Add bandit pre-commit hook

Signed-off-by: Federico Busetti <729029+febus982@users.noreply.github.com>

Author: febus982

.bandit.yml

@@ -134,6 +134,7 @@ any_other_function_with_shell_equals_true:
   - subprocess.run
 assert_used:
   skips:
+  - tests/*.py
   - ./tests/*.py
 hardcoded_tmp_directory:
   tmp_dirs:

.pre-commit-config.yaml

@@ -32,3 +32,9 @@ repos:
         args: [ --fix ]
       # Run the formatter.
       #- id: ruff-format
+  - repo: https://github.com/PyCQA/bandit
+    # Ruff version.
+    rev: 1.7.6
+    hooks:
+      - id: bandit
+        args: [ --configfile, .bandit.yml ]