Ubuntu – How to configure Dependabot on Azure DevOps to create only one PR for minor/patch updates

We use dependabot-azure-devops by tinglesoftare to track updates of our dependencies and create pull requests automatically.

The azure devops pipeline is rather straigh forward:

trigger:
- master
    
pool:
  vmImage: ubuntu-latest
 
steps:
- task: dependabot@1
      displayName: 'Dependabot with default parameters'

And we have this dependabot.yml stored in .azuredevopsdependabot.yml

# To get started with Dependabot version updates, you'll need to specify which
# package ecosystems to update and where the package manifests are located.
# Please see the documentation for all configuration options:
# https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file

version: 2
registries:
  {feedname}:
    type: nuget-feed
    url: https://pkgs.dev.azure.com/{confidential}/_packaging/{feedname}/nuget/v3/index.json
    token: PAT:${{ PatInternalFeed }}

updates:
  - package-ecosystem: "nuget"
    directories:
    - "/" # Location of package manifests
    registries:
    - {feedname}
    schedule:
      interval: "weekly"
      time: "02:00"
    open-pull-requests-limit: 10
    commit-message:
      prefix: "dependabot"
      prefix-development: "dependabot"
      include: "scope-and-version"
      separator: "-"
    groups:
      shared:
        patterns:
          - "*"

My understanding of the dependabot-groups documentation is that currently all updates should be grouped together, regardless of the semantic version. Unfortunately, this configuration leads to multiple pull requests for each patch-version dependency. Am I missing something, which needs to configured differently for dependabot on azure devops? Also the commit-message part of the configuration does not seem to have any effect on the created PRs.