Proposal: Get the vulnerabilities of the image according to its non-empty top layer

[supereagle]

Now the vulnerabilities of the image is got layer by layer, but there maybe are two problems:

• If one feature is added in the parent layer, but removed in the children layer, the vulnerabilities of this feature will be in the result.
• Some vulnerabilities of the parent layer are duplicated in the result as they will be got again by their children.

The Get Layer api of Clair will list of features indexed in this layer and all of its parents. It will merge this layer's and its parents' vulnerabilities, considering the above two problems. So we can get the full vulnerabilities of the image just according to its non-empty top layer rather than layer by layer.
As the empty layers in the image manifest will break the relationship between the parent layers and their children, so they should be skipped when post layers to Clair. At the same time, the full vulnerabilities of the image should be got according to its non-empty top layer.

@hashmap Any ideas about this proposal? If you think it is ok, I am glad to contribute this enhancement.

[hashmap]

@supereagle sounds reasonable, please go ahead and try this approach.

[supereagle]

OK. I will spend some time on this approach.