[py-bandit] Poetry ./.cache dir is not excluded from bandit analysis

Describe the bug

When using latest version of the template on a project using Poetry as package manager, py-bandit job analyses the folder ./.cache containing all Poetry installed packages, which is supposed to be excluded.

I think

_run bandit ${TRACE+--verbose} --exclude ./.cache --exclude ./.venv ${BANDIT_ARGS}

should be replaced by

_run bandit ${TRACE+--verbose} --exclude ./.cache,./.venv ${BANDIT_ARGS}

Expected behavior

As with .venv folder, analysis shouldn't be made on ./.cache folder