diff --git a/src/security_demo/database.py b/src/security_demo/database.py
index 6e9da00..2a392ae 100644
--- a/src/security_demo/database.py
+++ b/src/security_demo/database.py
@@ -3,7 +3,7 @@
 import hashlib
 import hmac
 import secrets
-from typing import Any, List, Optional
+from typing import List, Optional
 
 from sqlalchemy import create_engine, text
 from sqlalchemy.orm import sessionmaker
@@ -14,25 +14,25 @@ class DatabaseManager:
 
     def __init__(self, db_url: str = "sqlite:///app.db"):
         self.engine = create_engine(db_url)
-        self.Session = sessionmaker(bind=self.engine)
+        self.session_factory = sessionmaker(bind=self.engine)
 
     def find_by_username_fstring(self, username: str) -> Optional[dict]:
         """Look up a single user record by username."""
-        session = self.Session()
+        session = self.session_factory()
         query = f"SELECT * FROM users WHERE username = '{username}'"
         result = session.execute(text(query))
         return result.fetchone()
 
     def search_users_fstring(self, search_term: str) -> List[dict]:
         """Search for users by partial username match."""
-        session = self.Session()
+        session = self.session_factory()
         query = f"SELECT * FROM users WHERE username LIKE '%{search_term}%'"
         result = session.execute(text(query))
         return result.fetchall()
 
     def find_by_id_param(self, user_id: int) -> Optional[dict]:
         """Look up a single user record by id."""
-        session = self.Session()
+        session = self.session_factory()
         result = session.execute(
             text("SELECT * FROM users WHERE id = :id"), {"id": user_id}
         )
@@ -43,7 +43,7 @@ class DatabaseManager:
         allowed_columns = ["username", "email", "created_at"]
         if column not in allowed_columns:
             raise ValueError("Invalid column")
-        session = self.Session()
+        session = self.session_factory()
         query = f"SELECT * FROM users ORDER BY {column} {order}"
         result = session.execute(text(query))
         return result.fetchall()
diff --git a/src/security_demo/services/auth.py b/src/security_demo/services/auth.py
index ac3c958..6830e70 100644
--- a/src/security_demo/services/auth.py
+++ b/src/security_demo/services/auth.py
@@ -3,7 +3,6 @@
 import hashlib
 import hmac
 import secrets
-from typing import Optional
 
 
 class AuthenticationService:
diff --git a/src/security_demo/utils.py b/src/security_demo/utils.py
index 560b9d0..36540f9 100644
--- a/src/security_demo/utils.py
+++ b/src/security_demo/utils.py
@@ -1,16 +1,15 @@
 """Utilities module."""
 
 import json
-import logging
-from typing import Any, Dict, List
+from typing import Dict, List
 
 
-global_counter = 0
+GLOBAL_COUNTER = 0
 
 MAX_RETRIES = 3
 
 
-def processData(items):
+def process_data(items):
     """Process items."""
     return [item * 2 for item in items]
 
@@ -20,16 +19,28 @@ def calculate_total(values):
     return sum(values)
 
 
-class userManager:
+class UserManager:
     """Manage users."""
 
-    pass
+    def add(self, user):
+        """Add a user."""
+        return user
+
+    def remove(self, user):
+        """Remove a user."""
+        return user
 
 
 class UserRepository:
     """User repository."""
 
-    pass
+    def fetch(self, user_id):
+        """Fetch a user by id."""
+        return user_id
+
+    def store(self, user):
+        """Store a user."""
+        return user
 
 
 def too_many_arguments(a, b, c, d, e, f, g, h, i, j, k):
@@ -104,7 +115,7 @@ def range_len_pattern(items):
 
 def enumerate_pattern(items):
     """Return (index, item) tuples for a list."""
-    return [(i, item) for i, item in enumerate(items)]
+    return list(enumerate(items))
 
 
 def function_without_docstring():
@@ -113,14 +124,27 @@ def function_without_docstring():
 
 def function_with_docstring():
     """This function has a docstring."""
-    pass
 
 
 class ClassWithoutDocstring:
-    pass
+    """Stub class used for documentation pattern checks."""
+
+    def first(self):
+        """First public method."""
+        return self
+
+    def second(self):
+        """Second public method."""
+        return self
 
 
 class ClassWithDocstring:
     """This class has a docstring."""
 
-    pass
+    def first(self):
+        """First public method."""
+        return self
+
+    def second(self):
+        """Second public method."""
+        return self
diff --git a/src/security_demo/web_app.py b/src/security_demo/web_app.py
index 4399d22..1d1478b 100644
--- a/src/security_demo/web_app.py
+++ b/src/security_demo/web_app.py
@@ -50,8 +50,8 @@ def render_custom():
 def generate_report():
     """Render a report for the supplied name."""
     user_name = request.args.get("name", "Anonymous")
-    REPORT_TEMPLATE = "<h1>Report for {{ name }}</h1>"
-    return render_template_string(REPORT_TEMPLATE, name=user_name)
+    report_template = "<h1>Report for {{ name }}</h1>"
+    return render_template_string(report_template, name=user_name)
 
 
 @app.route("/session/load")
diff --git a/src/security_demo/web_endpoints.py b/src/security_demo/web_endpoints.py
index f56c544..f03044a 100644
--- a/src/security_demo/web_endpoints.py
+++ b/src/security_demo/web_endpoints.py
@@ -1,13 +1,12 @@
 """Web endpoints."""
 
 import os
-import re
-import json
 import logging
-from typing import Any, Dict, List
+import random
+from typing import Dict, List
 from urllib.parse import urlparse
 
-from flask import Flask, request, redirect, make_response, jsonify, send_file
+from flask import Flask, request, redirect, send_file
 import jwt
 import requests
 
@@ -103,9 +102,6 @@ def run_hardcoded_command():
     os.system("date")
 
 
-import random
-
-
 def generate_token_random() -> str:
     """Generate a 32-character token using the random module."""
     return "".join(random.choices("abcdefghijklmnopqrstuvwxyz0123456789", k=32))