Description
What's the point of md5 usage?
md5 was proofed to be insecure. It's possible to find collisions fast. A potential attacker theoretically can send unique query parameters which weren't present in the past but which will be cache-hit. Although, it's difficult for me to make up an example where this is a security breach, it's still possible in a complex system.
Probably, md5 was chosen because of its speed. At least, code owners look aware of an issue. Linter warnings are ignored with "noqa" comments.
Though key builder can be changed manually, I'm suggesting to change an algorithm in the library. Blake2 is a faster and secure hashing algorithm included in Python standard library.
Benchmarks:
from https://medium.com/logos-network/benchmarking-hash-and-signature-algorithms-6079735ce05