diff --git a/multischleuder/api.py b/multischleuder/api.py
index f5a9b89..aef04f4 100644
--- a/multischleuder/api.py
+++ b/multischleuder/api.py
@@ -49,7 +49,7 @@ class SchleuderApi:
             context = None
         # Perform the actual request
         req = urllib.request.Request(url, data=payload, method=method, headers=self._headers)
-        resp = urllib.request.urlopen(req, context=context)
+        resp = urllib.request.urlopen(req, context=context)  # nosec B310 baseurl is trusted
         respdata: str = resp.read().decode()
         if len(respdata) > 0:
             return json.loads(respdata)
diff --git a/multischleuder/conflict.py b/multischleuder/conflict.py
index 628065f..3aca7dd 100644
--- a/multischleuder/conflict.py
+++ b/multischleuder/conflict.py
@@ -174,7 +174,7 @@ class KeyConflictResolution:
         # Sort so the hash stays the same if the set of subscriptions is the same.
         # There is no guarantee that the subs are in any specific order.
         subs: List[SchleuderSubscriber] = sorted(candidates, key=lambda x: x.schleuder)
-        h = hashlib.new('sha1')
+        h = hashlib.new('sha1')  # nosec B324
         # Include the chosen email an source sub-list
         h.update(struct.pack('!sd',
                              chosen.email.encode(),
@@ -191,7 +191,7 @@ class KeyConflictResolution:
         # Sort so the hash stays the same if the set of subscriptions is the same.
         # There is no guarantee that the subs are in any specific order.
         subs: List[SchleuderSubscriber] = sorted(candidates, key=lambda x: x.schleuder)
-        h = hashlib.new('sha1')
+        h = hashlib.new('sha1')  # nosec B324
         assert chosen.key is not None  # Make mypy happy; it can't know that chosen.key can't be None
         # Include the chosen email an source sub-list
         h.update(struct.pack('!ssd',