NormalizedAdversaryAdapter -> NormalizedAttackerAdapter in Adversary.

[mzweilin]

What does this PR do?

This PR makes external attackers part of the unified Adversary object which enforces threat models.

Type of change

Please check all relevant options.

• Improvement (non-breaking)
• Bug fix (non-breaking)
• New feature (non-breaking)
• Breaking change (fix or feature that would cause existing functionality to not work as expected)
• This change requires a documentation update

Testing

Please describe the tests that you ran to verify your changes. Consider listing any relevant details of your test configuration.

• pytest tests

Before submitting

• The title is self-explanatory and the description concisely explains the PR
• My PR does only one thing, instead of bundling different changes together
• I list all the breaking changes introduced by this pull request
• I have commented my code
• I have added tests that prove my fix is effective or that my feature works
• New and existing unit tests pass locally with my changes
• I have run pre-commit hooks with pre-commit run -a command without errors

Did you have fun?

Make sure you had fun coding 🙃

[dxoigmn]

I think this should be an Adversary and not an Attacker. But if you want to make this an attacker, then you should really get rid of PartialInstanceWrapper.

[dxoigmn]

I think it's fine that this is an Adversary and should probably mimic the flow of what the current Adversary class does. But instead of taking a Trainer/Attacker, it takes an attack and instead of calling fit, it just calls the attack (or directly calls run_standard_evaluation).