Bump bandit version

This patch bumps bandit allowed version to >=1.6.0,<1.7.0 in order to
avoid the errors detailed here https://github.com/PyCQA/bandit/pull/393

Change-Id: I0570c916cffc08bcbaebb385a9cc4a4c7038b215
Signed-off-by: Moisés Guimarães de Medeiros <moguimar@redhat.com>

oslo_policy/policy.py

@@ -956,16 +956,20 @@ class Enforcer(object):
                 # If the rule doesn't exist, fail closed
                 result = False
             else:
+                # NOTE(moguimar): suppressing [B105:hardcoded_password_string]
+                #                 as token_scope is not actually a hardcoded
+                #                 token.
+
                 # Check the scope of the operation against the possible scope
                 # attributes provided in `creds`.
                 if creds.get('system'):
-                    token_scope = 'system'
+                    token_scope = 'system'  # nosec
                 elif creds.get('domain_id'):
-                    token_scope = 'domain'
+                    token_scope = 'domain'  # nosec
                 else:
                     # If the token isn't system-scoped or domain-scoped then
                     # we're dealing with a project-scoped token.
-                    token_scope = 'project'
+                    token_scope = 'project'  # nosec
 
                 registered_rule = self.registered_rules.get(rule)
                 if registered_rule and registered_rule.scope_types:

test-requirements.txt

@@ -11,4 +11,4 @@ oslo.context>=2.22.0 # Apache-2.0
 coverage!=4.4,>=4.0 # Apache-2.0
 
 # Bandit security code scanner
-bandit>=1.1.0,<1.6.0 # Apache-2.0
+bandit>=1.6.0,<1.7.0 # Apache-2.0