Allow pinning Bandit version as an action input parameter?

[leofang]

Is your feature request related to a problem? Please describe.
Currently we let pip install float:

bandit-action/action.yml

Line 80 in b44244a

run: pip install bandit[sarif]

However, we'd like to have a precise control over the bandit version in use for security purposes.

Describe the solution you'd like
Allow it to be set as an action input:

      - name: Perform Bandit Analysis
        uses: PyCQA/bandit-action@v1
        with:
          version: 1.8.3

It is fine to keep the current behavior (i.e. default to let it float if not set).

Describe alternatives you've considered
n/a

Additional context
n/a