Is your feature request related to a problem? Please describe.

The electron meta-package depends on electronXX, where XX is the current version. The old package however doesn't get removed as electron updates, and old versions of electron eventually get removed from the repos. This allows someone to make an AUR package with the old name, which yay then picks up on and downloads.
This seems a bit hazardous, and yay should probably not allow a package to switch from the repos to the AUR without asking the user first.
I'm not sure if this is what caused electron25 to be installed for me, but I don't strictly remember downloading it myself...

Describe the solution you'd like

Add a prompt to ask the user if this is indeed what they wanted to happen.

Describe alternatives you've considered

Completely blocking the download of "relocated" packages.

Additional context

I first recognized this when yay started downloading chromium sources during a system update and I was wondering why, then a couple
lines above it said Cloning into .cache/yay/electron25/chromium-mirror
This might also be my fault for not looking through the updatable AUR packages more carefully.