• DoomBot5@lemmy.world
    link
    fedilink
    English
    arrow-up
    24
    arrow-down
    4
    ·
    1 year ago

    Eh, I can see how it’s missed by testing. The tests probably cover testing non-compliant passwords failing and compliant passwords passing. They were probably updated at the same time the password compliance was updated.

    Missing an edge case like this isn’t good, but it’s not that uncommon.

    • ViewSonik@lemmy.world
      link
      fedilink
      arrow-up
      9
      arrow-down
      5
      ·
      1 year ago

      Again, a basic code quality issue. If they missed this basic functional code issue, what else did they miss that is exploitable….