The password_hashing_spec was using 'pending unless verifying_fixed?' which caused
confusing output in maintainer mode:
- Before: "1 example, 0 failures, 1 pending" with "(compared using ==)" message
- After: "1 example, 0 failures" - clean output
The spec now uses conditional expectations:
- Training mode: expects password is NOT MD5 hashed (test fails, vulnerability exists)
- Maintainer mode: expects password IS MD5 hashed (test passes, verifies vulnerability)
This addresses the "(compared using ==)" error message that @jasnow reported in issue #486.
Related to #486
* use bang version of save methods in the seeds file, so that when you fix validation,
it will at least explode, rather than silently failing to create users
* fix two tests where passwords are hardcoded so that they use stronger passwords,
since password complexity is not the important bit of either of those tests.
Ken Johnson