ご判断にお任せします。
一応「sha1」のgrep結果を貼っておきます。

src\Eccube\Application.php(543,30) [UTF-8]: 'key' => sha1($this['config']['auth_magic']),
src\Eccube\Controller\Admin\Store\PluginController.php(186,32) [UTF-8]: $tmpFile = sha1(Str::random(32)).'.'.$formFile->getClientOriginalExtension();
src\Eccube\Controller\Admin\Store\PluginController.php(356,32) [UTF-8]: $tmpFile = sha1(Str::random(32)).'.'.$formFile->getClientOriginalExtension(); // 拡張子を付けないとpharが動かないので付ける
src\Eccube\Controller\Admin\Store\PluginController.php(555,40) [UTF-8]: $tmpFile = sha1(Str::random(32)).'.'.$extension;
src\Eccube\Controller\Admin\Store\TemplateController.php(124,19) [UTF-8]: $uniqId = sha1(Str::random(32));
src\Eccube\Controller\Admin\Store\TemplateController.php(248,27) [UTF-8]: $uniqId = sha1(Str::random(32));
src\Eccube\Log\Monolog\Helper\LogHelper.php(126,56) [UTF-8]: $record['session_id'] = substr(sha1($sessionId), 0, 8);
src\Eccube\Security\Core\Encoder\PasswordEncoder.php(84,25) [UTF-8]: $hash = sha1($raw . ':' . $this->config['auth_magic']);
src\Eccube\Service\PluginService.php(86,63) [UTF-8]: $d = ($this->app['config']['plugin_temp_realdir'].'/'.sha1(Str::random(16)));
src\Eccube\Service\ShoppingService.php(133,27) [UTF-8]: $preOrderId = sha1(Str::random(32));