What kind of request is this?

Improvement of existing experience

What is your request or suggestion?

Summary

Copa currently outputs only the patched image reference after a successful patch:

Patched image (linux/arm64): docker.io/example/image:patched

There is no summary of what was patched, what was skipped, or why. The report parser at pkg/report/trivy.go silently filters out vulnerabilities with no available fix (FixedVersion == ""), giving users no visibility into the patching results.

Proposed Output

After patching, Copa should print a summary like:

Patch Summary:
  Total vulnerabilities in report: 24
  Patched:  6 (5 OS, 1 library)
  Skipped: 18 (no fix available)

Patched image (linux/arm64): docker.io/example/image:patched

Why

Without this, users must re-scan with Trivy to understand what was and wasn't patched and may misinterpret remaining vulnerabilities as a Copa failure rather than upstream packages with no fix available.

Are you willing to submit PRs to contribute to this feature request?

• Yes, I am willing to implement it.