Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Fix: leet detector firing on prose with version numbers (encoded-payload FP)#238

Merged
twschiller merged 1 commit into
mainfrom
fix-leet-version-number-false-positive
Jun 9, 2026
Merged

Fix: leet detector firing on prose with version numbers (encoded-payload FP)#238
twschiller merged 1 commit into
mainfrom
fix-leet-version-number-false-positive

Conversation

@twschiller

Copy link
Copy Markdown
Contributor

Problem

The leetspeak sub-rule of encoded-payload-redact produced false positives on ordinary English prose that contained a version number. Reported on the github.blog npm v12 changelog, where lines like:

Upgrade to npm 11.16.0 or later, run your normal install, and review the warnings.

were redacted as [encoded payload hidden].

Root cause

  1. 11.16.0 supplies four leet-shape digits (1,1,1,0), clearing minSubstitutions: 4.
  2. deleet only rewrites digits/symbols — it leaves genuine letters untouched. So already-English text stays readable after decode, and your/and/the clear the minCommonWords: 3 floor.

collectSubstitutionCiphers (ROT13/Atbash/reverse) already skips candidates that are already English — a real cipher payload obscures its letters, so its raw form isn't English yet. collectLeet was missing that guard.

Fix

Add the same alreadyEnglish short-circuit to collectLeet. Prose carrying incidental version-number digits is left visible; genuine leet payloads (y0u c4n 533 7h15…, letters broken up by digits, raw form scores ~0 common words) still redact.

Testing

  • New regression test uses the verbatim changelog copy. Confirmed it fails without the guard (prose was redacted) and passes with it.
  • Existing redacts a leetspeak-encoded English sentence test still passes — real payloads unaffected.
  • Full encoded-payload-redact example + property suites pass (52 tests); bun run check clean.

🤖 Generated with Claude Code

…oad FP)

The leetspeak sub-rule of encoded-payload-redact flagged ordinary English
prose containing a version string. e.g. on the github.blog npm v12
changelog, "Upgrade to npm 11.16.0 or later, run your normal install, and
review the warnings." matched: "11.16.0" supplies four leet-shape digits
(1,1,1,0), clearing minSubstitutions, and `deleet` leaves the real letters
untouched so the already-English text clears the common-word floor.

collectSubstitutionCiphers already skips candidates that are *already*
English (a real cipher payload obscures its letters, so its raw form is not
yet English). collectLeet was missing that guard. Add the same
alreadyEnglish short-circuit so prose with incidental version-number digits
is left visible while genuine leet payloads (letters broken by digits, raw
form scores ~0 common words) still redact.

Regression test uses the verbatim changelog copy; confirmed it fails
without the guard and passes with it. Existing leet-payload test unaffected.
@vercel

vercel Bot commented Jun 9, 2026

Copy link
Copy Markdown

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Actions Updated (UTC)
agent-browser-shield-demo-site Ready Ready Preview, Comment Jun 9, 2026 11:00pm

Request Review

@twschiller twschiller added the bug Something isn't working label Jun 9, 2026
@twschiller twschiller merged commit 4c87609 into main Jun 9, 2026
7 checks passed
@twschiller twschiller deleted the fix-leet-version-number-false-positive branch June 9, 2026 23:05
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

bug Something isn't working

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant