From 279f5616d1279be314ee5899bd9d4aaa7568f1a8 Mon Sep 17 00:00:00 2001
From: Vikram Rangnekar <vicram@gmail.com>
Date: Sun, 3 May 2020 16:08:17 -0400
Subject: [PATCH] fix: fix for issues reported by deepsource

---
 core/prepare.go              | 4 ++--
 internal/serv/cmd_migrate.go | 2 +-
 internal/serv/utils.go       | 4 ++--
 3 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/core/prepare.go b/core/prepare.go
index a379bde..44f0694 100644
--- a/core/prepare.go
+++ b/core/prepare.go
@@ -3,7 +3,7 @@ package core
 import (
 	"bytes"
 	"context"
-	"crypto/sha1"
+	"crypto/sha256"
 	"database/sql"
 	"encoding/hex"
 	"fmt"
@@ -251,7 +251,7 @@ func (sg *SuperGraph) initAllowList() error {
 
 // nolint: errcheck
 func stmtHash(name string, role string) string {
-	h := sha1.New()
+	h := sha256.New()
 	io.WriteString(h, strings.ToLower(name))
 	io.WriteString(h, role)
 	return hex.EncodeToString(h.Sum(nil))
diff --git a/internal/serv/cmd_migrate.go b/internal/serv/cmd_migrate.go
index e50a17e..07cd35b 100644
--- a/internal/serv/cmd_migrate.go
+++ b/internal/serv/cmd_migrate.go
@@ -109,7 +109,7 @@ func cmdDBNew(cmd *cobra.Command, args []string) {
 
 	// Write new migration
 	mpath := filepath.Join(migrationsPath, mname)
-	mfile, err := os.OpenFile(mpath, os.O_CREATE|os.O_EXCL|os.O_WRONLY, 0666)
+	mfile, err := os.OpenFile(mpath, os.O_CREATE|os.O_EXCL|os.O_WRONLY, 0600)
 	if err != nil {
 		log.Fatalf("ERR %s", err)
 	}
diff --git a/internal/serv/utils.go b/internal/serv/utils.go
index 6c64649..8a6b519 100644
--- a/internal/serv/utils.go
+++ b/internal/serv/utils.go
@@ -2,7 +2,7 @@ package serv
 
 import (
 	"bytes"
-	"crypto/sha1"
+	"crypto/sha256"
 	"encoding/hex"
 	"io"
 	"os"
@@ -16,7 +16,7 @@ import (
 // nolint: errcheck
 func gqlHash(b string, vars []byte, role string) string {
 	b = strings.TrimSpace(b)
-	h := sha1.New()
+	h := sha256.New()
 	query := "query"
 
 	s, e := 0, 0