diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
index 13a55c8..2a67fbd 100644
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@@ -5,11 +5,6 @@ repos:
     hooks:
       - id: black
 
-  - repo: https://github.com/PyCQA/bandit
-    rev: 1.7.0
-    hooks:
-      - id: bandit
-
   - repo: https://github.com/PyCQA/flake8
     rev: 3.9.2
     hooks:
@@ -17,6 +12,8 @@ repos:
         additional_dependencies:
           - pycodestyle==2.7.0
           - pyflakes==2.3.1
+          - flake8-bandit==2.1.2
+          - bandit==1.7.0
           - flake8-bugbear==21.4.3
           - flake8-docstrings==1.6.0
           - pydocstyle==6.1.1
diff --git a/test_hashpipe.py b/test_hashpipe.py
index ac9b412..fc748e9 100644
--- a/test_hashpipe.py
+++ b/test_hashpipe.py
@@ -139,7 +139,9 @@ def test_ref_nongrouping() -> None:
             expected = _format_hash(hash_)
 
             hashpipe = Hashpipe(pattern=case.pattern, algorithm=algorithm, key=case.key)
-            assert hashpipe.hash_matches(case.data) == expected  # nosec: B101
+            assert (  # noqa: S101 # nosec: B101
+                hashpipe.hash_matches(case.data) == expected
+            )
 
             outbuf = BytesIO()
             with patch(
@@ -154,7 +156,7 @@ def test_ref_nongrouping() -> None:
                 ],
             ):
                 main(in_=(case.data,), out=outbuf)
-            assert outbuf.getvalue() == expected  # nosec: B101
+            assert outbuf.getvalue() == expected  # noqa: S101 # nosec: B101
 
 
 def test_grouping() -> None:
@@ -206,7 +208,9 @@ def test_grouping() -> None:
         hashpipe = Hashpipe(
             pattern=case.pattern, algorithm=case.algorithm, key=case.key
         )
-        assert hashpipe.hash_matches(case.data) == case.result  # nosec: B101
+        assert (  # noqa: S101 # nosec: B101
+            hashpipe.hash_matches(case.data) == case.result
+        )
 
         outbuf = BytesIO()
         with patch(
@@ -221,7 +225,7 @@ def test_grouping() -> None:
             ],
         ):
             main(in_=(case.data,), out=outbuf)
-        assert outbuf.getvalue() == case.result  # nosec: B101
+        assert outbuf.getvalue() == case.result  # noqa: S101 # nosec: B101
 
 
 def test_prefixing() -> None:
@@ -236,7 +240,7 @@ def test_prefixing() -> None:
         hashpipe = Hashpipe(
             pattern=re.compile(b".*"), algorithm=algorithm, key=key, prefix=prefix
         )
-        assert hashpipe.hash_matches(data) == expected  # nosec: B101
+        assert hashpipe.hash_matches(data) == expected  # noqa: S101 # nosec: B101
 
         outbuf = BytesIO()
         with patch(
@@ -253,7 +257,7 @@ def test_prefixing() -> None:
             ],
         ):
             main(in_=(b"",), out=outbuf)
-        assert outbuf.getvalue() == expected  # nosec: B101
+        assert outbuf.getvalue() == expected  # noqa: S101 # nosec: B101
 
 
 def test_invalid_cli_regex() -> None:
@@ -267,8 +271,10 @@ def test_available_algorithms() -> None:
     """Test finding available algorithms."""
     avail = _available_algorithms()
     # Some found?
-    assert avail  # nosec: B101
+    assert avail  # noqa: S101 # nosec: B101
     # Ones containing "with" have been excluded?
-    assert not any("with" in x for x in avail)  # nosec: B101
+    assert not any("with" in x for x in avail)  # noqa: S101 # nosec: B101
     # Non-lowercase variants have been excluded?
-    assert not any(x.lower() in avail for x in avail if x != x.lower())  # nosec: B101
+    assert not any(  # noqa: S101 # nosec: B101
+        x.lower() in avail for x in avail if x != x.lower()
+    )