bert.hausmans
824b28897e
The catch-all error handler (for anti-email-enumeration) was also swallowing 422 validation errors, making it appear that a reset email was sent even for empty or invalid input. Now 422 responses are excluded from the catch — the user stays on the form so the field-level validation messages remain visible. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>