Pre-existing: silent 1,000-char truncation in redactArgs undocumented #1
Description
Affected repos
edictum(Python) —src/edictum/audit.pyredact_args()edictum-ts(TypeScript) —packages/core/src/redaction.tsredactArgs()
Finding
redactArgs() silently truncates any string value over 1,000 chars to 997 + "...". This is undocumented — callers have no indication it happened. The 1,000-char limit is separate from the 10,000-char MAX_REGEX_INPUT cap (which is a ReDoS guard).
redactBashCommand() does NOT apply this truncation, so the same string processed by different methods produces different lengths.
Source
Found by AI reviewer on edictum-ts#90 (warning #3). Classified as pre-existing — not introduced by any PR.
Suggested fix
Document the behavior in constructor JSDoc/docstring. Optionally add a _truncated: true flag to indicate truncation occurred (similar to capPayload).