fix: use mirror more aggressively in times when it's useful

[terriko]

In #3903 I discussed some ideas about improving how we use our NVD mirrors and making sure users understand when the mirrors are available, and I'm separating those out into more doable issues now.

Tweaking our defaults so we use the nvd mirrors more aggressively for "big" updates

• This will take some thinking and documentation to make the whole process more transparent to users.
• Some potential ideas: force usage of mirror for initial data update during -u now calls or updates longer than X days, then call nvd after that for fine-tuning of data?
• We will need to figure out an appropriate combo of options to allow users to skip this behaviour and rely entirely on nvd if they want that. Might need to rethink how we select sources or have nvd-hybrid (use mirror for big downloads but get updates from nvd, possibly the default?), nvd-mirror (use mirror only), nvd-only (use nvd only) options.

[joydeep049]

Can I work on this? Sounds fun

[terriko]

Have fun! I recommend starting by writing a draft of the user docs because I think "something we can explain" is very important here for user trust and expectations -- potentially more important to get right than the implementation.

[terriko]

Moving this to 'future' -- I still think this is a good idea but it's not going to make this release.