TL;DR

An annoying (but useful) message from Dependabot required me to do some updating of the GitHub Pages machinery, which in turn triggered an update on dokyll.sh. Oh my!

The solution to my problem was to run a bundle update --all, which in turn updates the Gemfile.lock that is analyzed by the Dependabot. All of this thanks to this answer in Stack Overflow.

Of course the problem is not the alert from Dependabot, but you get the idea.

The bottom line is that now dokyll.sh has a new sub-command build-update:

# ...
case "$1" in

   (bundle-update)
      DOKYLL_PRE='' dokyll bundle update --all
      exit $?
      ;;

    ...

This does the update and - hopefully - solve the issue raised by Dependabot. Hopefully!