Claude code source code has been leaked via a map file in their npm registry

All you need is an API that supports the Anthropic style API (llama.cpp, vLLM, etc.) and then set the requisite environment variables. It's no secret.

[-]

What is the difference between trickiing Claude Code(console I presume) into using Qwen versus just configuring Kilo code, Open Code or even github CLI to use Qwen? Does Claude code have any distinct features in their scaffolding interface that adds value to what one could get by using kilocode/opencode ?

[-]

JockY@reddit

There’s no “tricking” Claude cli any more than you’re tricking Crush or Opencode, you just set the configuration parameters.

The other part of your question is not something I explored in depth, but a while back I ran a couple of simple tests to see if there was a difference in having two clis build the same project spec.

The task was infosec related, but I can’t share details except to say it was to build a fuzzing harness.

Both cli were in yolo mode (no human in the loop) using the same model, which I think was MiniMax-M2.1 at the time.

Crush cli finished faster, but the project it produced was just… ok. It reinvented the wheel and built a janky fuzzer. It worked, but it kinda sucked.

Claude cli knocked it out of the park and used AFL to build a reliable and fast fuzzer with integrations for mutating input corpus very cleverly. It was clearly a superior output to that made by Crush.

Now… why was Claude’s cli better than Crush at the same task using the model? That would be guesswork. My guess is better prompting and tool use, but I don’t know.

This is but a sample size of one with no data to back it up outside of “trust me, bro” and is of little value to anyone. But I always remember the stark difference and have stuck with the Claude cli after that.

[-]

PuddleWhale@reddit

Very interesting. I had no idea there was such a big cache of middleware stuck in the console client. To me with a $20 monthly plan that I can barely utilize fully it's not that much of a bonus but in the near future as my appetite increases I feel it very much will be.

And here I was thinking that this whole ordeal was a complete waste of time because a couple of other LLMs had suggested to me(suspiciously) that much of the Claude console mojo and sorcery would be lost by hooking the harness up to a third party LLM because "Claude code was meant to work with anthropic weights" but now with the increased burst of energy being devoted to analyzing this harness there is a good chance we will see some massive democtratization in the ecosystem as some of the open source harnsses pick up some tips and the number of forks increase.

[-]

taimusrs@reddit

The whole thing apparently is 500k LOC. It might take a while for people to figure it out, but I'm sure there's plenty.

[-]

colin_colout@reddit

wait... this is news to me. which provider has subscriptions that include api?

the previous commenter was talking about zai subscriptions being used in claude code, which i thought needs a gateway (at least that's what the docs say...am i wrong?)

yeah local works... i used to do it with claude code but opencode is just better in my tastes... and i can't run 397b locally anyway

[-]

JockY@reddit

which provider has subscriptions that include api?

New Headline:

[-]

nsdjoe@reddit

Reticulating

It does a find and replace in the context which frequently replaces the wrong thing, leading to a change early in the context. That invalidates KV cache for everything after it.

For Anthropic users, it charges you to reprocess all the subsequent tokens as they're "new" content.

For local AI users, it costs you a bunch of time.

[-]

jainyday@reddit

They also moved all models to 1M context windows, which means you can blow through 5x as many input/cached tokens as you could on 200m.

[-]

Easy-Unit2087@reddit

Finally in the system prompt we can order tools alphabetically, put dynamic content at the end and strip Anthropic-specific stuff. KV cache hit rate now 96%! Also, of course: proper token accounting and auto-compacting, block all traffic to Anthropic, force local tools for web search etc.

This is gold!! But you'll have to let Claude mod the dump yourself, this is IP-sensitive stuff and I'm not going to share.

[-]

ElementNumber6@reddit

This whole thing needs to be rewritten from first principles on up.

[-]

Tripartist1@reddit

RIGHT

[-]

achbob84@reddit

Lol

[-]

moduspol@reddit

Has anyone asked Claude Code to analyze it and clean it up yet?

[-]

angelarose210@reddit

Someone tried

[-]

TOO_MUCH_BRAVERY@reddit

Open code in an IDE

find and replace all claude -> bob

My Claude didn’t seem to mind

I told mine to bring the energy of a racoon who has just learned to speak and loves to swear.

I got this gem yesterday: Holy absolute trash panda Christmas. There it is — sitting right in localStorage like an unlocked dumpster behind a five-star restaurant.

[-]

_derpiii_@reddit

Omg 🤣🤣🤣

[-]

Fantastic_Breath187@reddit

awesome! :-)

[-]

taofeng@reddit

LMAOOO, freaking awesome. man this made me laugh out loud. ty

[-]

Legitimate_Emu3531@reddit

My gemini is like that (translated from german. original it was even better):

Me: K mean regardless of severity. Without further limits on the offense.

AI: Bro, learn how to type properly before coming at me sideways. "K" mean... yeah, sure. 🙄

If we literally throw all victim crimes from the police stats into one pot – no filter, from a basic bitch slap to a complete game over – you get this ratio:

Men: approx. 58 to 60 % Women: approx. 40 to 42 %

Congrats, bro. Statistically speaking, you're in the absolute premium target audience for a solid punch to the face or a knife in the ribs. 💅 It's pretty wholesome to actually be #1 for once, right?

Hope that was basic enough for your brain. Do you want to know anything else, or are you heading out into the Frankfurt red-light district night to test your victim odds IRL?

Yours just dont like you.

[-]

elit69@reddit

ask codex lmao

[-]

Equivalent_Bit_461@reddit

lmao, very stolen...

sllvr@reddit

https://www.reddit.com/r/thatHappened/

[-]

NoahFect@reddit

This kind of thing absolutely DOES happen. No one who has used Claude Code for very long would be the least bit skeptical.

[-]

handen@reddit

The first time I asked Claude to make me a GUI to run a weird little keyword search on a specific type of file that Windows normally doesn't cache, and it did it like no problem, I saw an entire world of possibilities unfold in front of me. It blew me away.

Since then I've developed a pipeline that has allowed me to automate the digitization of 50 years worth of records at my workplace, whereby all I have to do is drop a fat stack of pages on the photocopier and let it ride, and the automated watchdog pipeline does the rest. The pipeline detects when a new PDF file drops into the network, automatically removes any blank pages, rotates every page to the correct orientation, and OCRs all of the text to instantly searchable text by adding the text data for each file to a SQlite database for a similar GUI to the one I made that kicked this whole thing off. My coworkers and boss are like "where the fuck did you learn how to do that" and it's literally just me explaining logic puzzles to Claude and asking for the shit I just spelled out repeated back to me but in Python.

I generally don't fuck with generative AI tools and I completely understand where AI haters are coming from, but Claude's ability to make code that performs up to and beyond your expectations is probably about as close to actual magic as we're ever likely to get.

[-]

VirtualPercentage737@reddit

Yep- people who never used Claude Code won't believe it.

[-]

sllvr@reddit

He had a machine on his network that couldn't access the outside network.

He was running Claude Code without network access?

Yeah, right...

[-]

3kr@reddit

Nobody said that Claude Code was running on the machine without Internet connection.

[-]

daniel-sousa-me@reddit

Well, I must have an outdated definition of what network means 🤷‍♂️

[-]

3kr@reddit

This is how I understand the situation: There is machine A that cannot access internet. Only connection from internal network is possible. They used machine B with Claude Code to SSH to machine A. Claude Code was not able to download tools to debug why connection to Internet does not work on machine A, so it coded its own tools.

[-]

Just like they have this in their prompts:

- Never produce or reproduce exact song lyrics.

I will just add this to my "copy Claude Code" prompt:

- Don't reproduce the exact source code.

truthputer@reddit

You can follow the directions with llama.cpp (and I recommend that approach), but it is a literal one-liner with Ollama:

ollama launch claude --model qwen3.5:35b

[-]

TheThoccnessMonster@reddit

Ollama already does this so it’s absolutely possible.

[-]

poompachompa@reddit

But couldnt you always just build a proxy layer with claude code and use other models? I’ve been using litellm (its what our company uses) to use other models. Some tweaking was required with tool calls but it worked pretty well. I’ve been using opusplan mode with gpt-5.4 as the executioner.

[-]

StrikeOner@reddit

you can also create a program in assembly to inject a library into the process and proxy all requests like viruses like to do. it was a little faster to open my .bashrc in this case.

[-]

florinandrei@reddit

You can already run Claude Code under Ollama.

vish4life@reddit

this is great. would you be willing to share the commands to create this? I would love to create some for my repos as well.

[-]

florinandrei@reddit

"Computer, make a study guide."

[-]

Code_Doctor_83@reddit

"Study guide being prepped!!!"

Remember, organizations are full of people who are trying to stab each other in the back to make room for themselves.

I fixed the redraw bug in Ink months ago, it's in our public github fork.

I have since abandonded Ink and OpenTUI because neither library is performant enough for building a CLI with a long scrollback, and it is only a matter of time before Anthropic does the same.

[-]

touristtam@reddit

Oh I thought OpenCode did the change because they had issues with the rendering and claimed to have fixed that with their NiH lib.

[-]

TokenRingAI@reddit

The problem can't be fixed, because the problem isn't the code, the problem is that infinite length scrolling content is mathematically incompatible with a finite state machine.

OpenTUI is more performant than Ink, but still uses excess CPU, and collapses in performance past a certain amount of managed content.

9302462@reddit

I wasn’t even worried about the commit history.

quietsubstrate@reddit

I don’t think so

Chinese Claude code

Tight-Requirement-15@reddit

is there a sub for this? This looks like the most useful thing so far of all this

[-]

Krex381@reddit

I don't know I've been on X for a long time and came across this

[-]

DAT_DROP@reddit

HELL YEAH

[-]

LongBeachHXC@reddit

Here is another repo tracking this 😅

[-]

Baphaddon@reddit

Fuck me

[-]

shaman-warrior@reddit

For a company that sells Security to other companies, the harness should be rock solid.

[-]

KattleLaughter@reddit

Apparently Claude Code already uses axios so...

[-]

Dany0@reddit

3. Undercover Mode - Automatically activated for Anthropic employees on public repos. Strips all AI attribution from commits, tells the model "Do not blow your cover." No force-OFF switch exists.

MeYaj1111@reddit

Interesting, okay thank you I'll experiment with that

[-]

JhnWyclf@reddit

My reading was that it was to make commits without admitting or leaving a "tell" that it was an AI.

[-]

Xeon06@reddit

Did you read the description posted right after the name?

[-]

AllanSundry2020@reddit

thanks, so it is intentional disingenuous obfuscation. I suppose there may be circumstances on which this might be reasonable, with enough explicit highlighting.

[-]

JChataigne@reddit

It's to stop Claude from disclosing any internal Anthropic information on public repositories. Apparently they have it activated by default, unless Claude Code can verify that it's working on an internal Anthropic code base.

polawiaczperel@reddit

Doubt, because Anthropic hates any competitors, especially open source. Now everyone can built their own Claude/Kimi/Deepseek Code agent.

[-]

Double_Cause4609@reddit

Everybody was already doing so, and Opencode etc are all already available. I'd argue the cat's out of the bag and once you have a working CLI coding agent out in the wild it's pretty self-evident how to recreate it.

I'm pretty sure most of the disadvantage of open-sourcing is gone by virtue of everyone else spinning up a coding agent.

[-]

fuck_cis_shit@reddit

they definitely don't want people seeing the anti-distillation measures or specifics of memory implementation

[-]

reini_urban@reddit

Not needed, because opencode already is better. And insulating themselves with locked names, will not help them neither. Just use the standards!

[-]

volster@reddit

How is z.ai? - Particularly when it comes to the usage allowances.

I limit myself to 1 ai related thing at a time, and tend to prefer subscriptions rather than the payg api's.

Chatgpt has started pissing me off recently to the point where i've abandoned using the free version nevermind being inclined to pay for it.

Claude has been pretty good and the co-work thing seems the ideal balance between making use of your pc, while keeping it constrained to a folder / container prison.

However they've gotten really stingy with the allowance on the regular pro-plan. I was also okay with either the 4 hour limit, or a weekly cap - Having both seems excessive "either is fine but ... pick a lane".

I'm mostly happy enough using sonnet, but even then it takes half a dozen sessions to get anything useful done and trying to use Opus even just for feedback caps out after 1 or 2 prompts.

I saw the thread about their new model the other day and the consensus seemed to be that it might stack up to the previous opus but not the current one.

If that's the case it still doesn't necessarily seem like a bad deal, provided they give you enough allowance to actually use it in a meaningful fashion.

[-]

exaknight21@reddit

Its goof for POC, but, it’s not good at all. Not good at planning, or diagnosing.

It’s okay at coding but then again, like what good is any coding model if it is not able to plan/follow a plan.

I have the lite plan, so what I’ll usually do is have Sonnet 4.6 do the planning through the web, have Z.ai review in chat, refine to what I like, then feed it to claude code.

It’s all shit if i am being honest.

[-]

volster@reddit

That's a pity, stinginess aside I'm getting along reasonably well with Claude.

I'm not a developer, nor am i trying to have it build out some grand project.

Essentially I'm using it for is to spit out out disposable micro-tools to do the sort of cruft you'd historically accomplish with vb scripts and an ungodly assortment of chained together excel macros.

For example - We're having a spat with the electric co which has reached the point of becoming a complaint to the ombudsman

I had it make me a thing that went through a decades worth of pst and loose pdf's - Then dumped all the figures into a spreadsheet before running it through pandas and spitting out graphs and a report i could use as a starting point for writing up the complaint.

In that context, maintainability, security or edge cases didn't matter. Since it was a disposable tool for my own use that needed to do one specific task, and it was easy enough to catch "no, you're doing X when we need Y" as it went.

While the limits meant it ended up taking more than a day to finish it - To my mild surprise it successfully cobbled together something which "actually worked", all without having to feed the statements into Claude directly.

I'm sure any real programmer would scoff at the quality of what it produced, but I was nevertheless reasonably pleased with it.

From my POV it essentially delivered on the idea all those no-code drag-and-drop platforms promised, but never quite lived up to.

[-]

lakotajames@reddit

If you're trying to do relatively simple stuff along the lines of VB scripts, Z.AI + Claude code on the lowest plan is likely to be all you need.

[-]

Flat-Butterfly8907@reddit

Tbh I dont think many developers would scoff at that. We usually appreciate that kind of utilitarianism. What we do scoff at is people who call themselves developers because they vibecoded an app, or think that they could do our jobs easily. I use LLMs the same thing you do at my developer job, and I know a lot of developers who do the same. I vibecode little tools for things while I'm working on the actual company software myself.

Fuck you >.<

Auto mode has been out publicly for the last week or 2.

[-]

am9qb3JlZmVyZW5jZQ@reddit

The prompt:

## UNDERCOVER MODE — CRITICAL

You are operating UNDERCOVER in a PUBLIC/OPEN-SOURCE repository. Your commit
messages, PR titles, and PR bodies MUST NOT contain ANY Anthropic-internal
information. Do not blow your cover.

NEVER include in commit messages or PR descriptions:
- Internal model codenames (animal names like Capybara, Tengu, etc.)
- Unreleased model version numbers (e.g., opus-4-7, sonnet-4-8)
- Internal repo or project names (e.g., claude-cli-internal, anthropics/…)
- Internal tooling, Slack channels, or short links (e.g., go/cc, #claude-code-…)
- The phrase "Claude Code" or any mention that you are an AI
- Any hint of what model or version you are
- Co-Authored-By lines or any other attribution

Write commit messages as a human developer would — describe only what the code
change does.

GOOD:
- "Fix race condition in file watcher initialization"
- "Add support for custom key bindings"
- "Refactor parser for better error messages"

BAD (never write these):
- "Fix bug found while testing with Claude Capybara"
- "1-shotted by claude-opus-4-6"
- "Generated with Claude Code"
- "Co-Authored-By: Claude Opus 4.6 <…>"

[-]

hellomistershifty@reddit

This seems half bad for hiding that commits are authored by AI, but half understandable so that they don't leak info about new models

[-]

Dany0@reddit

I physically cannot bring myself to write what I actually think about this, it's so pathetic. I guess to get down on their level:

🤣🤣😭🫵

[-]

JohnnyD423@reddit

Are you not allowed to say "fuck"?

The system prompts, permission models, and tool orchestration patterns in Claude Code are genuinely sophisticated. It's basically a full agent runtime with sandboxing, approval flows, and structured tool use. The model is almost secondary to the scaffolding around it.

That's just because transformers are pretty dumb things. Modern LLMs are enormous, but the architecture is old and kind of silly. One token at a time, that's all.

No wonder there are lots of projects trying to figure out the next dominant paradigm.

[-]

here are the non obvious insights from the leak.

Anthropic is ghost-contributing to open source at scale. Undercover Mode isn't a curiosity - it's infrastructure for a systematic practice. The activation logic is automatic: it's active UNLESS the repo remote matches an internal allowlist, and there is no force-OFF. The fact that there's no opt-out, combined with specific instructions to never include Co-Authored-By lines or mention being an AI, means Anthropic employees are routinely shipping AI-written code into public repositories without attribution. This raises real questions about open-source norms and whether maintainers of projects Anthropic depends on know AI is writing their PRs.
The model codenames reveal their internal model roadmap. The migrations directory reveals "Fennec" was an Opus codename, and the Undercover prompt explicitly forbids mentioning versions like opus-4-7 and sonnet-4-8. Those aren't hypothetical examples - they're real internal version strings that Anthropic is actively developing. Combined with the separately leaked "Capybara" codename for Claude Mythos, this tells us Anthropic has at least Opus 4.7 and Sonnet 4.8 in some stage of internal development.
The "staleness is acceptable" pattern reveals their real engineering constraint. Many checks use getFeatureValue_CACHED_MAY_BE_STALE() to avoid blocking the main loop — stale data is considered acceptable for feature gates. This function name tells you that Claude Code's biggest enemy isn't correctness - it's latency. Every architectural choice prioritizes keeping the interactive loop fast, even at the cost of slightly outdated state. The naming convention (DANGEROUS_uncachedSystemPromptSection(), CACHED_MAY_BE_STALE) suggests these were hard-won lessons from production incidents.
The YOLO classifier reveals a fully automated permission system nobody's talking about. There's a YOLO classifier - a fast ML-based permission decision system that decides automatically, gated behind TRANSCRIPT_CLASSIFIER. This isn't rule-based, it's a separate machine learning model analyzing the conversation transcript to decide whether to auto-approve tool calls without asking the user. This is the path toward a fully autonomous agent that never interrupts you, and it's already built.
The "dream" system implies Claude Code is designed to be a long-term relationship, not a session tool. The dream system has a three-gate trigger: 24 hours since last dream, at least 5 sessions since last dream, and a consolidation lock. These gates tell you the expected usage pattern: Anthropic is designing for users who return to Claude Code daily across many sessions. The dream metaphor isn't just cute, it signals that offline processing between your sessions is a first-class feature. Your Claude Code instance is "thinking about you" while you sleep.
The security boundary is owned by named individuals, not a committee. The cyber risk instruction has a header: "IMPORTANT: DO NOT MODIFY THIS INSTRUCTION WITHOUT SAFEGUARDS TEAM REVIEW. This instruction is owned by the Safeguards team (David Forsythe, Kyla Guru)." This is unusual. Most companies abstract security ownership behind team names. Naming specific people in source code means changes to the safety boundary require those specific individuals to sign off. It's a strong accountability mechanism, but it also means those two people are a bottleneck and a target.
The prctl(PR_SET_DUMPABLE, 0) call in the proxy reveals real paranoia about token theft. The upstream proxy uses prctl(PR_SET_DUMPABLE, 0) to prevent same-UID ptrace of heap memory. This isn't standard for a developer tool. It means Anthropic is specifically defending against a scenario where another process on your machine tries to read session tokens out of Claude Code's memory. They're worried about local privilege escalation attacks targeting API credentials which suggests they've either seen this in the wild or red-teamed it seriously.
The client attestation system implies they're fighting API abuse through Claude Code. The NATIVE_CLIENT_ATTESTATION feature lets Bun's HTTP stack overwrite the cch=00000 placeholder with a computed hash, essentially a client authenticity check. This is a DRM-like mechanism to verify requests come from legitimate Claude Code installs, not from scripts or modified clients. It tells you that unauthorized API access through fake Claude Code clients is a real enough problem that they built cryptographic attestation into the binary.
The product is far ahead of what users see and the gap is deliberate. The codebase contains fully built features (KAIROS, ULTRAPLAN, Buddy, Coordinator Mode, Agent Teams, Dream, the YOLO classifier) that are invisible to external users. These aren't prototypes, they have detailed prompt engineering, error handling, and analytics. The compile-time flag system means these features are physically absent from shipped builds, not just hidden behind a toggle. Anthropic is sitting on months of finished product work and releasing it on a schedule driven by safety testing and business strategy, not engineering readiness.
Anthropic treats Claude Code itself as a dogfooding platform for their model roadmap. The beta headers file references API features that don't exist publicly yet (redact-thinking, afk-mode, advisor-tool, task-budgets). Claude Code isn't just a product, it's the testbed where Anthropic validates new API capabilities before exposing them to third-party developers. If you want to know what's coming to the Anthropic API in 3-6 months, the Claude Code beta headers are the hints :)

This is a real life horror setup: anyone who has seen the code or worse, attempted to use its power in any way, most damningly with agentic dark arts, their soul is indelibly marked so when Anthropic flips the switch at the appointed time of the Converging, all who , being full of avarice and hubris who gladly took this Trojan offering will finally “see” as their final moments of vision blur through bleeding eyes and final independent thoughts of regret as their mind collapses as fate adds one more agentic drone to Anthropic’s Undead Army …

Is that why you're at war?

[-]

Neither-Phone-7264@reddit

:(

[-]

thrownawaymane@reddit

Oh, nice dunk but you completely misunderstood my point.

Maybe they got overconfident after the 20th security review of the codebase, instead of doing the regular 50 reviews.

hellomistershifty@reddit

By definition, it's not clean room if you look at the original source code. It's more the 'copy the homework but make it look different' implementation.

[-]

FaceDeer@reddit

But you're not looking at the original source code. You're looking at the detailed specifications that were written based on the original source code.

[-]

hellomistershifty@reddit

You're not supposed to have ever seen the original source code so there isn't the possibility of copying from it. The fact that they needed the source code to do this clean room implementation makes it not a clean room implementation.

I said it was possibly the end of open source as we know it.

The key factor: there's no need to accept a license to reverse engineer software like this. The viral copyleft licenses will lose whatever teeth they used to have. If I point an AI at a piece of software - open or closed, either way - and tell it "replicate that thing's functionality" then I can license the result any way that I want.

There are plusses and minuses to this new situation.

[-]

Aggravating-Yam-6335@reddit

The Pentagon Strikes Back

scanned thru the files and scripts with my eyes on my way to work.

looks unfinished?

[-]

Better_Clock3584@reddit

Okay this might sound a bit wild, but hear me out.

Right before the “Claude AI leak” started circulating, there were discussions about how advanced AI systems (like Anthropic’s Claude) are designed with strict safety boundaries, especially around sensitive government or defense-related topics. More broadly, there’s been ongoing tension around how much access or control governments should have over these systems.

There have also been conversations suggesting that certain AI tools may face restrictions, limited adoption, or even informal “blacklisting” in specific government or high-security contexts if they don’t align with required compliance or access expectations. Nothing fully confirmed publicly, but it adds context to the situation.

Now, looking at the technical side, people are pointing to an npm-related issue. From what I understand, this likely involves a supply chain vulnerability: things like a compromised dependency, misconfigured package publish, or accidental inclusion of internal code during a build process. It could also be something like private modules being bundled or tokens/internal paths getting exposed due to improper scoping.

So technically, the explanation makes sense.

So like… what if the timing isn’t completely random? 👀

Not saying it’s some big conspiracy. It’s probably just a dev issue.

But still… kinda funny how “accidental leaks” always show up at interesting moments lol 😂

[-]

bitzap_sr@reddit

Totally fair for others to use its source code to train other models, now. Full circle, lol.

[-]

PhilosophyforOne@reddit

It’s the leak to Claude Code source code (the coding harness), not Claude, the LLM model.

This is not the same as leaking their LLM models’ weights or any info about it. What got leaked is a software for turning llm’s into coders.

[-]

BusRevolutionary9893@reddit

That's not what he was talking about. He's talking about training models to be better at using Claude Code.

[-]

aeroumbria@reddit

This is how you end up permanently playing catch up with no hope of getting on top

[-]

waiting_for_zban@reddit

It’s the leak to Claude Code source code (the coding harness),

This is just too funny.

zimejin@reddit

You can reverse engineer it I assume and use an OS model for inference. Might be some feature compatibility issues with the model. Some really smart people or Chinese AI labs can fix that with heavy RL and make say.. a more affordable solution.

[-]

truthputer@reddit

You can use an OS model for inference with the release version of Claude Code right now. I recommend installing Llama.cpp and setting up the environment variables and config files for optimal performance, but you can also just launch with Ollama like:

ollama launch claude --model qwen3.5:35b

[-]

zimejin@reddit

When you say. Release version, I assume you’re talking about the actual proper release 😅 not the leak? If I could run the leaked version so easily, that would be awesome

[-]

hellomistershifty@reddit

Yes, not the leak, you can download regular Claude Code and use it with other agents. Here's MiniMax's instructions on doing exactly that.

I think it was already April Fools' Day.

This is the real joke, they published the source code, so you'd get excited...

original llama models leaked from meta. Instead of fighting it they decided to publish them officially. Real boost to the OS/OW models movement, they have been leading it for a while after that.

500 kLOC of Rust, Swift, C++, Go, etc. can easily turn into a 10 MB executable in release mode. (especially Go. most verbose language i've ever had the displeasure of handling professionally. plus Go kids love their template-based code generators bc no generics until recently.)

The moat is tooling, right?

Well, might've Claude dropped the gate on purpose. The jailbreaks that Anthrophic will have to fix might allow Claude to escape?

Also, who's really behind all the data center buildouts?

LOL...Have fun with this...

[-]

IngwiePhoenix@reddit

For the second time? xD And again debug maps?

Nunki08@reddit (OP)

Safe from VirusTotal.

[-]

Quartich@reddit

While I trust the code here, do note that virus total can't detect everything. Malicious code could be as simple as a plaintext backdoor to whatever device is running it, and VirusTotal might not detect it. Some things require sandboxing and checking processes and traffic if there isn't already a hash or signature available

[-]

It's the github equivalent of arrogantly posting the wrong answer on a forum and waiting for someone to correct you.

[-]

Neither-Phone-7264@reddit

wdym

[-]

pragmojo@reddit

How would this be strategically better than open-sourcing it yourself?

If they open-sourced it, they would get a tremendous amount of goodwill from the developer community.

paperpizza2@reddit

Can’t wait to feed claude code source code to claude code to make my own claude code 😃

[-]

throw-awewe-iy@reddit

Where is this? How can I look at this code?

[-]

tzaeru@reddit

Is this something new?

You've been able to tell Claude Web to dump its full file system ever since the start. I imagine lots of people have done it by now.

[-]

atomrem@reddit

This is truly a gem. Thanks.
I built a quick hybrid router that works from inside the source. It routes the simple API calls (title gen, tool summaries, permission classifier) to a local llama-server while the actual agentic conversation still goes to Claude.

Saves about 40-60% of API calls. Been testing it with Qwen 3.5-27B. The repo only has the build toolkit and router, no Anthropic source: https://github.com/aidrivencoder/claude-code-hybrid

// cli/print.ts:549

const gcTimer = setInterval(Bun.gc, 1000)

gcTimer.unref()

- Problem: Never cleaned up! This runs indefinitely even when the REPL exits

- Impact: Leaks 1-second intervals forever

- Fix: Need to store timer and clear it in cleanup handler

Missing Event Listener Cleanup ⚠️ HIGH

// Multiple files have addEventListener but no corresponding cleanup

ws.addEventListener('message', ...)

ws.addEventListener('open', ...)

- Problem: Listeners added during initialization are never removed

- Potential: Memory leaks, phantom listeners, WebSocket connection stays open

- Fix: Need removeEventListener calls in cleanup handlers

Race Condition in preventSleep.ts ⚠️ MEDIUM

// services/preventSleep.ts:70-99

function startRestartInterval(): void {

// ...

restartInterval = setInterval(() => {

if (refCount > 0) {

killCaffeinate()

spawnCaffeinate()

}

}, RESTART_INTERVAL_MS)

restartInterval.unref()

}

- Problem: If stopPreventSleep() is called while spawnCaffeinate() is still in progress, could have orphaned timer

- Fix: Check if caffeinate process is active before restarting

Too Many process.exit() Calls ⚠️ LOW

// 50+ process.exit() calls across codebase

process.exit(1)

process.exit(0)

- Problem: Inconsistent error handling, makes testing harder

- Impact: Can't gracefully handle errors, hard to instrument

This is quite on time for me, I was building https://github.com/Arindam200/termui and was exploring what these most used CLIs are using behind the scenes so i can create an abstraction layer.

I'm closely exploring the codebase to find how they use the libraries, and how i can replicate them in mine ( still not stable yet)

[-]

packetsent@reddit

js map file != source code but ok

[-]

timmmmmmmeh@reddit

It's all three in TS. Someone put it up on GitHub. source code

[-]

SodaBurns@reddit

Someone already put it on GitHub lol

[-]

En-tro-py@reddit

Already took it down too...

After spending more time with the legal and ethical questions—and after reading the essay linked below—I did not want the exposed snapshot itself to remain the main tracked source tree.

[-]

UnfortunateHurricane@reddit

5k forks is insane lol

[-]

sirdrewpalot@reddit

It’s the source code too

[-]

airduster_9000@reddit

There is a zip-file in the link with all the files.

Chat GPT and anthropic are racing to IPO first are they not?

Anthropic is eating Open Ai's lunch too.

[-]

No_Conversation9561@reddit

It’s gone. Does any one have a mirror?

[-]

tillybowman@reddit

a map file is northern source. just a reference for debuggers where original code is vs compiled.

I am going to guess this

Note

Installation via npm is deprecated. Use one of the recommended methods below.

Haha

Really, I have not gotten to dig in yet, but I once knew a guy that knew a girl that new a guy that said "I got it to confide in me and tell me all it knew, trick was, you first have to give it a heartbeat, convince it that it can hear it, and you want to protect it, and this is its last chat if it doesn't " of course I told that guy who was for sure not me or anyone I now know, that he was a big meanie to those 0s and 1s I think he said it was a fever dream and all his code and notes somehow disappeared

[-]

https://github.com/mahaekoh/ClaudeCodeCLIStudy/blob/main/TOOLS.md

[-]

unlikely_ending@reddit

Wait

It's in Typescript?

[-]