In enterprise environment, the connection to central maven could be blocked. In this case, i) either don't connect to central maven at all ii) or if the connection to central maven is not successful, don't raise exception, just move on to other repositories
currently i see below exception
/vendor/ruby/2.6.0/gems/excon-0.76.0/lib/excon/socket.rb:285:in `select_with_timeout': connect_write timeout reached (Excon::Error::Timeout)
so I am wondering if there is any way to tell dependabot to not try connecting to maven central at all.
fyi. i am running https://github.com/dependabot/dependabot-script
Generally what happens in an enterprise environment, it does have the local repository like Nexus within the network. Now you mirror your local nexus repo in settings.xml. You can mirror any no. of repo in your settings.xml. Now, maven first try to find the dependencies in your all local repo first and if it does not find it, only then it goes for maven central repo. If the maven central is not block, then the library first downloaded to your local nexus repo and then would be downloaded to your local. So next time when you will try to download this library, it will be available in your local enterprise nesus repo. You can block the maven central repo, refer - https://stackoverflow.com/questions/4997219/disable-maven-central-repository#:~:text=In%20maven's%20home%2C%20in%20the,or%20just%20override%20it's%20definition. But as per your question, if the dependency library not found in any repo, there would always be an exception in maven build.