Security Bugs, a Missed Learning Opportunity
Security is easy, or at least it could be. Developers who have the experience and exposure to some of the many security bugs that could exist in code already know this.
While there may be a variety of security bug types out there, the patches that are needed are typically simple, and some could only be one function call away. Over the years, security experts have reported a fair number of security bugs to developers, open source and not. When a developer is familiar with security, they have no problem patching quickly. Unfortunately, the opposite is true too. When a security bug report goes unanswered or is ignored, this is seen as a potential learning experience that is being missed by that developer.
All developers, young and old, junior and senior should embrace security as a topic to study, to discuss, and to collaborate with one another. By sharing notes about what they know about security topics with each other, it will only make the community better.
Here's how you can do it, and this is especially useful for anyone in between projects or jobs. It is also true if you're just starting out as a WordPress or WooCommerce developer. Do some source code review. If you spot and confirm a security bug, let the project owners know, respectfully, of course. Because you might just be talking to a new future boss or colleague. This just might be a great way to help the community while building your own resume and proving your knowledge in security as a WooCommerce or WordPress developer.
This tip comes from Robert Rowley at Patchstack. You can listen to more WooCommerce and WordPress builder tips here.