adding -g to them crashes otherwise

Sometimes the checksum format is "<checksum><two spaces><filename>", and
sometimes it's "<checksum><one space><filename>", so use the maxsplit
kwarg of str.split to ensure that we're always getting at most 2
elements from the split.

Sometimes all you do to an APKBUILD is add a comment or meddle with the
whitespace - but you don't want that to cause an unnecessary rebuild,
especially if it's a large package! So let's embed a checksum of the
APKBUILD (less comments, leading / trailing whitespace, and blanks) in
the created APKs. Then, when up2date is run, if APKBUILD checksums are
present in the APKs, and those checksums don't match, we can say we're
**not** up2date.

If the checksum is missing from any of the APKs, we'll fall back to
just comparing the mtime of the APKBUILD with the main APK, along with
the other mtime checks that are performed regardless.

While we're at it, we can add some debugging prints so that the exact
cause of failed up2dates is more clear.

Eventually it'd be nice to use "_" as a gettext function so we can do
i18n :)

I really need to rewrite that run_child stuff

They're usually harmless enough...

Using shell to build the package origin database makes it so fast that
it doesn't even need to be cached in a file anymore (~0.4 seconds versus
~3.4 seconds for Adélie packages.git). Works great with Alpine too. And
it's a simple enough task that the shell script isn't too cringey.

This is in preparation of near future commits that will further
complicate things by categorizing existing -R behavior as one dependency
resolution engine, and then adding a second one that more closely models
abuild's behavior.

As it stands, the current behavior is to:

1. Trace makedepends + depends (and maybe checkdepends)
   * If one of the "--dag", "--dag-only", or "--dag-only-dot" options
     were given, the tracing is recursive and done ahead of time.
   * Otherwise, only the first level dependencies are collected.
   * Only add the dependency to the build list if not up2date.
   * If the dependency belongs to a different repository, add it to an
     install list.
2. Build the packages in the build list
   * If the DAG was built, then use the topological sorted order.
   * Otherwise, the order is probably not deterministic (because sets
     are used) or efficient.

As far as I can tell, abuild does something more like this:

1. Collect the first level dependencies (makedepends, depends, and maybe
   checkdepends) into a list
2. Check if each dependency is currently installed on the system.
   * If not, add it to a build list.
3. Check if each dependency (again, from the original list) exists in
   the union of the system's default repositories
   (/etc/apk/repositories) and REPODEST/repo.
   * If not, add those to the build list as well.
4. Collect the dependencies (makedepends, depends, and maybe
   checkdepends) of all packages in APORTSDIR, then recursively trace the
   dependencies of the packages from the build list
5. Remove any packages from other repositories from this new list
6. Check if each of the packages in the new list are up2date
   * If not, around we go again checking dependencies until something
     gets built.