Don't forget you can use AI to turn a 50 word blog post into a 2,000 word one!

For real. The bullet-point summary at the beginning with a "Why this matters for..." immediately followed by, "This isn't just a theoretical exercise—it's a real example of..." Dead giveaways.

Exactly this! AI fluff all over in that article.

You're absolutely right!

It also talks about using PBT and Randomness for some reason. This is clearly just a test value of a non-AI library written by a human.

My take away is “don’t write your own input tests, use a library”. The rest is AI-slip

Theoretically a good fuzzer could discover this value by itself, but I don’t believe anything like that exists that could run JS code and explore VM-level branches, at least not for JS code that’s even this complex. Otherwise, yes, PBT is less trivial than it seems, though I’m guessing a simple `strings jsc` coupled with general knowledge of special values of other types[1,2] could get you quite far.

[1] https://www.exploringbinary.com/php-hangs-on-numeric-value-2...

[2] https://www.exploringbinary.com/java-hangs-when-converting-2...

Didn't react just have basically the same vuln

The code in TFA is, by a hair’s breadth, not actually vulnerable, as long as the type signature of the function is obeyed. React spinned the same gun in the game of Russian roulette but was less lucky.