Cfripper

Improvements
- `SecurityGroupOpenToWorldRule` and `SecurityGroupIngressOpenToWorldRule` are now more accurately scoped to block
potentially public CIDR ranges. It it utilising the latest `pycfmodel` release (0.7.0).

Improvements
- Generate DEFAULT_RULES and BASE_CLASSES using code instead of hardcoding
Fixed
- Whitelist did not work if it didn't have the `Rule` prefix
Breaking changes
- Sufix `KMSKeyWildcardPrincipal` and `SecurityGroupIngressOpenToWorld` with `Rule`
- Sufix whitelist constant `FullWildcardPrincipal` and `PartialWildcardPrincipal` with `Rule`

Improvements
- Update dependencies

Improvements
- Rule processor now accepts an extras parameter that will be forwarded to the rules
- Main gets extra information from the event and forwards it to the rule formatter

Breaking changes
- Completely changed base `Rule` abstract class signature and adapted rule classes to match it:
- Init now only takes a `Config`
- `invoke` method now accepts an optional extra Dict
- `invoke` method returns a `Result` instead of `None`
- `add_failure` has been renamed to `add_failure_to_result`. It now takes a result instead of a reason
(that now it's inferred)
- `add_warning` has been renamed to `add_warning_to_result`. It now has the same signature than `add_failure_to_result`
Improvements
- Rule Invoke extras parameter has been added to allow changing the rule behaviour depending on state besides the cfmodel itself:
- Stack naming rules
- Stack tags
- User restrictions
- ...

Fixed
- Regular expressions had an unescaped '.' before 'amazonaws.com', so it might match more hosts than expected.
Changed
- `CloudFormationAuthenticationRule` now in `MONITOR` mode and new test added
- `IAMRoleWildcardActionOnPolicyRule` combines three previous unused rules in `IAMManagedPolicyWildcardActionRule`, `IAMRoleWildcardActionOnPermissionsPolicyRule`, and `IAMRoleWildcardActionOnTrustPolicyRule`
- `IAMRoleWildcardActionOnPolicyRule` now in `DEBUG` mode
- `S3BucketPolicyWildcardActionRule` has now been changed to be an instantiation of the new generic rule `GenericWildcardPolicyRule`. It is set in `DEBUG` mode
- `S3BucketPolicyWildcardActionRule` has had updated regex filter to make it more aligned with both further rules to do with wildcards in actions, and the existing `SQSQueuePolicyWildcardActionRule`
- `SQSQueuePolicyWildcardActionRule` has now been changed to be an instantiation of the new generic rule `GenericWildcardPolicyRule`. It is set in `DEBUG` mode
- `SecurityGroupMissingEgressRule` now in `DEBUG` mode and a new test added
- `SNSTopicPolicyWildcardActionRule` has beed added. It is an instantiation of the new generic rule `GenericWildcardPolicyRule`. It is set in `DEBUG` mode
Breaking changes
- The following rules are no longer available:
- `IAMRoleWildcardActionOnPermissionsPolicyRule`
- `IAMRoleWildcardActionOnTrustPolicyRule`
- `IAMManagedPolicyWildcardActionRule`
- The following rules have been moved:
- `S3BucketPolicyWildcardActionRule`
- `SQSQueuePolicyWildcardActionRule`