Modern software systems rely heavily on thirdparty libraries, making automated dependency management tools increasingly important. Dependabot is widely adopted to create pull requests (PRs) that update vulnerable or outdated dependencies; however, many of these PRs are closed without merge, and it is unclear to what extent their changes are later reproduced manually by developers. This paper reports an empirical study on manual rework following rejected Dependabot updates. We mined Java repositories hosted on GitHub, selected by activity and maturity thresholds, and collected Dependabot pull requests closed without merge. For each pull request, was extracted type of update (major, minor, or patch) and number of dependencies updated, and use PyDriller to analyze commits to the main branch within time windows of 30, 60, and 90 days after PR closure. A commit that updates the same dependency is classified as manual rework. Our results show that 10.05% of closed Dependabot PRs are followed by manual rework on the same dependencies, with an average delay of about 15 days. Patch updates exhibit a higher rework rate than minor or major updates, and PRs touching more dependencies tend to suffer more rework. In contrast, repository size/age show no clear correlation with mnual rework, while repositories with 4 until 10 contributors present low rework rate. These findings provide evidence on when automated dependency updates are effectively leveraged, when they are overridden by developers, and which project profiles are more prone to manual rework.