PyCQA · ericwb · Jul 7, 2022 · Apr 15, 2021 · Jul 7, 2022 · Jul 7, 2022
@@ -33,6 +33,7 @@
 |      |                     | - dill.Unpickler                   |           |
 |      |                     | - shelve.open                      |           |
 |      |                     | - shelve.DbfilenameShelf           |           |
+|      |                     | - jsonpickle.decode                |           |
 +------+---------------------+------------------------------------+-----------+
 
 B302: marshal
@@ -341,7 +342,8 @@ def gen_blacklist():
          'dill.load',
          'dill.Unpickler',
          'shelve.open',
-         'shelve.DbfilenameShelf'],
+         'shelve.DbfilenameShelf',
+         'jsonpickle.decode'],
         'Pickle and modules that wrap it can be unsafe when used to '
         'deserialize untrusted data, possible security issue.'
     ))