diff --git a/sandboxed_api/sandbox2/monitor_ptrace.cc b/sandboxed_api/sandbox2/monitor_ptrace.cc
index 74f3a18c..15c3bf23 100644
--- a/sandboxed_api/sandbox2/monitor_ptrace.cc
+++ b/sandboxed_api/sandbox2/monitor_ptrace.cc
@@ -657,8 +657,9 @@ bool PtraceMonitor::InitPtraceAttach() {
 void PtraceMonitor::ActionProcessSyscall(Regs* regs, const Syscall& syscall) {
   // If the sandboxing is not enabled yet, allow the first __NR_execveat.
   if (syscall.nr() == __NR_execveat && !IsActivelyMonitoring()) {
-    VLOG(1) << "[PERMITTED/BEFORE_EXECVEAT]: " << "SYSCALL ::: PID: "
-            << regs->pid() << ", PROG: '" << util::GetProgName(regs->pid())
+    VLOG(1) << "[PERMITTED/BEFORE_EXECVEAT]: "
+            << "SYSCALL ::: PID: " << regs->pid() << ", PROG: '"
+            << util::GetProgName(regs->pid())
             << "' : " << syscall.GetDescription();
     ContinueProcess(regs->pid(), 0);
     return;
@@ -692,7 +693,7 @@ void PtraceMonitor::ActionProcessSyscall(Regs* regs, const Syscall& syscall) {
     return;
   }
 
-  ActionProcessSyscallViolation(regs, syscall, ViolationType::kSyscall);
+  ActionProcessSyscallViolation(regs, syscall, kSyscallViolation);
 }
 
 void PtraceMonitor::ActionProcessSyscallViolation(
@@ -743,8 +744,7 @@ void PtraceMonitor::EventPtraceSeccomp(pid_t pid, int event_msg) {
   // If the architecture of the syscall used is different that the current host
   // architecture, report a violation.
   if (syscall_arch != Syscall::GetHostArch()) {
-    ActionProcessSyscallViolation(&regs, syscall,
-                                  ViolationType::kArchitectureSwitch);
+    ActionProcessSyscallViolation(&regs, syscall, kArchitectureSwitchViolation);
     return;
   }
 
@@ -781,18 +781,18 @@ void PtraceMonitor::EventPtraceNewProcess(pid_t pid, int event_msg) {
   // ptrace doesn't issue syscall-exit-stops for successful fork/vfork/clone
   // system calls. Check if the monitor wanted to inspect the syscall's return
   // value, and call EventSyscallReturn for the parent process if so.
-  if (auto index = syscalls_in_progress_.find(pid);
-      index != syscalls_in_progress_.end()) {
+  auto index = syscalls_in_progress_.find(pid);
+  if (index != syscalls_in_progress_.end()) {
     auto syscall_nr = index->second.nr();
     bool creating_new_process = syscall_nr == __NR_clone;
 #ifdef __NR_clone3
-    creating_new_process |= syscall_nr == __NR_clone3;
+    creating_new_process = creating_new_process || syscall_nr == __NR_clone3;
 #endif
 #ifdef __NR_fork
-    creating_new_process |= syscall_nr == __NR_fork;
+    creating_new_process = creating_new_process || syscall_nr == __NR_fork;
 #endif
 #ifdef __NR_vfork
-    creating_new_process |= syscall_nr == __NR_vfork;
+    creating_new_process = creating_new_process || syscall_nr == __NR_vfork;
 #endif
     if (!creating_new_process) {
       LOG(ERROR) << "Expected a fork/vfork/clone syscall in progress in PID "
@@ -861,9 +861,8 @@ void PtraceMonitor::EventPtraceExit(pid_t pid, int event_msg) {
   // Process signaled due to seccomp violation.
   if (is_seccomp) {
     VLOG(1) << "PID: " << pid << " violation uncovered via the EXIT_EVENT";
-    ActionProcessSyscallViolation(regs.get(),
-                                  regs->ToSyscall(Syscall::GetHostArch()),
-                                  ViolationType::kSyscall);
+    ActionProcessSyscallViolation(
+        regs.get(), regs->ToSyscall(Syscall::GetHostArch()), kSyscallViolation);
     return;
   }
 
diff --git a/sandboxed_api/sandbox2/monitor_unotify.cc b/sandboxed_api/sandbox2/monitor_unotify.cc
index 91f94d96..70865b68 100644
--- a/sandboxed_api/sandbox2/monitor_unotify.cc
+++ b/sandboxed_api/sandbox2/monitor_unotify.cc
@@ -185,8 +185,8 @@ void UnotifyMonitor::HandleUnotify() {
                    req_->data.args[3], req_->data.args[4], req_->data.args[5]},
                   req_->pid, 0, req_->data.instruction_pointer);
   ViolationType violation_type = syscall.arch() == Syscall::GetHostArch()
-                                     ? ViolationType::kSyscall
-                                     : ViolationType::kArchitectureSwitch;
+                                     ? kSyscallViolation
+                                     : kArchitectureSwitchViolation;
   LogSyscallViolation(syscall);
   notify_->EventSyscallViolation(syscall, violation_type);
   MaybeGetStackTrace(req_->pid, Result::VIOLATION);
@@ -285,8 +285,7 @@ void UnotifyMonitor::Run() {
 }
 
 void UnotifyMonitor::SetExitStatusFromStatusPipe() {
-  int code;
-  int status;
+  int code, status;
   rusage usage;
 
   std::vector<iovec> iov = {
diff --git a/sandboxed_api/sandbox2/notify.h b/sandboxed_api/sandbox2/notify.h
index bce522c9..0195428b 100644
--- a/sandboxed_api/sandbox2/notify.h
+++ b/sandboxed_api/sandbox2/notify.h
@@ -19,8 +19,6 @@
 
 #include <sys/types.h>
 
-#include <cstdint>
-
 #include "absl/base/attributes.h"
 #include "absl/log/log.h"
 #include "sandboxed_api/sandbox2/comms.h"
@@ -30,11 +28,11 @@
 
 namespace sandbox2 {
 
-enum class ViolationType {
+enum ViolationType {
   // A syscall disallowed by the policy was invoked.
-  kSyscall,
+  kSyscallViolation,
   // A syscall with cpu architecture not covered by the policy was invoked.
-  kArchitectureSwitch,
+  kArchitectureSwitchViolation,
 };
 
 class Notify {