License compliance bug: Merge request shows "denied licenses must be removed" when no license compliance policies enabled

In gitlab-runner!4430 (merged) we noticed the merge request was blocked due to denied licenses must be removed:

This appears to happen because MergeRequest#has_denied_policies? incorrectly attempts to do a license comparison even if no policies are defined: https://gitlab.com/gitlab-org/gitlab/-/blob/671a93516a349688fa73e8213a8688f197310427/ee/app/models/ee/merge_request.rb#L530-533

has_denied_policies? should return false if no policies are set. Something like:

diff --git a/ee/app/models/ee/merge_request.rb b/ee/app/models/ee/merge_request.rb
index 57c91f58a530..90542bd77c83 100644
--- a/ee/app/models/ee/merge_request.rb
+++ b/ee/app/models/ee/merge_request.rb
@@ -257,6 +257,7 @@ def has_denied_policies?
         .scanner_for_pipeline(project, actual_head_pipeline)
         .results_available?
 
+      return false unless last_license_compliance_rule.present?
       return false if has_approved_license_check?
 
       report_diff = compare_reports(::Ci::CompareLicenseScanningReportsService)
@@ -526,12 +527,16 @@ def on_current_ff_train?
       ::Feature.enabled?(:fast_forward_merge_trains_support, target_project)
     end
 
-    def has_approved_license_check?
-      if rule = approval_rules.license_compliance.last
-        ApprovalWrappedRule.wrap(self, rule).approved?
+    def last_license_compliance_rule
+      strong_memoize(:last_license_compliance_rule) do
+        approval_rules.license_compliance.last
       end
     end
 
+    def has_approved_license_check?
+      ApprovalWrappedRule.wrap(self, last_license_compliance_rule).approved?
+    end
+
     def merge_request_approval_variables
       return unless approval_feature_available?