diff --git a/src/vunnel/cli/cli.py b/src/vunnel/cli/cli.py
index 87638fa9..5967dbdc 100644
--- a/src/vunnel/cli/cli.py
+++ b/src/vunnel/cli/cli.py
@@ -91,7 +91,6 @@ def cli(ctx: click.core.Context, verbose: bool, config_path: str) -> None:
 def show_config(cfg: config.Application) -> None:
     logging.info("showing application config")
 
-    # noqa
     class IndentDumper(yaml.Dumper):
         def increase_indent(self, flow: bool = False, indentless: bool = False) -> None:  # noqa: ARG002
             return super().increase_indent(flow, False)
diff --git a/src/vunnel/providers/amazon/parser.py b/src/vunnel/providers/amazon/parser.py
index 69a0de0d..fbbcd9b5 100644
--- a/src/vunnel/providers/amazon/parser.py
+++ b/src/vunnel/providers/amazon/parser.py
@@ -120,7 +120,7 @@ def get_package_name_version(pkg):
         if not pkg.endswith(".rpm"):
             pkg = pkg + ".rpm"
 
-        name, version, release, epoch, arch = rpm.split_rpm_filename(pkg)  # noqa
+        name, version, release, epoch, arch = rpm.split_rpm_filename(pkg)
 
         if release:
             return AlasFixedIn(pkg=name, ver=(version + "-" + release))
diff --git a/src/vunnel/providers/debian/parser.py b/src/vunnel/providers/debian/parser.py
index 5c218988..b9ea0809 100644
--- a/src/vunnel/providers/debian/parser.py
+++ b/src/vunnel/providers/debian/parser.py
@@ -128,7 +128,6 @@ def _get_cve_to_dsalist(self, dsa):
 
         return ns_cve_dsalist
 
-    # noqa
     def _parse_dsa_record(self, dsa_lines):  # noqa: C901
         """
 
@@ -188,7 +187,7 @@ def _parse_dsa_record(self, dsa_lines):  # noqa: C901
                     continue
 
             return dsa
-        except Exception:  # noqa
+        except Exception:
             self.logger.exception("failed to parse dsa record")
 
     def _get_dsa_map(self):
@@ -444,7 +443,7 @@ def _normalize_json(self, ns_cve_dsalist=None):  # noqa: PLR0912,PLR0915,C901
 
                             # retlists[relno].append(final_record)
 
-                    except Exception:  # noqa
+                    except Exception:
                         self.logger.exception(f"ignoring error parsing vuln: {vid}, pkg: {pkg}, rel: {rel}")
 
         self.logger.debug(f"metrics for advisory information: {json.dumps(adv_mets)}")
diff --git a/src/vunnel/providers/github/parser.py b/src/vunnel/providers/github/parser.py
index 636040a1..9e0241c2 100644
--- a/src/vunnel/providers/github/parser.py
+++ b/src/vunnel/providers/github/parser.py
@@ -51,7 +51,7 @@ def __init__(  # noqa: PLR0913
         download_timeout=125,
         api_url="https://api.github.com/graphql",
         logger=None,
-    ):  # noqa
+    ):
         self.db = db.connection(workspace.input_path, serializer="json")
         self.download_timeout = download_timeout
         self.api_url = api_url
@@ -232,7 +232,7 @@ def get_advisory(ghsaId, data):
     return {}
 
 
-def get_vulnerabilities(token, ghsaId, timestamp, vuln_cursor, parent_cursor):  # noqa
+def get_vulnerabilities(token, ghsaId, timestamp, vuln_cursor, parent_cursor):
     """
     In the improbable case that an Advisory is associated with more than 100
     (Github's GraphQL limit) these will need to get fetched until the cursor is
@@ -322,7 +322,6 @@ def needs_subquery(data):
     return False
 
 
-# noqa
 def graphql_advisories(cursor=None, timestamp=None, vuln_cursor=None):
     """
     The cursor needs to be the `endCursor` for the last successful query. The
diff --git a/src/vunnel/providers/oracle/parser.py b/src/vunnel/providers/oracle/parser.py
index 8c466823..f8460a8e 100644
--- a/src/vunnel/providers/oracle/parser.py
+++ b/src/vunnel/providers/oracle/parser.py
@@ -116,7 +116,7 @@ def _is_ksplice_version(cls, version) -> bool:
         :param version:
         :return:
         """
-        epoch, version, release = rpm.split_fullversion(version)  # noqa
+        epoch, version, release = rpm.split_fullversion(version)
         return cls.ksplice_regex.match(release) is not None
 
     def filter(self, vuln_dict: dict) -> dict:  # noqa: A003
@@ -135,7 +135,7 @@ def filter(self, vuln_dict: dict) -> dict:  # noqa: A003
         :param vuln_dict: dict of vulns where key is distro and version and value is the list of vulns for that version
         :return:
         """
-        for version, vuln in vuln_dict.values():  # noqa
+        for version, vuln in vuln_dict.values():  # noqa: B007
             fixes = vuln.get("Vulnerability", {}).get("FixedIn", [])
             if fixes:
                 pre_filter_fix_count = len(fixes)
diff --git a/src/vunnel/providers/rhel/parser.py b/src/vunnel/providers/rhel/parser.py
index d88a1475..d33d5278 100644
--- a/src/vunnel/providers/rhel/parser.py
+++ b/src/vunnel/providers/rhel/parser.py
@@ -134,7 +134,7 @@ def _process_minimal_cve(self, min_cve_api, do_full_sync, min_cve_dir, full_cve_
             raise  # raise the original exception
 
     # TODO: ALEX, should skip_if_exists be hooked up here? (currently unused)
-    def _sync_cves(self, skip_if_exists=False, do_full_sync=True):  # noqa
+    def _sync_cves(self, skip_if_exists=False, do_full_sync=True):  # noqa: PLR0915, PLR0912, C901
         """
         Download minimal or summary cve and compare it to persisted state on disk. If no persisted state is found or a
         a change is detected, full cve is downloaded
diff --git a/src/vunnel/providers/sles/parser.py b/src/vunnel/providers/sles/parser.py
index cbb9e6bf..805a50f3 100644
--- a/src/vunnel/providers/sles/parser.py
+++ b/src/vunnel/providers/sles/parser.py
@@ -239,7 +239,7 @@ def _transform_oval_vulnerabilities(cls, major_version: str, parsed_dict: dict)
         if not vulnerabilities_dict or not tests_dict or not artifacts_dict or not versions_dict:
             return results
 
-        for identity, vulnerability_obj in vulnerabilities_dict.items():  # noqa
+        for identity, vulnerability_obj in vulnerabilities_dict.items():  # noqa: B007
             # version->release->feed map
             version_release_feed = defaultdict()
 
diff --git a/src/vunnel/providers/wolfi/parser.py b/src/vunnel/providers/wolfi/parser.py
index 9a18c383..a5f6e8e8 100644
--- a/src/vunnel/providers/wolfi/parser.py
+++ b/src/vunnel/providers/wolfi/parser.py
@@ -79,7 +79,6 @@ def _load(self):
             self.logger.exception(f"failed to load {self.namespace} sec db data")
             raise
 
-    # noqa
     def _normalize(self, release, data):
         """
         Normalize all the sec db entries into vulnerability payload records
diff --git a/src/vunnel/result.py b/src/vunnel/result.py
index 98610cea..3fdd4ba7 100644
--- a/src/vunnel/result.py
+++ b/src/vunnel/result.py
@@ -195,7 +195,7 @@ def close(self, successful: bool) -> None:
 
 
 class Writer:
-    def __init__(  # noqa
+    def __init__(  # noqa: PLR0913
         self,
         workspace: Workspace,
         result_state_policy: ResultStatePolicy,
diff --git a/src/vunnel/utils/vulnerability.py b/src/vunnel/utils/vulnerability.py
index feae3553..9d48c94c 100644
--- a/src/vunnel/utils/vulnerability.py
+++ b/src/vunnel/utils/vulnerability.py
@@ -1,4 +1,3 @@
-# noqa
 from __future__ import annotations
 
 from dataclasses import asdict, dataclass, field
diff --git a/tests/quality/configure.py b/tests/quality/configure.py
index 29280000..2aa7b577 100644
--- a/tests/quality/configure.py
+++ b/tests/quality/configure.py
@@ -206,7 +206,6 @@ def cli(ctx, verbose: bool, config_path: str):
 def show_config(cfg: Config):
     logging.info("showing application config")
 
-    # noqa
     class IndentDumper(yaml.Dumper):
         def increase_indent(self, flow: bool = False, indentless: bool = False) -> None:  # noqa: ARG002
             return super().increase_indent(flow, False)
diff --git a/tests/unit/providers/github/test_github.py b/tests/unit/providers/github/test_github.py
index a1b73749..d0a8a252 100644
--- a/tests/unit/providers/github/test_github.py
+++ b/tests/unit/providers/github/test_github.py
@@ -284,7 +284,7 @@ def test_no_cursor_no_timestamp(self):
         assert (
             line
             == "securityAdvisories(orderBy: {field: PUBLISHED_AT, direction: ASC}, classifications: [GENERAL, MALWARE], first: 100) {"
-        )  # noqa
+        )
 
     def test_no_cursor_with_timestamp_changes_field(self):
         # first run after a successful run
@@ -305,7 +305,7 @@ def test_cursor_no_timestamp(self):
         assert (
             line
             == 'securityAdvisories(orderBy: {field: PUBLISHED_AT, direction: ASC}, after: "FXXF==", classifications: [GENERAL, MALWARE], first: 100) {'
-        )  # noqa
+        )
 
     def test_cursor_with_timestamp(self):
         # subsequent request after a successful run(s) because a timestamp has
@@ -316,7 +316,7 @@ def test_cursor_with_timestamp(self):
         assert (
             line
             == ', after: "FXXF==", updatedSince: "2019-02-06T20:44:12.371565", classifications: [GENERAL, MALWARE], first: 100) {'
-        )  # noqa
+        )
 
     def test_cursor_with_timestamp_changes_field(self):
         # subsequent request after a successful run(s) because a timestamp has
@@ -324,7 +324,7 @@ def test_cursor_with_timestamp_changes_field(self):
         result = parser.graphql_advisories(cursor="FXXF==", timestamp="2019-02-06T20:44:12.371565")
         line = result.split("\n")[2].strip()
         line = line.split("}")[0]
-        assert line == "securityAdvisories(orderBy: {field: UPDATED_AT, direction: ASC"  # noqa
+        assert line == "securityAdvisories(orderBy: {field: UPDATED_AT, direction: ASC"
 
 
 class TestNeedsSubquery: