Bump bandit from 1.7.1 to 1.7.2

[dependabot]

Bumps bandit from 1.7.1 to 1.7.2.

Release notes

Sourced from bandit's releases.

1.7.2

What's Changed

• Fix broken reported URL link for B107 by @​bagerard in PyCQA/bandit#751
• test_help_arg: remove assert on 'optional arguments' by @​mikelolasagasti in PyCQA/bandit#752
• Create FUNDING.yml by @​ericwb in PyCQA/bandit#774
• Start using auto-formatters by @​sigmavirus24 in PyCQA/bandit#754
• Drop end-of-life Python 3.5 by @​ericwb in PyCQA/bandit#746
• Drop end-of-life Python 3.6 by @​ericwb in PyCQA/bandit#777
• Fixup typo by @​spagh-eddie in PyCQA/bandit#769
• Fix README.rst by @​stannum-l in PyCQA/bandit#365
• Added snmp_security check plugin for various SNMP checks by @​Jed-Giblin in PyCQA/bandit#403
• Remove leftover openstack code by @​ericwb in PyCQA/bandit#778
• Correctly define extras in setup.cfg by @​mkniewallner in PyCQA/bandit#755

New Contributors

• @​bagerard made their first contribution in PyCQA/bandit#751
• @​mikelolasagasti made their first contribution in PyCQA/bandit#752
• @​sigmavirus24 made their first contribution in PyCQA/bandit#754
• @​spagh-eddie made their first contribution in PyCQA/bandit#769
• @​Jed-Giblin made their first contribution in PyCQA/bandit#403
• @​mkniewallner made their first contribution in PyCQA/bandit#755

Full Changelog: PyCQA/bandit@1.7.1...1.7.2

Commits

• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[codecov-commenter]

Codecov Report

Merging #10 (18a1f48) into main (6bf2923) will not change coverage.
The diff coverage is n/a.

@@           Coverage Diff           @@
##             main      #10   +/-   ##
=======================================
  Coverage   95.79%   95.79%           
=======================================
  Files           6        6           
  Lines         357      357           
  Branches       52       52           
=======================================
  Hits          342      342           
  Misses         13       13           
  Partials        2        2           

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 6bf2923...18a1f48. Read the comment docs.