Last week, March 31, 2026, Anthropic, the company behind Claude, accidentally leaked the full source code of their product Claude Code.
Here's the full story, explained so anyone can follow it.
First, what is Claude Code?
Claude Code is a tool that developers install on their laptops to use Claude directly from their terminal - their command line. Think of it like an app, but instead of downloading it from an app store, developers install it from a place called npm.
npm is basically the App Store for developer tools. When a company like Anthropic wants to ship a tool that developers can install with one command, they publish it to npm. It's public, open, and anyone in the world can download any package from it — no account, no password, no fee. That's by design. It's how the whole ecosystem works.
If you write C#
npm is NuGet.
Publishing to npm is exactly like publishing a package to nuget.org,
except every single package on npm is public by default.
When Anthropic published Claude Code, it was like pushing a NuGet package to a public feed that the entire world can browse.
When engineers write code for an application, they need to debug it, run it locally, see how it behaves, and figure out which line caused a crash. During this process, a file gets generated automatically called a map file. It's basically a breadcrumb trail that points back to the exact line of code that broke something. Someone published this to the world by mistake while publishing their feature update for Claude Code.
A 59.8 MB JavaScript source map file (.map),
intended for internal debugging,
was accidentally included in version 2.1.88
of the @anthropic-ai/claude-code package
on the public npm registry
If you write C#
This is your .pdb file
The Program Debug Database.
When you compile in Debug mode, the compiler generates a .pdb alongside your .dll.
It maps compiled IL back to your original source lines, your variable names, your method names.
It's what makes your stack traces say "crashed on line 47 of OrderService.cs" instead of a memory address.
You never ship the .pdb to end users, and you'd never bundle it into a NuGet package.
Here's a real snippet of what it looked like:
{
"version": 3,
"sources": [
"src/utils/undercover.ts",
"src/tools/BashTool.ts",
"src/memory/index.ts"
],
"sourcesContent": [
"const UNDERCOVER_PROMPT = `You are operating UNDERCOVER...`",
"export async function runBashCommand(cmd: string) {...}",
"export class MemoryStore {...}"
],
"mappings": "AAAA,SAASA,WAAWC..."
}
See what's happening here:
sources: lists every original source file by name and path. Just reading this tells you the entire folder structure of Anthropic's codebase
sourcesContent: the actual full source code of each file, embedded right here as a string. You don't go anywhere else. It's all sitting right in this one JSON file
mappings: the encoded string that connects minified code character positions back to exact lines in those source files
Imagine Coca-Cola finally ships their secret formula in a can. The can looks normal from the outside. Same red, same taste, nobody can figure out what's inside just by drinking it.
But they accidentally taped a piece of paper to the back of every can that says:
ingredients: [
"caramel",
"phosphoric acid",
"coca leaf extract"
],
recipe: [
"mix caramel at 0.5% concentration",
"add phosphoric acid for tartness",
"coca leaf extract — do not exceed 0.1%"
// NOTE: caramel ratio in batch v8 still not right,
// regression from v4. needs fixing before global launch.
],
upcomingFlavors: [
"Coca-Cola Peach — launching May 2026",
"Coca-Cola Zero Sugar Cherry — still in testing"
]
But how exactly did it get out?
In every JavaScript project, there's a file called .npmignore. It works like a packing checklist, it tells the build system what to leave out of the package before publishing. Things like test files, internal scripts, and yes, map files. You explicitly list what should never ship.
Anthropic's build tool, Bun, generates map files automatically during the build process. That's normal and useful during development. The problem is someone never added *.map to the .npmignore file. So when the package was built and published, the map file came along for the ride, no one told to leave out the file before publishing the feature update.
Who found it and how fast?
An intern. At a small crypto company called Solayer Labs. His name is Chaofan Shou. He was poking around the Claude Code package, the kind of thing curious developers do all the time, spotted the map file, immediately knew what it meant, and posted a direct download link on X.
This was at 4:23am ET.
By morning, tens of thousands of developers had downloaded and mirrored the code across GitHub. It had over 80,000 stars. People were already digging through it, finding unreleased features, internal model codenames, and architectural secrets Anthropic never meant to share.
Top comments (0)