We should tag files that are "whited-outs" as "white-out" in container scans so that we can possibly treat as less risky packages that are "whited-outs" as less likely to be used at run time.