I was getting security warnings from my github pages commits from the dependabot about a kramdown dependency.
I thought it would be easy to fix, but nah, it was easier to just reinstall everything.

I don’t have time to learn the ins-and-outs of Ruby and Jekyll, so here is my dirty (but long winded) fix…


Setup a Jekyll Sandbox

I do this in a sandbox on Windows 10 because I dont really want Ruby on my day-to-day pc when I only use it every 18 months or so…
I am absolutely sure that this could be done in a Github-Codespace-container-thing and I’m really looking forward to updating this someday.

  1. Make sure you have Win10 and Sandboxes enabled.
  2. Make a file called SandBox.wsb with this content:

Setup GIT with Chocolatey

In the sandbox, run this in the Powershell ISE as steps

Set-ExecutionPolicy Unrestricted
Set-ExecutionPolicy Bypass -Scope Process -Force; [System.Net.ServicePointManager]::SecurityProtocol = [System.Net.ServicePointManager]::SecurityProtocol -bor 3072; iex ((New-Object System.Net.WebClient).DownloadString('https://chocolatey.org/install.ps1'))

Then install Git

choco install notepadplusplus -y
choco install git -y
choco install tortoisegit -y

Install Ruby Dev tools and Jekyll

  1. Install Ruby from the installer - I used rubyinstaller-devkit-3.0.1-1-x64.exe
  2. Run ridk install to setup MSYS2 and dev toolchain
    • This is option 3 on the cmd window installer
  3. Install Jekyll with gem install jekyll bundler in a new cmd window
    • Check with jekyll -v

Clone and backup your website

  1. Clone to sandbox
    • I use TortoiseGit
  2. Delete everything except:
    • .git folder!!
    • _posts folder
    • CNAME file
    • _config.yml
    • FinnAngelo.github.io.code-workspace file
    • about.markdown and index.markdown if you have changed them
  3. Move everything except the .git folder out

Make a new jekyll website


  1. Navigate the cmd window to the website folder
  2. Make a new jekyll website with jekyll new .
  3. Replace the gem "jekyll"with gem "github-pages" in the gemfile as per instructions on link
    • Dont forget the version bit
  4. Run bundle update

Restore your blogs and stuff

  1. Put everything back except the _config.yml
  2. Put all the missing bits back into the _config.yml from the backup
  3. Commit
    • Check renames
  4. Push


If you find this useful, go be nice to someone. Pay it forward.