add support for the new InSpec 3.x data

[aaronlippold]

InSpec 3.x introduced two breaking change to our apps - multi-section describe blocks

1. Multi-Section describe blocks
   see: Add support for multiple descriptions for controls inspec/inspec#3424
2. Text based impacts
   see: Add string impact options for controls inspec/inspec#3359

We will need to update all our apps to support both pre and post InSpec.

[aaronlippold]

I actually want a couple things out of that PR for both Heimdall and Heimdall-Lite and Vulcan and the _tools.

( please create an issues on each project for this - and create a PR or PRs to cover the 6 elements )

• That we update the parsing to allow for either a tag fix and check or a desc, fix and check.
• That we allow for allow for three new types: desc, justification, caveat, discussion
  a. That caveat and or justification are appended to the 'Finding Details'
  b. We actually search for /*caveat*/ and /*justification*/ - such that myorg-/_caveat is discovered.
  b. that discussion or /*discussion*/ be appended to the bottom of the general description - such that vulnerability_discussion would be discovered.
• That we support both text based impacts and numeric based impacts
  a. that our default is the text based impact
  b. that we 'display' the text based impact but put the numeric in if it was used high (0.7)
• That we update inspec_tools and heimdall_tools to use the new sub-sections and text based impacts
• That CAT I / CAT II / CAT III be replaced by High / Medium / Low
• That our tools do not create code that uses " where ' are the correct style

[samcornwell]

working on this