I have a GitHub monorepo that contains a NestJS server app and several Angular applications. I use GitHub and Dependabot, but I do not want it alerting me about major package updates to Angular or Nest since those usually require some kind of migration or additional checks that just can't be automated.

Here is my .github/dependabot.yml file

version: 2
updates:
  - package-ecosystem: npm
    directories:
      - '/'
      - '/server'
      - '/angular-app-1'
      - '/angular-app-2'
    schedule:
      interval: monthly
      day: sunday
    # Ignore major updates, we should probably do those manually to make sure they are good
    ignore:
      - dependency-name: '@angular/*'
        update-types: ['version-update:semver-major']
      - dependency-name: '@nestjs/*'
        update-types: ['version-update:semver-major']

However, Dependabot is still making PRs that include major version updates for @nestjs/serve-static which I would assume it shouldn't based on my above config.

Why is it not ignoring this package/version? The docs for Dependabot's ignore section config are here.