This is needed for two purposes:
- sometimes dependencies may differ because of changes in KGP, and it's
better to find it right after version-update commit, not only at remote run
- there is a plan to drop `trusted` section from `verification-metadata.xml`
and always set specific versions of used dependencies even for bootstrap
dependencies, so running it in regular bootstrap update routine won't
allow forgetting about it (see KTI-1374)
Dmitriy Novozhilov
37aad51438