/<\/details>/d' |\
-            gh pr edit ${{env.pr-number}} -R ${{github.repository}} --body-file -
+          # "gh pr view" returns GFM Markdown containing inline HTML. The first
+          # two sed commands remove some needless content added by Dependabot
+          # before we pass it to textutil to convert the HTML; the final sed
+          # command converts textutil's bullet lists to Markdown syntax.
+          gh pr view ${{env.pr}} -R ${{github.repository}} --json body -q .body |\
+            sed -e '/\[\!\[Dependabot compatibility$/,/^Signed-off-by:/ { /^Signed-off-by:/!d; }' \
+                -e 's/<details>/<br><br><details>/g' |\
+            textutil -stdin -format html -convert txt -stdout |\
+            sed $'s/\t•\t/* /g' |\
+            gh pr edit ${{env.pr}} -R ${{github.repository}} --body-file -