✅ Reviewed PR
✅ It passed tests
❌ It quietly broke access for users

The most subtle bugs aren't in the code you write - they're in the code you approve without enough context.

This is a short story about a seemingly harmless line in a PR that I reviewed - and how it taught me to slow down, even with small changes.

The line of code below,

if(!user.isVerified) return;

intention behind this was good not to allow unverified users to proceed into the app.

But this return statement wasn't part of larger flow. It was inside a route guard - and it exited silently, without a redirect, message or error.

🔥 What Happened

• User who signed up with Google or Github (OAuth) were marked isVerified=false
• This line caused the app to fail to load the protected dashboard, but displayed no error
• The app just failed silently with blank screen to user.

✅ The Fix

A fallback route with clear message was added and tested both social and email/password flows going forward.

if(!user.isVerified) {
    this.route.navigate(['/verify-email']);
    return;
}

🧠 Real world dev lesson from more than a decade of experience
💬 I'd love to hear your most unexpected regrets too