build(deps): bump bandit from 1.5.7 to 1.6.7 in /elixir (#7981)

[//]: # (dependabot-start)
⚠️  **Dependabot is rebasing this PR** ⚠️ 

Rebasing might not happen immediately, so don't worry if this takes some
time.

Note: if you make any changes to this PR yourself, they will take
precedence over the rebase.

---

[//]: # (dependabot-end)

Bumps [bandit](https://github.com/mtrudel/bandit) from 1.5.7 to 1.6.7.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/mtrudel/bandit/blob/main/CHANGELOG.md">bandit's
changelog</a>.</em></p>
<blockquote>
<h2>1.6.7 (30 Jan 2025)</h2>
<h3>Changes</h3>
<ul>
<li>Consider timeouts when reading HTTP/1 headers as a connection error
and not an HTTP error</li>
<li>Enhance logging for WebSocket deflation errors</li>
</ul>
<h2>1.6.6 (25 Jan 2025)</h2>
<h3>Fixes</h3>
<ul>
<li>Consider closures during HTTP/1 header reading as a socket error to
silence them by default via <code>log_client_closures</code> config
flag</li>
<li>Send <code>connection: close</code> when closing connection on error
per RFC9112§9.6</li>
</ul>
<h3>Enhancements</h3>
<ul>
<li>Add experimental opt-in trace logging to help diagnose hard to
reproduce errors</li>
<li>Move CI to 1.18 &amp; improve tests (<a
href="https://redirect.github.com/mtrudel/bandit/issues/459">#459</a>,
<a
href="https://redirect.github.com/mtrudel/bandit/issues/461">#461</a>,
thanks <a
href="https://github.com/grzuy"><code>@​grzuy</code></a>!)</li>
</ul>
<h2>1.6.5 (15 Jan 2025)</h2>
<h3>Fixes</h3>
<ul>
<li>Fix regression introduced in 1.6.1 where we would not send headers
set by the Plug during WebSocket upgrades (<a
href="https://redirect.github.com/mtrudel/bandit/issues/458">#458</a>)</li>
</ul>
<h3>Enhancements</h3>
<ul>
<li>Properly normalize Erlang errors before emitting telemetry and
logged crash_reason (<a
href="https://redirect.github.com/mtrudel/bandit/issues/455">#455</a>,
thanks <a
href="https://github.com/grzuy"><code>@​grzuy</code></a>!)</li>
</ul>
<h2>1.6.4 (11 Jan 2025)</h2>
<h3>Fixes</h3>
<ul>
<li>Fix error in socket setup error handling introduced in 1.6.2 (thanks
<a
href="https://github.com/danielspofford"><code>@​danielspofford</code></a>!)</li>
</ul>
<h2>1.6.3 (8 Jan 2025)</h2>
<h3>Fixes</h3>
<ul>
<li>Always close HTTP/1 connection in any case where an error comes out
of the plug (<a
href="https://redirect.github.com/mtrudel/bandit/issues/452">#452</a>,
thanks <a
href="https://github.com/zookzook"><code>@​zookzook</code></a>!)</li>
<li>Fix dialyzer warning introduced by Thousand Island 1.3.9</li>
</ul>
<h2>1.6.2 (4 Jan 2025)</h2>
<h3>Enhancements</h3>
<ul>
<li>Send telemetry events on Plugs that throw or exit (<a
href="https://redirect.github.com/mtrudel/bandit/issues/443">#443</a>)</li>
<li>Improve test robustness &amp; speed (<a
href="https://redirect.github.com/mtrudel/bandit/issues/446">#446</a>)</li>
<li>Read a minimal number of bytes when sniffing for protocol (<a
href="https://redirect.github.com/mtrudel/bandit/issues/449">#449</a>)</li>
<li>Add <code>plug</code> and <code>websock</code> to logging metadata
whenever possible (<a
href="https://redirect.github.com/mtrudel/bandit/issues/448">#448</a>)</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="5879549e6a"><code>5879549</code></a>
Version bump to 1.6.7</li>
<li><a
href="2f55abc702"><code>2f55abc</code></a>
Include details of websocket deflation error</li>
<li><a
href="8f257f1213"><code>8f257f1</code></a>
Consider HTTP/1 header read timeouts as connection errors</li>
<li><a
href="575c396d0b"><code>575c396</code></a>
Version bump to 1.6.6</li>
<li><a
href="137ff68657"><code>137ff68</code></a>
Fixup dialyzer warning under 1.18</li>
<li><a
href="9e6ba262e1"><code>9e6ba26</code></a>
Don't credo test files</li>
<li><a
href="f62faab84a"><code>f62faab</code></a>
Version bump CI to 1.18/27</li>
<li><a
href="a5fcb83590"><code>a5fcb83</code></a>
Minor typo</li>
<li><a
href="5adc828d8c"><code>5adc828</code></a>
Trace tooling (<a
href="https://redirect.github.com/mtrudel/bandit/issues/453">#453</a>)</li>
<li><a
href="bc0a4fdfed"><code>bc0a4fd</code></a>
Use an apply when inducing runtime crashes in order to fool the
increasingly ...</li>
<li>Additional commits viewable in <a
href="https://github.com/mtrudel/bandit/compare/1.5.7...1.6.7">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=bandit&package-manager=hex&previous-version=1.5.7&new-version=1.6.7)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

elixir/mix.lock

@@ -1,7 +1,7 @@
 %{
   "acceptor_pool": {:hex, :acceptor_pool, "1.0.0", "43c20d2acae35f0c2bcd64f9d2bde267e459f0f3fd23dab26485bf518c281b21", [:rebar3], [], "hexpm", "0cbcd83fdc8b9ad2eee2067ef8b91a14858a5883cb7cd800e6fcd5803e158788"},
   "argon2_elixir": {:hex, :argon2_elixir, "4.0.0", "7f6cd2e4a93a37f61d58a367d82f830ad9527082ff3c820b8197a8a736648941", [:make, :mix], [{:comeonin, "~> 5.3", [hex: :comeonin, repo: "hexpm", optional: false]}, {:elixir_make, "~> 0.6", [hex: :elixir_make, repo: "hexpm", optional: false]}], "hexpm", "f9da27cf060c9ea61b1bd47837a28d7e48a8f6fa13a745e252556c14f9132c7f"},
-  "bandit": {:hex, :bandit, "1.5.7", "6856b1e1df4f2b0cb3df1377eab7891bec2da6a7fd69dc78594ad3e152363a50", [:mix], [{:hpax, "~> 1.0.0", [hex: :hpax, repo: "hexpm", optional: false]}, {:plug, "~> 1.14", [hex: :plug, repo: "hexpm", optional: false]}, {:telemetry, "~> 0.4 or ~> 1.0", [hex: :telemetry, repo: "hexpm", optional: false]}, {:thousand_island, "~> 1.0", [hex: :thousand_island, repo: "hexpm", optional: false]}, {:websock, "~> 0.5", [hex: :websock, repo: "hexpm", optional: false]}], "hexpm", "f2dd92ae87d2cbea2fa9aa1652db157b6cba6c405cb44d4f6dd87abba41371cd"},
+  "bandit": {:hex, :bandit, "1.6.7", "42f30e37a1c89a2a12943c5dca76f731a2313e8a2e21c1a95dc8241893e922d1", [:mix], [{:hpax, "~> 1.0", [hex: :hpax, repo: "hexpm", optional: false]}, {:plug, "~> 1.14", [hex: :plug, repo: "hexpm", optional: false]}, {:telemetry, "~> 0.4 or ~> 1.0", [hex: :telemetry, repo: "hexpm", optional: false]}, {:thousand_island, "~> 1.0", [hex: :thousand_island, repo: "hexpm", optional: false]}, {:websock, "~> 0.5", [hex: :websock, repo: "hexpm", optional: false]}], "hexpm", "551ba8ff5e4fc908cbeb8c9f0697775fb6813a96d9de5f7fe02e34e76fd7d184"},
   "bunt": {:hex, :bunt, "1.0.0", "081c2c665f086849e6d57900292b3a161727ab40431219529f13c4ddcf3e7a44", [:mix], [], "hexpm", "dc5f86aa08a5f6fa6b8096f0735c4e76d54ae5c9fa2c143e5a1fc7c1cd9bb6b5"},
   "bureaucrat": {:hex, :bureaucrat, "0.2.10", "b0de157dad540e40007b663b683f716ced21f85ff0591093aadb209ad0d967e1", [:mix], [{:inflex, ">= 1.10.0", [hex: :inflex, repo: "hexpm", optional: false]}, {:phoenix, ">= 1.2.0", [hex: :phoenix, repo: "hexpm", optional: true]}, {:plug, ">= 1.0.0", [hex: :plug, repo: "hexpm", optional: false]}, {:poison, "~> 1.5 or ~> 2.0 or ~> 3.0 or ~> 4.0 or ~> 5.0", [hex: :poison, repo: "hexpm", optional: true]}], "hexpm", "bc7e5162b911c29c8ebefee87a2c16fbf13821a58f448a8fd024eb6c17fae15c"},
   "bypass": {:hex, :bypass, "2.1.0", "909782781bf8e20ee86a9cabde36b259d44af8b9f38756173e8f5e2e1fabb9b1", [:mix], [{:plug, "~> 1.7", [hex: :plug, repo: "hexpm", optional: false]}, {:plug_cowboy, "~> 2.0", [hex: :plug_cowboy, repo: "hexpm", optional: false]}, {:ranch, "~> 1.3", [hex: :ranch, repo: "hexpm", optional: false]}], "hexpm", "d9b5df8fa5b7a6efa08384e9bbecfe4ce61c77d28a4282f79e02f1ef78d96b80"},
@@ -102,7 +102,7 @@
   "telemetry_metrics": {:hex, :telemetry_metrics, "1.1.0", "5bd5f3b5637e0abea0426b947e3ce5dd304f8b3bc6617039e2b5a008adc02f8f", [:mix], [{:telemetry, "~> 0.4 or ~> 1.0", [hex: :telemetry, repo: "hexpm", optional: false]}], "hexpm", "e7b79e8ddfde70adb6db8a6623d1778ec66401f366e9a8f5dd0955c56bc8ce67"},
   "telemetry_poller": {:hex, :telemetry_poller, "1.1.0", "58fa7c216257291caaf8d05678c8d01bd45f4bdbc1286838a28c4bb62ef32999", [:rebar3], [{:telemetry, "~> 1.0", [hex: :telemetry, repo: "hexpm", optional: false]}], "hexpm", "9eb9d9cbfd81cbd7cdd24682f8711b6e2b691289a0de6826e58452f28c103c8f"},
   "tesla": {:hex, :tesla, "1.13.2", "85afa342eb2ac0fee830cf649dbd19179b6b359bec4710d02a3d5d587f016910", [:mix], [{:castore, "~> 0.1 or ~> 1.0", [hex: :castore, repo: "hexpm", optional: true]}, {:exjsx, ">= 3.0.0", [hex: :exjsx, repo: "hexpm", optional: true]}, {:finch, "~> 0.13", [hex: :finch, repo: "hexpm", optional: true]}, {:fuse, "~> 2.4", [hex: :fuse, repo: "hexpm", optional: true]}, {:gun, ">= 1.0.0", [hex: :gun, repo: "hexpm", optional: true]}, {:hackney, "~> 1.6", [hex: :hackney, repo: "hexpm", optional: true]}, {:ibrowse, "4.4.2", [hex: :ibrowse, repo: "hexpm", optional: true]}, {:jason, ">= 1.0.0", [hex: :jason, repo: "hexpm", optional: true]}, {:mime, "~> 1.0 or ~> 2.0", [hex: :mime, repo: "hexpm", optional: false]}, {:mint, "~> 1.0", [hex: :mint, repo: "hexpm", optional: true]}, {:mox, "~> 1.0", [hex: :mox, repo: "hexpm", optional: true]}, {:msgpax, "~> 2.3", [hex: :msgpax, repo: "hexpm", optional: true]}, {:poison, ">= 1.0.0", [hex: :poison, repo: "hexpm", optional: true]}, {:telemetry, "~> 0.4 or ~> 1.0", [hex: :telemetry, repo: "hexpm", optional: true]}], "hexpm", "960609848f1ef654c3cdfad68453cd84a5febecb6ed9fed9416e36cd9cd724f9"},
-  "thousand_island": {:hex, :thousand_island, "1.3.5", "6022b6338f1635b3d32406ff98d68b843ba73b3aa95cfc27154223244f3a6ca5", [:mix], [{:telemetry, "~> 0.4 or ~> 1.0", [hex: :telemetry, repo: "hexpm", optional: false]}], "hexpm", "2be6954916fdfe4756af3239fb6b6d75d0b8063b5df03ba76fd8a4c87849e180"},
+  "thousand_island": {:hex, :thousand_island, "1.3.9", "095db3e2650819443e33237891271943fad3b7f9ba341073947581362582ab5a", [:mix], [{:telemetry, "~> 0.4 or ~> 1.0", [hex: :telemetry, repo: "hexpm", optional: false]}], "hexpm", "25ab4c07badadf7f87adb4ab414e0ed374e5f19e72503aa85132caa25776e54f"},
   "tls_certificate_check": {:hex, :tls_certificate_check, "1.26.0", "c0e8ffab875748f2b122d4d4e465aeaa7249ea539f1004b7922cb3c61ffe261d", [:rebar3], [{:ssl_verify_fun, "~> 1.1", [hex: :ssl_verify_fun, repo: "hexpm", optional: false]}], "hexpm", "1bad73d88637f788b554a8e939c25db2bdaac88b10fffd5bba9d1b65f43a6b54"},
   "tzdata": {:hex, :tzdata, "1.1.2", "45e5f1fcf8729525ec27c65e163be5b3d247ab1702581a94674e008413eef50b", [:mix], [{:hackney, "~> 1.17", [hex: :hackney, repo: "hexpm", optional: false]}], "hexpm", "cec7b286e608371602318c414f344941d5eb0375e14cfdab605cca2fe66cba8b"},
   "unicode_util_compat": {:hex, :unicode_util_compat, "0.7.0", "bc84380c9ab48177092f43ac89e4dfa2c6d62b40b8bd132b1059ecc7232f9a78", [:rebar3], [], "hexpm", "25eee6d67df61960cf6a794239566599b09e17e668d3700247bc498638152521"},