apk upgrade --available produces incomplete upgrade transactions if a package is replaced with another package
As a result of the linux-grsec to linux-hardened transition, it has been observed that in some cases it is required to run apk upgrade twice to fully make the jump.
I think the problem is that we need to verify the solution again after committing it, this allows splitting complex moves (such as linux-grsec direct package to linux-hardened [linux-grsec provider]) while making sure apk behaves sanely.
We already do similar when we upgrade apk-tools, so it seems like something we could make more genericish.
(from redmine: issue id 7250, created on 2017-04-27, closed on 2019-02-25)