A routine patch update to a date-formatting library changed its locale handling. The change was semver-compliant. Tests passed. The bug shipped to production and silently corrupted date-sensitive financial reports for 12 hours.
Financial reports with wrong dates aren't just cosmetically broken — they trigger compliance violations when audited. Downstream systems that ingested the corrupted reports needed to be identified, notified, and re-fed corrected data. The blast radius extended beyond the application boundary.
You're the platform lead at a financial services company. A patch update to a date-formatting library shipped through your automated dependency pipeline and changed how dates render in certain locales. Tests passed — they don't cover locale-specific formatting. Financial reports have been rendering incorrect dates for 12 hours. You've identified the cause. What do you do about the dependency pipeline?
No hints. Just judgment.
Adding tests for the specific failure mode that just occurred is the intuitive response — close the gap that was exposed. But dependency changes are unpredictable by nature. You can't write tests for behavioral changes you haven't imagined yet. Test coverage for known failure modes is necessary but not sufficient. The gap that matters isn't the missing test — it's the missing validation layer between dependency change and production.