Slightly tricky one this, as if we add hashlib.new , then Bandit will incorrectly report on legitimate crypto, such as `hash = hashlib.new('sha256')`
This would need us to be able to look beyond just the call and the calls content as well.
Slightly tricky one this, as if we add hashlib.new , then Bandit will incorrectly report on legitimate crypto, such as `hash = hashlib. new('sha256' )`
This would need us to be able to look beyond just the call and the calls content as well.