What's the root cause of these issues? Did older test sets somehow get recovered or something like that?
I'm taking this at face value admittedly, since I don't know the provenance behind this github account or even whether it is related to production code.
twitter-text.gem - Text processing routines for Tweets.
Since twitter does contribute to open source software, it is highly likely that the source is related closely to production code.
It seems they fixed it by now so I can't check.
Not quite the same flaw but very similar - caused by unescaped URLs
And my extremely cynical side would like to point out that that by many measures this incident benefits twitter as a company; they get free headlines, they are seen publicly fixing a problem in a timely manner, and they get more loyal followers. Not that there is some machiavellian plan at work, but there may be reasons beyond time poverty and careless software engineering that explain why something like this might not have been fixed even though some people may have been aware it was broken.