Update Bandit to 1.7.2, Go deps to latest available

What does this MR do?

Monthly update for 14.8.

• I pulled in the latest Bandit version.
  • Note that the CHANGELOG had a change in 1.7.1 that Bandit says is in 1.7.2. I moved it to this release in the CHANGELOG to match.
• I updated direct dependencies in go.mod that had updates available. I didn't attempt to update transitive dependencies in any way.

What are the relevant issue numbers?

Part of https://gitlab.com/gitlab-org/security-products/release/-/issues/118

Does this MR meet the acceptance criteria?

• Changelog entry added
• Documentation created/updated for GitLab EE, if necessary
• Documentation created/updated for this project, if necessary
• Documentation reviewed by technical writer or follow-up review issue created
• Tests added for this feature/bug
• Job definition updated, if necessary
  • Auto-DevOps template
  • Job definition example
  • CI Templates
• Conforms to the code review guidelines
• Conforms to the Go guidelines
• Security reports checked/validated by reviewer