Code Room
Code reviewHardcr-g134
Subject Missing validationLevel Senior–Staff~25 minCommon in Security interviewsIndustries Software development

Question

Review this TypeScript profile-update handler.

What a strong answer looks like

Separate real bugs from style. Rank issues by severity, point at the root cause rather than the symptom, and suggest a concrete fix — specific and kind.

Talk through your review
Code to reviewts
// PATCH /users/:idrouter.patch('/users/:id', requireAuth, async (req, res) => {  const updates = req.body;  const user = await User.findByPk(req.params.id);  if (!user) return res.status(404).json({ error: 'not found' });   Object.assign(user, updates);  await user.save();   res.json(user);});
Run or narrate your approach, then ask the coach.