Blocking updates on security warnings doesn't make sense; if an updated
gem has dependencies with security warnings, then it's likely for the
un-updated gem to have even more of them.
The script assumes that nix(1) can be used without any flags which
is no longer the case. We can easily use Nix 2.3 as a workaround
until someone else musters the willpower to adjust this script for
Nix 2.11.
