Fix bandit security warnings for SHA1 hash usage

Add usedforsecurity=False parameter to hashlib.sha1() calls.
SHA1 is used for query fingerprinting, not cryptographic security,
so this parameter correctly indicates the usage and resolves the
bandit B324 warnings.

Author: SmileyChris

graphql_sqlcommenter/graphene_integration.py

@@ -468,7 +468,9 @@ def _generate_document_hash(query: str, length: int = 10) -> str:
     Returns:
         A hex-encoded hash of the query
     """
-    return hashlib.sha1(query.encode("utf-8")).hexdigest()[:length]
+    return hashlib.sha1(query.encode("utf-8"), usedforsecurity=False).hexdigest()[
+        :length
+    ]
 
 
 def _coerce_query_string(source: str | Any) -> str:

graphql_sqlcommenter/middleware.py

@@ -142,7 +142,9 @@ def _generate_document_hash(self, query: str, length: int = 10) -> str:
         Returns:
             A hex-encoded hash of the query
         """
-        return hashlib.sha1(query.encode("utf-8")).hexdigest()[:length]
+        return hashlib.sha1(query.encode("utf-8"), usedforsecurity=False).hexdigest()[
+            :length
+        ]
 
     def _parse_body(self, body: str) -> Mapping[str, object]:
         """