Package security blocking should not affect locked packages in partial updates #12620
Description
Per #12607 (comment)
If we do a partial update, a locked package with vulnerabilities should not be forced to update, it should just remain pinned.
{{ message }}