I’m writing a function that takes a HTTP request from pip for package names, generating a response in the process. However, GitHub CodeQL does not like it, and warns that it is at risk of server-side request forgery. Is it possible to rewrite the following to satisfy GitHub CodeQL’s requirements, or should I just dismiss the warning?