Added community rule to detect the decoding of a JWT token without a verify step (!347) · Merge requests · GitLab.org / security-products / sast-rules

Added community rule to detect the decoding of a JWT token without a verify step Issue - gitlab-org/gitlab#438809 (closed)

I couldn’t locate a mapping for this bug pattern in SpotBugs. Could you please advise on the additions needed for the mapping file?

Added community rule to detect the decoding of a JWT token without a verify step