From a11066116ce882251718ff0b7fcc7727f27ce17d Mon Sep 17 00:00:00 2001
From: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com>
Date: Thu, 26 Mar 2026 09:12:41 +0000
Subject: [PATCH] fix: resolve CodeQL alert #18 - Use of a broken or weak
 cryptographic hashing algorithm on sensitive data

---
 vulnerable_weak_crypto.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/vulnerable_weak_crypto.py b/vulnerable_weak_crypto.py
index 5b8aca6..190333a 100644
--- a/vulnerable_weak_crypto.py
+++ b/vulnerable_weak_crypto.py
@@ -37,7 +37,7 @@ def hash(self, password):
         return MD5.new(password.encode()).hexdigest()
 
 def verify_password(input_password, stored_hash):
-    input_hash = hashlib.md5(input_password.encode()).hexdigest()
+    input_hash = hashlib.sha256(input_password.encode()).hexdigest()
     return input_hash == stored_hash
 
 def encrypt_sensitive_data(data):