|
|
|
|
|
|
by MereInterest
16 days ago
|
|
|
The problem with feature tests is that you then rely on the test code being correct. A typo in the feature test can erroneously be interpreted as lack of that feature. One step of the 2024 supply-chain attack on xz utils was to disable a security feature by introducing a feature test with an intentional typo. Even knowing that this commit[0] contains an intentional typo, I had to re-read the diff a few times to actually find it. [0] https://git.tukaani.org/?p=xz.git;a=commitdiff;h=a100f9111c8... |
|
|
It's an interesting point though that the parts of a program that don't fail loudly are prone to having bugs go unnoticed.