diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
index d4922be528072967648441f26720479728ca28f9..1a931553c77625b5ceed06dad9d878c3a34b7c42 100644
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@@ -38,7 +38,7 @@ repos:
         args: ["--filter-files", "--profile", "black"]
 
   - repo: https://github.com/ambv/black
-    rev: 21.8b0
+    rev: 22.6.0
     hooks:
       - id: black
         exclude: &excluded_pythonscripts pythonrc.py|rabbitmqadmin
diff --git a/Documents/bin/download-password-db b/Documents/bin/download-password-db
index 04894cb0d5fac94a2201b4ed83c78cdef5f1d86c..c1003accbf4b56d9065fe6195252a45ee8277d66 100755
--- a/Documents/bin/download-password-db
+++ b/Documents/bin/download-password-db
@@ -18,6 +18,18 @@ DEST = os.path.expanduser(f"~/{ os.path.dirname(DB_PATH) }")
 SOURCE = f"nextcloud:{DB_PATH}"
 
 
+def close_passhole():
+    """Try to close passhole. Ignore all failures including no open database
+    and failed import (to avoid dependency on passhole)."""
+    try:
+        # pylint: disable=import-outside-toplevel
+        from pykeepass_cache.pykeepass_cache import close
+
+        close()
+    except (ImportError, OSError):
+        pass
+
+
 if __name__ == "__main__":
     username = input(f"Enter username (defaults to {getpass.getuser()}): ")
     if not username:
@@ -31,6 +43,7 @@ if __name__ == "__main__":
         check=True,
         text=True,
     ).stdout.strip()
+    close_passhole()
     os.execvp(  # nosec
         "rclone",
         [