> The only thing that you will need to do is "bundle install" once your Ruby version is updated, which can be prevented by not updating Ruby. I just locked the ruby version in my package manager as I only use Ruby for Jekyll.

I'm not sure that's a good idea. While you might avoid unexpected updates to Ruby, you'll also avoid security patches for CVEs.