As a software developer, I'd like to be able to get a security notification from Quay on first push, rather than getting it only after a new vulnerability is found.

This is especially important in integrated DevOps environments where a security vulnerability report is often needed immediately after the image is created and scanned for the first time, so corrections can be applied to the image early in the deployment process.