Support for External Patch Catalogs #1314
Description
Copacetic's patching capability is currently limited by the availability of fixes in upstream OS repositories, which creates a delay in remediating known vulnerabilities.
To address this, this proposal suggests adding support for external patch sources, like the rootio-avr/public-patches-catalog, to provide users with access to pre-release and backported patches.
Following copa's extensible design, this might be implemented via a new, optional "Patch Source Adapter". This adapter would query an external catalog for a patch before defaulting to the existing package manager workflow.
This enhancement would allow copa to fix vulnerabilities that are currently reported as "unfixed," significantly reducing remediation times.