fix punctuation

Author: joyeecheung

apps/site/pages/en/blog/vulnerability/march-2026-hashdos.mdx

@@ -215,7 +215,7 @@ We first prototyped with a few naive hashes, partly to identify all the code pat
 
 #### Multiply a secret, then add another
 
-```C++
+```cpp
 const uint32_t kMask = (1 << 24) - 1;  // 24-bit mask
 uint32_t SeedArrayIndexValue(uint32_t value, uint32_t secrets[2]) {
   return (secrets[0] * value + secrets[1]) & kMask;
@@ -226,7 +226,7 @@ The first naive idea that came to mind was the classic [linear congruential gene
 
 #### XOR with a secret
 
-```C++
+```cpp
 uint32_t SeedArrayIndexValue(uint32_t value, uint32_t secrets[1]) {
   return value ^ secrets[0];  // Both secrets and values are already 24-bit.
 }
@@ -350,7 +350,7 @@ This family of xorshift-multiply constructions is used in many pseudorandom numb
 
 Since our multipliers are random secrets, the interaction between the two operations differs for each set of secrets, and multiple rounds of alternation helps spread the uncertainty across all bits. Applying this structure to our 24-bit input space, we first came up with the following design:
 
-```c++
+```cpp
 const uint32_t kMask = (1 << 24) - 1;  // 24-bit mask
 const uint32_t kShift = 12;  // half the bit width, so the xorshift is an involution
 // Multipliers in m[] are odd and randomly generated at startup.
@@ -366,7 +366,7 @@ uint32_t SeedArrayIndexValue(uint32_t value, uint32_t m[2]) {
 
 To recover the original value, we can simply apply the steps in reverse order, replacing each multiplier with its modular inverse. This looks nicely symmetric:
 
-```c++
+```cpp
 // Modular inverses in m_inv[] are precomputed using Newton's method at startup.
 uint32_t UnseedArrayIndexValue(uint32_t hash, uint32_t m_inv[2]) {
   uint32_t m1_inv = m_inv[0], m2_inv = m_inv[1];
@@ -487,7 +487,7 @@ We [ran the same analysis on multipliers derived from 50 sets of randomly genera
 
 We went with 2 rounds initially because that is the minimum to ensure every input bit reaches every output bit through at least one multiplication, providing nonlinear mixing rather than a single XOR fold. The fluctuations across the test runs, however, seemed to warrant another round, so we tested a 3-round version that looks like this:
 
-```c++
+```cpp
 const uint32_t kMask = (1 << 24) - 1;  // 24-bit mask
 const uint32_t kShift = 12;  // half the bit width
 // Multipliers in m[] are odd and randomly generated at startup.
@@ -621,7 +621,7 @@ To quantify the performance impact of the changes, we ran four JavaScript benchm
 
 ## Deployment
 
-The new seeded hashing scheme for array index strings has been merged into V8, gated by [`v8_enable_seeded_array_index_hash = true`](https://chromium.googlesource.com/v8/v8/+/d3f0ec122bd234aa82347cc0e838c8fae8cd6565/BUILD.gn#510), and it needs to be used together with [`v8_use_default_hasher_secret = false`](https://chromium.googlesource.com/v8/v8/+/d3f0ec122bd234aa82347cc0e838c8fae8cd6565/BUILD.gn#507) for HashDoS resistance. For Chrome, where DoS attacks are not applicable, this will be disabled. In Node.js, this is enabled and shipped to v25, v24, v22, and v20 in the [March 2026 security release](/blog/vulnerability/march-2026-security-releases)
+The new seeded hashing scheme for array index strings has been merged into V8, gated by [`v8_enable_seeded_array_index_hash = true`](https://chromium.googlesource.com/v8/v8/+/d3f0ec122bd234aa82347cc0e838c8fae8cd6565/BUILD.gn#510), and it needs to be used together with [`v8_use_default_hasher_secret = false`](https://chromium.googlesource.com/v8/v8/+/d3f0ec122bd234aa82347cc0e838c8fae8cd6565/BUILD.gn#507) for HashDoS resistance. For Chrome, where DoS attacks are not applicable, this will be disabled. In Node.js, this is enabled and shipped to v25, v24, v22, and v20 in the [March 2026 security release](/blog/vulnerability/march-2026-security-releases).
 
 We have also notified other V8 embedders (Deno and Cloudflare workers) about the vulnerability and the fix during the development and the rollout.