From 2b6619b4daec5daaa1a985f7a670b383ba4d04cd Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E6=B6=B5=E6=9B=A6?= <im.hanxi@gmail.com>
Date: Wed, 25 Sep 2024 22:26:48 +0800
Subject: [PATCH] Fix code scanning alert no. 32: Use of a broken or weak
 cryptographic hashing algorithm on sensitive data (#203)

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
---
 xiaomusic/httpserver.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/xiaomusic/httpserver.py b/xiaomusic/httpserver.py
index 9cf3aae..d83c831 100644
--- a/xiaomusic/httpserver.py
+++ b/xiaomusic/httpserver.py
@@ -399,7 +399,7 @@ def access_key_verification(file_path, key, code):
     if code is not None:
         current_code_bytes = code.encode("utf8")
         correct_code_bytes = (
-            hashlib.md5(
+            hashlib.sha256(
                 (
                     file_path + config.httpauth_username + config.httpauth_password
                 ).encode("utf-8")