cravex2-reachability: Evaluate atom+chen on a simple end-to-end flow

[pombredanne]

We should evaluate atom+chen on a simple end-to-end flow:

• Install atom+chen
• Select a good CVE to use as a test.
  • Infer Package URL from references and other references issues for "commitish" URLs  #327 may be useful
• Collect the fix patch/commit
• Compute the graph on the vulnerable package with atom+chen
• Query that graph using fix patch/commit symbols (function, etc....)
• Report here about the experience