Default fields validation

I have an issue directly related to this older post, so it feels right to post it here as a follow up in case anyone searching like I was comes across this topic.

I created some custom registration fields and kept the default username option available (meaning: no email as username), however, I noticed the username field does not have validation even though it is a core WordPress field. For example: if someone typed in random non-English/Latin characters in the username like السلام123, the registration form would actually be submitted successfully, a confirmation displayed, but the user creation failed without visible errors at all.

I quickly set up a separate plain WordPress installation without Meta Box AIO and my custom form to see what the default WP behavior would be if that happened, and it turns out WordPress' default registration form only validates after you attempt to submit - so it would not check the username OR email fields until you clicked submit. After that, it would give an error: Error: This username is invalid because it uses illegal characters. Please enter a valid username.

My issue with the Meta Box user registration form only happened with the username field. The email was validated correctly before even submitting (even better than the default WordPress form).

It would be fine if the username field at least behaved like the default WordPress behavior and warned me after submitting instead of silently accepting the incorrect username characters. But ideally, it would be better if it had proper validation like the email field.

Is this username field validation something that can be fixed or addressed or did you intentionally leave it out intending the WordPress behavior to be a catch-all or fallback? Or is it actually there but something in my setup made it not work? (If so, how do I debug this to check?)

At the moment, I created a temporary mu-plugin to add validation for the username field so now it behaves as expected when I am using a Meta Box customized registration form. It enforces strict username validation (Latin letters, numbers, dots, underscores, hyphens only) with client-side and server-side validation. I did not make it to work with the default WP form as my only interest now is to ensure the username field made by the Meta Box user registration shortcode had proper validation for the username field, since I want to continue using the custom form I have. But, I would appreciate if such a fix could me made in the Meta Box plugin (if it needs fixing) or appreciate any other guidance you can offer on this so I don't have to use my temporary plugin solution. I made it with the help of AI to resolve this real quickly but prefer a human logically coded solution for the long term.