Add usedforsecurity=False argument to hashlib.md5 instances to support running on FIPS-enabled systems

[cquick01]

Describe the bug

Packages using lark fail when running in a FIPS-enabled environment due to use of the hashlib.md5 function. MD5 is not a secure algorithm to begin with, but it isn't really being used for security purposes here.

To support running in a FIPS environment, we can add usedforsecurity=False to the hashlib.md5 constructor. This argument is only available in Python 3.9+, but if implemented like hashlib.new('md5', usedforsecurity=False) it will not raise an exception on older versions of Python. See https://docs.python.org/3/library/hashlib.html#hash-algorithms for more info on the argument

To Reproduce

I see it when trying to install packages with poetry on a FIPS-enabled system (running RHEL 8.5).

    [digital envelope routines: EVP_DigestInit_ex] disabled for FIPS

  at ~/.pyenv/versions/3.9.13/lib/python3.9/site-packages/poetry/core/_vendor/lark/load_grammar.py:1315 in do_import
      1311│                         text = f.read()
      1312│             except IOError:
      1313│                 continue
      1314│             else:
    → 1315│                 h = hashlib.md5(text.encode('utf8')).hexdigest()
      1316│                 if self.used_files.get(joined_path, h) != h:
      1317│                     raise RuntimeError("Grammar file was changed during importing")
      1318│                 self.used_files[joined_path] = h
      1319│

[erezsh]

Sounds good to me.