The updates in Iodé’s F-Droid repo are signed with Iodé’s keys. When I make an unofficial build, the prebuilt apks get signed either with my keys or, if I don’t supply any keys, with test keys. So any updates from the F-Droid repo cannot be installed because the signatures differ.
I discovered this when F-droid tried to install updates for microG Services Core and FakeStore, and the u=installations failed
The only way they I can see to get round this, is for all the prebuilt apks in the vendor/extra repo to be presigned with Iodé’s keys (some already are according to their Android.mk file). But I know that presigned apps in Android 13 can cause problems, because the signatures can get stripped during the deodexing stage of the build, causing the apps not to run - or even be visible - on the device.
Or Iodé could let me use their keys for signing my builds, but I can see why they might not want to do that 
Any suggestions for how to proceed would be very welcome. I now have a 'daily driver` device that is only going to get updates for Iodé apps when I make a new build 
PS. I did try uninstalling the apps, rebooting, then marking them for re-installation, but it seems the re-installation takes the apps from the ROM, not from the F-Droid repo, so the problem persists.
Later:
The apps that get signed during the build are FakeStore GeometricWeather GmsCore GsfProxy Iode IodeBrowser News OpenCamera PdfViewerPlus
I was able to update F-Droid, which is specified as PRESIGNED
So I will try changing the line
LOCAL_CERTIFICATE := $(PREBUILT_CERTIFICATE)
to
LOCAL_CERTIFICATE := PRESIGNED
in the Android.mk for the affected apps, and see if that makes difference