[stable-only] Cap bandit to 1.6.2 and raise hacking, flake8 and stestr

The 1.6.3 [1] release has dropped support for py2 [2] so cap to 1.6.2
when using py2.

This change also raises hacking to 1.1.0 in lower-constraints.txt after
it was bumped by I35c654bd39f343417e0a1124263ff31dcd0b05c9. This also
means that flake8 is bumped to 2.6.0. stestr is also bumped to 2.0.0 as
required by oslotest 3.8.0.

All of these changes are squashed into a single change to pass the gate.

[1] https://github.com/PyCQA/bandit/releases/tag/1.6.3
[2] https://github.com/PyCQA/bandit/pull/615

Depends-On: https://review.opendev.org/c/openstack/devstack/+/768256
Depends-On: https://review.opendev.org/c/openstack/swift/+/766214

Closes-Bug: #1907438
Closes-Bug: #1907756
Change-Id: Ie5221bf37c6ed9268a4aa0737ffcdd811e39360a

lower-constraints.txt

@@ -27,14 +27,14 @@ eventlet==0.20.0
 extras==1.0.0
 fasteners==0.14.1
 fixtures==3.0.0
-flake8==2.5.5
+flake8==2.6.0
 future==0.16.0
 futurist==1.8.0
 gabbi==1.35.0
 gitdb2==2.0.3
 GitPython==2.1.8
 greenlet==0.4.10
-hacking==0.12.0
+hacking==1.1.0
 idna==2.6
 iso8601==0.1.11
 Jinja2==2.10
@@ -149,7 +149,7 @@ SQLAlchemy==1.2.19
 sqlalchemy-migrate==0.11.0
 sqlparse==0.2.4
 statsd==3.2.2
-stestr==1.0.0
+stestr==2.0.0
 stevedore==1.20.0
 suds-jurko==0.6
 taskflow==2.16.0

test-requirements.txt

@@ -16,12 +16,12 @@ python-barbicanclient>=4.5.2 # Apache-2.0
 python-ironicclient!=2.7.1,>=2.7.0 # Apache-2.0
 requests-mock>=1.2.0 # Apache-2.0
 oslotest>=3.8.0 # Apache-2.0
-stestr>=1.0.0 # Apache-2.0
+stestr>=2.0.0 # Apache-2.0
 osprofiler>=1.4.0 # Apache-2.0
 testresources>=2.0.0 # Apache-2.0/BSD
 testscenarios>=0.4 # Apache-2.0/BSD
 testtools>=2.2.0 # MIT
-bandit>=1.1.0 # Apache-2.0
+bandit>=1.1.0,<=1.6.2 # Apache-2.0
 gabbi>=1.35.0 # Apache-2.0
 wsgi-intercept>=1.7.0 # MIT License