* changed version hunting to be on a a new version disclosure vulnerability
* fixed version publish
* added logging and fixed typo
* changed whole way of comparing versions in cve hunter
* changed K8sVersionDisclosure vulnerability to one core vulnerability, that takes an endpoint. changed all usage
* added tests
* merged kubectl cve hunting with apiserver hunting. and simplified the code of apiserver cve hunting
* fixed tests to new names
* changed name of module to cves.py
* drastically improved the cve vulnerble detection utility function. now works with all types of versioning methods
* added packaging in requirementes.txt
* added another test, and improved logic on cve comparison for more complicated versions
* changed CveHunter to subscribe_once, to prevent duplicates duplicates
* fixed tests for new improvements
* removed unnecessary ternary on doc
* removed unnecessary join split
* improved compare function, made it util
* improved cve checking to use mapping
* moved report output into dispatchers, stdout by default with config option of http(s)
* notes in arg config on how to configure http dispatcher
* removed some debug log visibility indicators
* missing import
* env vars more descriptive: KUBEHUNTER_HTTP_DISPATCH_METHOD and KUBEHUNTER_HTTP_DISPATCH_URL
* optimisation: delayed instantiation of the dispatcher until after selection to avoid instantiating unnecessarily
* refactor: config selection as per reporter selection
* bugfix: fall-back to default required if unknown reporter or dispatcher specified
* swapping urllib3 for requests
* corrected visibility levels for logging
* moving dispatchers into a file in reporters rather than it's own place to fit with theme and support dynamic module loading
* added event filtering mechanism, as well as a detailed explanation in src/README
* changed filter search to run only once for each event, also now returning None to indicate keeping of event
* expanded explanation of filtering in readme
* Tiny typo
* made changes for better readability, also filter should now return None to indicate throwing of event
* changed apply filters loop to be simple and running on each publish.
* changed README
* added reassuring of parent event after filters
* moved event filtering to another function, now supporting trhoeing of event mid loop
* added note in README about event.previous
* Tiny text corrections
* More accurate comment
"Throwing an event" can actually mean triggering it (which is different from "throwing it _away_"). But I went for "discarded" here to be completely clear
* Remove superflous space that had crept in
* added a new hunter for CVE-2019-11246
* added KubectlClient component
* overriden location function on event to display a 'local machine' location
* added clarification about kubectl version --client operation
* Fix tiny typo
It reads better without the comma
* removed unnecessary debug message
* added CVE hunter for kubectl to allow more CVE checking.
Event can now implement 'location()' method that return string representing events logical location.
In events chain, the 'newest' event available location method will be used. This is because we compose (chain) events.
Core changed to support it.
Added 'location()' method to relevant event classes.
Reports are now using vulnerability.location() to retrieve location.
2. started to add the --token option to send the finished report.
3. changed a bit of kubelet vulnerability output architecture to match out conventions.
4. added healthz check on kubelets
