Dependabot ignore is not working

On one of my company’s repo, we have recently switched over the Github integrated Dependabot, using the config file. Since then, Dependabot stopped working, as every time it checks for updates, it fails on 2 private repo. One is coming from our private GitHub packages, whilst the other is installed directly from a private repo of us.

At first, I tried to add an NPM_TOKEN to the repo’s secrets, hoping to solve the issue with our private GitHub package, but no luck. I then decided to add the ignore clause on the Dependabot YAML file, but that does not seem to work.

This is the Dependabot file

version: 2
  - package-ecosystem: npm
    directory: '/'
      interval: daily
      time: '06:00'
      timezone: Europe/London
      # Ignore updates to datadog-node-utils as it would otherwise need an SSH key to check out the repo
      - dependency-name: 'datadog-node-utils'
      - dependency-name: '@culturetrip*'
    open-pull-requests-limit: 10

This is part of the log

proxy | 2020/07/07 08:38:02 * authenticating git server request (host:
  proxy | 2020/07/07 08:38:02 404
  proxy | 2020/07/07 08:38:02 * auth'd git request returned 404, retrying without auth
  proxy | 2020/07/07 08:38:02 * de-auth'd request returned 401, replacing response
  proxy | 2020/07/07 08:38:02 GET
  proxy | 2020/07/07 08:38:02 401
updater | INFO <job_33658795> Handled error whilst updating @types/node: git_dependencies_not_reachable {:"dependency-urls"=>[""]}

Why is dependabot not ignoring my dependencies? Am I doing something wrong in the setup?

Welcome to the community forum @KrustyC!

The ignore directive just tells Dependabot not to update the dependencies, it will still try to resolve any dependencies in the manifest.
GitHub does not currently support private package managers in Dependabot native. You can use Dependabot Preview which does support private git dependencies: