Bump bandit from 1.7.7 to 1.8.3

[dependabot[bot]]

Bumps bandit from 1.7.7 to 1.8.3.

Release notes

Sourced from bandit's releases.

1.8.3

What's Changed

• Bump docker/build-push-action from 6.10.0 to 6.11.0 by @​dependabot in PyCQA/bandit#1220
• Bump docker/build-push-action from 6.11.0 to 6.12.0 by @​dependabot in PyCQA/bandit#1221
• Bump docker/build-push-action from 6.12.0 to 6.13.0 by @​dependabot in PyCQA/bandit#1222
• [pre-commit.ci] pre-commit autoupdate by @​pre-commit-ci in PyCQA/bandit#1229
• Update bug template to include latest released versions by @​ericwb in PyCQA/bandit#1218
• Add markupsafe.Markup XSS plugin by @​Daverball in PyCQA/bandit#1225
• Warn not error on an nonexistant test given by @​ericwb in PyCQA/bandit#1230
• Bump sigstore/cosign-installer from 3.7.0 to 3.8.0 by @​dependabot in PyCQA/bandit#1233
• Bump docker/setup-buildx-action from 3.8.0 to 3.9.0 by @​dependabot in PyCQA/bandit#1234
• B107: Skip None values in hardcoded password detection by @​lukehinds in PyCQA/bandit#1232
• Pytorch fix by @​lukehinds in PyCQA/bandit#1231

New Contributors

• @​Daverball made their first contribution in PyCQA/bandit#1225

Full Changelog: https://github.com/PyCQA/bandit/compare/1.8.2...1.8.3

1.8.2

What's Changed

• Revert "Start testing with 3.14 alphas" by @​ericwb in PyCQA/bandit#1217

Full Changelog: https://github.com/PyCQA/bandit/compare/1.8.1...1.8.2

1.8.1

What's Changed

• Bump docker/build-push-action from 6.9.0 to 6.10.0 by @​dependabot in PyCQA/bandit#1209
• Update the bug template with latest bandit version by @​ericwb in PyCQA/bandit#1208
• Add Mercedes-Benz to sponsor list by @​ericwb in PyCQA/bandit#1210
• Bump docker/setup-buildx-action from 3.7.1 to 3.8.0 by @​dependabot in PyCQA/bandit#1211
• [pre-commit.ci] pre-commit autoupdate by @​pre-commit-ci in PyCQA/bandit#1213
• Start testing with 3.14 alphas by @​ericwb in PyCQA/bandit#1189
• Remove lxml (B320 & B410) from blacklist by @​djbrown in PyCQA/bandit#1212
• Clarify "getting started" docs by @​Flimm in PyCQA/bandit#963

New Contributors

• @​djbrown made their first contribution in PyCQA/bandit#1212
• @​Flimm made their first contribution in PyCQA/bandit#963

Full Changelog: https://github.com/PyCQA/bandit/compare/1.8.0...1.8.1

1.8.0

What's Changed

• Bump docker/build-push-action from 6.7.0 to 6.9.0 by @​dependabot in PyCQA/bandit#1178
• Rename doc file to match proper bandit ID by @​ericwb in PyCQA/bandit#1183
• Removal of Python 3.8 support by @​ericwb in PyCQA/bandit#1174
• Add more insecure cryptography cipher algorithms by @​ericwb in PyCQA/bandit#1185
• Bump docker/setup-buildx-action from 3.6.1 to 3.7.1 by @​dependabot in PyCQA/bandit#1186

... (truncated)

Commits

• 8ff25e0 Pytorch fix (#1231)
• def123a B107: Skip None values in hardcoded password detection (#1232)
• 00b1e95 Bump docker/setup-buildx-action from 3.8.0 to 3.9.0 (#1234)
• a324f42 Bump sigstore/cosign-installer from 3.7.0 to 3.8.0 (#1233)
• affd4fd Warn not error on an nonexistant test given (#1230)
• 5e3e694 Add markupsafe.Markup XSS plugin (#1225)
• 6133e08 Update bug template to include latest released versions (#1218)
• 7619cc4 [pre-commit.ci] pre-commit autoupdate (#1229)
• 3348781 Bump docker/build-push-action from 6.12.0 to 6.13.0 (#1222)
• ef0090f Bump docker/build-push-action from 6.11.0 to 6.12.0 (#1221)
• Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Note Automatic rebases have been disabled on this pull request as it has been open for over 30 days.