🐛 Flaw in Test Suite: HighSchoolSweetheart::pair can be hardcoded and still pass
Description
The test suite for Task 4 ("Put the initials inside of the heart") does not sufficiently validate that the pair() method dynamically processes the input arguments ($sweetheart_a and $sweetheart_b).
Currently, it is possible to bypass the logic entirely by hardcoding a static HEREBY/HEREDOC string with specific initials directly into the method body.
Steps to Reproduce / Proof of Concept
If I replace the entire logic of the pair method with a hardcoded string like this:
public function pair(string $sweetheart_a, string $sweetheart_b): string
{
$expected = <<<EXPECTED_HEART
****** ******
** ** ** **
** ** ** **
** * **
** **
** A. B. + C. D. **
** **
** **
** **
** **
** **
** **
***
*
EXPECTED_HEART;
return $expected;
}
🐛 Flaw in Test Suite:
HighSchoolSweetheart::paircan be hardcoded and still passDescription
The test suite for Task 4 ("Put the initials inside of the heart") does not sufficiently validate that the
pair()method dynamically processes the input arguments ($sweetheart_aand$sweetheart_b).Currently, it is possible to bypass the logic entirely by hardcoding a static HEREBY/HEREDOC string with specific initials directly into the method body.
Steps to Reproduce / Proof of Concept
If I replace the entire logic of the
pairmethod with a hardcoded string like this:public function pair(string $sweetheart_a, string $sweetheart_b): string
{
$expected = <<<EXPECTED_HEART
****** ******
** ** ** **
** ** ** **
** * **
** **
** A. B. + C. D. **
** **
** **
** **
** **
** **
** **
***
*
EXPECTED_HEART;
return $expected;
}