Bandit reports this error:
>> Issue: [B105:hardcoded_password_string] Possible hardcoded password: 'init password=%(password)s%(totp)s
The password is of course never hardcoded there.
_PROTO_HANDSHAKE = f'(handshake) handshake password_hash_algo={_HASH_ALGOS}\n'
# initialize with the password (plain text)
-_PROTO_INIT_PWD = 'init password=%(password)s%(totp)s\n'
+_PROTO_INIT_PWD = 'init password=%(password)s%(totp)s\n' # nosec
# initialize with the hashed password
_PROTO_INIT_HASH = ('init password_hash='