One thing this highlights is that we could really use better testing
and security review process. I'll write andÂ
Using some static analysis tool would be good too - not sure if that's in use already.
A good process for adding new features is to add tests with them. Even if there is only a test for expected behaviour, at least it will catch one possible regression.