Ken Johnson 7afaabdb9b Remove confusing pending status from password_hashing_spec ...

The password_hashing_spec was using 'pending unless verifying_fixed?' which caused
confusing output in maintainer mode:
- Before: "1 example, 0 failures, 1 pending" with "(compared using ==)" message
- After: "1 example, 0 failures" - clean output

The spec now uses conditional expectations:
- Training mode: expects password is NOT MD5 hashed (test fails, vulnerability exists)
- Maintainer mode: expects password IS MD5 hashed (test passes, verifies vulnerability)

This addresses the "(compared using ==)" error message that @jasnow reported in issue #486.

Related to #486

2026-01-04 17:38:40 -05:00

..

broken_auth_spec.rb

please robot overlords, plus verbiage change

2017-12-13 08:37:23 -06:00

command_injection_spec.rb

changed user_id to id

2017-12-19 08:26:02 -05:00

csrf_spec.rb

update tutorial links

2019-11-20 14:27:56 -05:00

insecure_dor_spec.rb

clean up insecure_dor_spec

2019-11-20 09:24:24 -05:00

mass_assignment_spec.rb

clean up mass_assignment_spec

2019-11-20 17:06:23 -05:00

password_complexity_spec.rb

refactor vulnerabilities so that users can turn them from failing to passing

2017-12-13 08:33:50 -06:00

password_hashing_spec.rb

Remove confusing pending status from password_hashing_spec

2026-01-04 17:38:40 -05:00

sensitive_data_exposure.rb

Upgraded Ruby to 2.7.0-preview1 and Rails to 6.0.0 - fixed 1 spec

2019-09-09 15:13:29 -04:00

sql_injection_spec.rb

Upgraded Ruby to 2.7.0-preview1 and Rails to 6.0.0 - fixed 1 spec

2019-09-09 15:13:29 -04:00

unvalidated_redirects_spec.rb

validate root is localhost in redirect_spec

2019-11-21 09:07:38 -05:00

url_access_spec.rb

clean up url_access_spec

2019-11-20 07:53:25 -05:00

xss_spec.rb

changed user_id to id

2017-12-19 08:26:02 -05:00