I don’t disagree with this, but your point about automatic audits… It’s always a learning curve to prevent silly shit like heartbleed from getting into the system. But the idea that there was no check against this when it was first PR’d seems almost absurd. This is why sticking hard to API and design specs and building testing around them is so important.
I don’t disagree with this, but your point about automatic audits… It’s always a learning curve to prevent silly shit like heartbleed from getting into the system. But the idea that there was no check against this when it was first PR’d seems almost absurd. This is why sticking hard to API and design specs and building testing around them is so important.
I’m sure they learnt a valuable lesson there.