From 287c45e2dcc82f2a1a889d4b45099ab72476a3f6 Mon Sep 17 00:00:00 2001
From: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com>
Date: Thu, 26 Mar 2026 09:12:34 +0000
Subject: [PATCH] fix: resolve CodeQL alert #16 - Use of a broken or weak
 cryptographic hashing algorithm on sensitive data

---
 vulnerable_weak_crypto.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/vulnerable_weak_crypto.py b/vulnerable_weak_crypto.py
index 5b8aca6..e8f1387 100644
--- a/vulnerable_weak_crypto.py
+++ b/vulnerable_weak_crypto.py
@@ -4,7 +4,7 @@
 from Crypto.Hash import MD5, SHA1
 
 def hash_password_weak(password):
-    return hashlib.md5(password.encode()).hexdigest()
+    return hashlib.sha256(password.encode()).hexdigest()
 
 def hash_with_sha1(data):
     return hashlib.sha1(data.encode()).hexdigest()