Weak cryptography suppression. (#10689)

* Weak cryptography suppression.

src/WebJobs.Script/Description/DotNet/PackageManager.cs

@@ -125,6 +125,7 @@ internal static string GetCurrentLockFileHash(string functionDirectory)
                 return string.Empty;
             }
 
+            // CodeQL [SM02196] The hash here is used to create a unique identifier over non-sensitive data and there is no security impact. Changing the hashing algorithm of the file path hash would be a breaking change for applications.
             using (var md5 = MD5.Create())
             {
                 using (var stream = File.OpenRead(lockFilePath))

src/WebJobs.Script/Host/ScriptHostIdProvider.cs

@@ -57,6 +57,8 @@ internal static HostIdResult GetDefaultHostId(IEnvironment environment, ScriptAp
                 if (!string.IsNullOrEmpty(uniqueSlotName))
                 {
                     byte[] hash;
+                    // The Functions Host uses a Host ID to uniquely identify a particular Function App. By default, the ID is auto-generated from the Function App name, by taking the first 32 characters.
+                    // CodeQL [SM02196] The hash here is used to create a unique identifier over non-sensitive data and there is no security impact. Changing the hashing algorithm of the host ID creation would be a breaking change for applications.
                     using (MD5 md5 = MD5.Create())
                     {
                         hash = md5.ComputeHash(Encoding.UTF8.GetBytes(uniqueSlotName));