I recently found out that there is a built-in JWT decoder in Visual Studio's Text Visualizer. This made my life just a bit easier when debugging token issues this past week - instead of copying out the string and dropping it onto a third party site like jwt.io, I could see the token's values right in Visual Studio.

I'm working on updating packages on multiple projects to eliminate vulnerable nuget packages. We have been doing this on a recurring basis for some time, but I recently got a script built to do better searches across transitive dependencies in all projects under a given path. And... it's exposed quite a few more packages that need to be updated. The basic command I'm using to identify vulnerable packages is dotnet list package --vulnerable --include-transitive.