apk update repo URLs are printed raw and those might contain authentication passwords for repositories. Using URL_PRINTF would censor that out (like in the fetch lines above).
apk update
URL_PRINTF