From 0808556c6f62ea03c7118e74e7740006c1158487 Mon Sep 17 00:00:00 2001
From: kdestin <101366538+kdestin@users.noreply.github.com>
Date: Tue, 20 Aug 2024 00:36:34 -0400
Subject: [PATCH] chore: Switch to sha256 from md5

    This use of md5 doesn't appear to be a cryptographically sensitive
    context, but the easiest remediation for the CodeQL flags is to
    switch to an approved hash function.
---
 .../distributed-training-yolov5/yolov5/utils/dataloaders.py     | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/sdk/python/jobs/single-step/pytorch/distributed-training-yolov5/yolov5/utils/dataloaders.py b/sdk/python/jobs/single-step/pytorch/distributed-training-yolov5/yolov5/utils/dataloaders.py
index 7f01ac0026c..204f7519372 100644
--- a/sdk/python/jobs/single-step/pytorch/distributed-training-yolov5/yolov5/utils/dataloaders.py
+++ b/sdk/python/jobs/single-step/pytorch/distributed-training-yolov5/yolov5/utils/dataloaders.py
@@ -103,7 +103,7 @@
 def get_hash(paths):
     # Returns a single hash value of a list of paths (files or dirs)
     size = sum(os.path.getsize(p) for p in paths if os.path.exists(p))  # sizes
-    h = hashlib.md5(str(size).encode())  # hash sizes
+    h = hashlib.sha256(str(size).encode())  # hash sizes
     h.update("".join(paths).encode())  # hash paths
     return h.hexdigest()  # return hash