TLS verification disabled | Critiq Docs

#Metadata

Rule ID: security.tls-verification-disabled
Severity: high
Confidence: 0.9
Languages: go, java, javascript, php, python, ruby, rust, typescript
Presets: recommended, security, strict
Stability: stable
Applies to: block
Tags: rules-catalog, security, tls, transport

#Why it matters

Trust-all TLS settings accept any certificate and undermine transport security.

#Remediation

Use trusted certificate validation and remove trust-all overrides outside local development.

#Repository path

The generated metadata points to critiq-rules/libs/rules/catalog/rules/shared/security.tls-verification-disabled.rule.yaml.

Back to registry Open rule in repository