I have a mostly ruby project, with the pymysql (https://github.com/PyMySQL/PyMySQL) library copied into the repository. I am using SonarCloud for scanning.
I am getting the a few security hotspots stating https://rules.sonarsource.com/python/RSPEC-4790 as the issue. They are all about use of sha256 or sha512 in the code. As an example:
Why is the scan alarming about use of sha256 and sha512 when they are both listed in the Recommended Secure Coding Practices?
Is this a false positive or is there something I need to do to remediate this?