chore(deps-dev): bump bandit from 1.7.4 to 1.7.5

[dependabot]

Bumps bandit from 1.7.4 to 1.7.5.

Release notes

Sourced from bandit's releases.

1.7.5

What's Changed

• Add an example screen shot of Bandit to README by @​ericwb in PyCQA/bandit#847
• Bad link to screen shot by @​ericwb in PyCQA/bandit#848
• Use a constant for weak hashes by @​ericwb in PyCQA/bandit#850
• Group location line with code output by @​ericwb in PyCQA/bandit#822
• Fix line range using Python 3.8 end_lineno by @​ericwb in PyCQA/bandit#821
• Add classifier to indicate Py3 only by @​ericwb in PyCQA/bandit#853
• Removal of blacklist call B309 httpsconnection by @​ericwb in PyCQA/bandit#858
• Remove blacklist call check for os.tempnam by @​ericwb in PyCQA/bandit#859
• Indiciate hash type in message by @​ericwb in PyCQA/bandit#860
• Add the httpx module check for verify by @​ericwb in PyCQA/bandit#861
• Add doc for hashlib plugin by @​ericwb in PyCQA/bandit#862
• Make use of rich for progress bar by @​ericwb in PyCQA/bandit#863
• Replace toml with tomli by @​mkniewallner in PyCQA/bandit#829
• Fix up B109 and B111 removed plugins docs by @​ericwb in PyCQA/bandit#864
• add check for "requests" calls without timeout by @​mschfh in PyCQA/bandit#743
• Fix for build breaks in format job by @​ericwb in PyCQA/bandit#869
• Add license and contributing links to docs by @​ericwb in PyCQA/bandit#867
• Remove redundant word Bandit in titles of sections by @​ericwb in PyCQA/bandit#873
• Add request for feedback via 👍 by @​ericwb in PyCQA/bandit#871
• Add a Discord link to the docs by @​ericwb in PyCQA/bandit#870
• Adding logging.config.listen() plugin with examples by @​raj3shp in PyCQA/bandit#874
• Removal of ghugo by @​ericwb in PyCQA/bandit#881
• Remove redundant pip line by @​ericwb in PyCQA/bandit#884
• Corrected documentation on configuration by @​a-takahashi223 in PyCQA/bandit#868
• Start testing against Python 3.11 by @​mkniewallner in PyCQA/bandit#887
• Add myself to sponsor list by @​ericwb in PyCQA/bandit#885
• Add Discord link to README by @​ericwb in PyCQA/bandit#875
• Update action versions in Actions workflows (#890) by @​mportesdev in PyCQA/bandit#893
• Add dependency review action by @​ericwb in PyCQA/bandit#891
• Fix an unclosed tag in HTML formatter by @​mportesdev in PyCQA/bandit#896
• 'Test plugin listing' in docs incorrectly pointing B612 to plugin ref of B102 by @​rajaramsrn in PyCQA/bandit#897
• Make small fixes in docs by @​mportesdev in PyCQA/bandit#899
• Specify semver range for Python 3.11 by @​mportesdev in PyCQA/bandit#901
• Add another bad example of yaml load by @​ericwb in PyCQA/bandit#905
• Add releases link in "Version control integration" by @​travisjungroth in PyCQA/bandit#909
• Update version of dependency-review-action by @​mportesdev in PyCQA/bandit#911
• Avoid redundant message if debug on by @​ericwb in PyCQA/bandit#913
• Remove invalid checking on hashlib by @​ericwb in PyCQA/bandit#914
• Add some missing curve types by @​ericwb in PyCQA/bandit#920
• add jsonpickle deserialization blacklist by @​SugarP1g in PyCQA/bandit#707
• Fix reading the number argument from config file by @​KAUTH in PyCQA/bandit#923
• Add end_col_offset if available by @​ericwb in PyCQA/bandit#851
• Enhancement Proposal: Plugin "assert_used" config-skip snippet by @​marianomartinelli in PyCQA/bandit#695
• Blacklist pandas read_pickle and add functional test for it by @​jaspersival in PyCQA/bandit#710
• Docs for request without timeout has dead link by @​ericwb in PyCQA/bandit#925
• Add case for global exec by @​tonybaloney in PyCQA/bandit#570
• Fix a false positive condition yaml_load by @​ericwb in PyCQA/bandit#927
• Fix issue #453 jinja2 template select_autoescape when using jinja2.select_autoescape by @​kinow in PyCQA/bandit#454

... (truncated)

Commits

• ca4faf2 Added a bit more project_urls (#985)
• d87faed Check for github action updates monthly (#989)
• 72fa5a7 Improve handling nosec for multi-line strings (#915)
• 7e6f580 Improve detecting SQL injections in f-strings (#917)
• fe1361f Correct build status badge in README (#980)
• a762993 Fix breaking build due to new tox (#983)
• 91c4d97 DOC: Add explanation on how to use pre-commit with config file (#968)
• d9fe642 Add official Python 3.11 support (#964)
• 3aaa2b0 remove py2 exec example in docs (#947)
• a743858 Typo fix (#945)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot will merge this PR once CI passes on it, as requested by @andrewthetechie.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[andrewthetechie]

@dependabot merge

[dependabot]

One of your CI runs failed on this pull request, so Dependabot won't merge it.

Dependabot will still automatically merge this pull request if you amend it and your tests pass.

[andrewthetechie]

#62 -- filed this for the nosec additions on this pr