Yes, but not all projects for example in some startups have complex unit tests for all aspects, obviously it is bad practice, but it is real. This is a simple 2 minute fix, but yes, you should have unit tests + test engineers. Thanks 💖
I think it would be possible to write malicious code that passes the unit tests. For example, what if the code in the article gave the user admin access if they are a legitimate admin or if their username is "fluffy-bunny"?
Some comments have been hidden by the post's author - find out more
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
"What if it has already happened to us?" You do have unit tests, don't you?
Yes, but not all projects for example in some startups have complex unit tests for all aspects, obviously it is bad practice, but it is real. This is a simple 2 minute fix, but yes, you should have unit tests + test engineers. Thanks 💖
I think it would be possible to write malicious code that passes the unit tests. For example, what if the code in the article gave the user admin access if they are a legitimate admin or if their username is "fluffy-bunny"?