this post was submitted on 31 Mar 2026

357 points (99.7% liked)

Technology

83251 readers

4338 users here now

This is a most excellent place for technology news and articles.

Our Rules

Follow the lemmy.world rules.
Only tech related news or articles.
Be excellent to each other!
Mod approved content bots can post up to 10 articles per day.
Threads asking for personal tech support may be deleted.
Politics threads may be removed.
No memes allowed as posts, OK to post as comments.
Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
Check for duplicates before posting, duplicates may be removed
Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 2 years ago

MODERATORS

L3s@lemmy.world

enu@lemmy.world

technopagan@lemmy.world

L4s@lemmy.world

L3s@hackingne.ws

357

Claude Code's source code appears to have leaked: here's what we know (venturebeat.com)

submitted 23 hours ago by return2ozma@lemmy.world to c/technology@lemmy.world

47 comments fedilink hide all child comments

top 47 comments

sorted by: hot top controversial new old

[–] Dentzy@sh.itjust.works 4 points 3 hours ago

I was like "Ha, ha nice April's fools"... Then I keep reading the comments and... WTF‽

[–] captcha_incorrect@lemmy.world 10 points 6 hours ago

The code is still on GitHub, just an earlier commit: https://github.com/chatgptprojects/clear-code/tree/627ab39f09681d9c7d6915861d36d361bdc6d889

[–] Fmstrat@lemmy.world 9 points 7 hours ago

At its core is MEMORY.md, a lightweight index of pointers (~150 characters per line) that is perpetually loaded into the context. This index does not store data; it stores locations.

Actual project knowledge is distributed across "topic files" fetched on-demand, while raw transcripts are never fully read back into the context, but merely "grep’d" for specific identifiers.

This "Strict Write Discipline"—where the agent must update its index only after a successful file write—prevents the model from polluting its context with failed attempts.

For competitors, the "blueprint" is clear: build a skeptical memory. The code confirms that Anthropic’s agents are instructed to treat their own memory as a "hint," requiring the model to verify facts against the actual codebase before proceeding.

Interesting to see if continue.dev takes advantage of this methodology. My only complaint has been context with it.

[–] WhyJiffie@sh.itjust.works 11 points 9 hours ago

In this mode, the agent performs "memory consolidation" while the user is idle. The autoDream logic merges disparate observations, removes logical contradictions, and converts vague insights into absolute facts.

this blog post reads like a marketing piece

[–] jivandabeast@lemmy.browntown.dev 46 points 14 hours ago

[–] CorrectAlias@piefed.blahaj.zone 58 points 16 hours ago (2 children)

Be careful not to introduce security vulnerabilities such as command injection, XSS, SQL injection, and other OWASP top 10 vulnerabilities. If you notice that you wrote insecure code, immediately fix it.

Lmao. I'm sure that will solve the problem of it writing insecure slop code.

[–] _stranger_@lemmy.world 2 points 37 minutes ago

Sounds exactly like half the managers I've ever worked with.

[–] filcuk@lemmy.zip 25 points 14 hours ago

It doesn't fix it, but as stupid as it looks, it should actually improve the chances.
If you've seen how the reasoning works, they basically spit out some garbage, then read it again and think whether it's garbage enough or not.
They do try to 'correct their errors', so to say.

[–] Encephalotrocity@feddit.online 255 points 22 hours ago (6 children)

Perhaps the most discussed technical detail is the "Undercover Mode." This feature reveals that Anthropic uses Claude Code for "stealth" contributions to public open-source repositories.

The system prompt discovered in the leak explicitly warns the model: "You are operating UNDERCOVER... Your commit messages... MUST NOT contain ANY Anthropic-internal information. Do not blow your cover."

Laws should have been put in place years ago to make it so that AI usage needs to be explicitly declared.

[–] a4ng3l@lemmy.world 11 points 14 hours ago

In Europe we have the AI act which, as of August, will introduce some form of transparency obligations. Not perfect obviously but a start. Probably will not be followed by the rest of the world though so like GDPR it will be forcibly eroded by other’s interests through lobbying but at least we try.

[–] merc@sh.itjust.works 101 points 21 hours ago (1 children)

The system prompt discovered in the leak explicitly warns the model: "You are operating UNDERCOVER... Your commit messages... MUST NOT contain ANY Anthropic-internal information. Do not blow your cover."

This is so incredibly stupid.

You've tried security.

You've tried security through obscurity.

Now try security through giving instructions to an LLM via a system prompt to not blow its cover.

[–] diabetic_porcupine@lemmy.world 6 points 8 hours ago

[–] Modern_medicine_isnt@lemmy.world 4 points 12 hours ago

That doesn't sound like it is saying don't identify yourself. That it's called claude isn't internal information. So it doesn't seem that instruction is doing tpwhat you are saying. Must be more instructions.

[–] JohnEdwa@sopuli.xyz 6 points 17 hours ago (1 children)

With how massive of a computer science field artificial intelligence is and how much of it already is or is getting added to every piece of software that exists, a label like that would be equally useless as the California prop 65 cancer warnings.

Do you use a mobile keyboard that supports swipe typing and has autocorrect? Remember to mark everything you write as being AI assisted.

[–] mrbutterscotch@feddit.org 1 points 6 hours ago

Well yes, if you let autocorrect write code contribution, I think you should lable that contribution as AI.

[–] GhostlyPixel@lemmy.world 1 points 13 hours ago

What internal info are they worried about leaking in a commit message? If you don’t want it to add the standard Claude attribution, you can completely disable it in the settings, or just write your own commit messages.

[+] MangoCats@feddit.it -8 points 20 hours ago (1 children)

AI usage needs to be explicitly declared.

Pointless. https://www.theregister.com/2026/01/08/linus_versus_llms_ai_slop_docs/

[–] Encephalotrocity@feddit.online 15 points 20 hours ago (3 children)

If it was the law then the AI itself would be coded to not allow going "undercover", and there would be legal consequences if caught. Torvald's stance only matters for how things 'are' not how they 'could be'.

Would it be a cure all? Of course not. Fraud still happens despite the illegality. But it's better than not being able to trust anything ever again.

[–] cecilkorik@piefed.ca 10 points 16 hours ago (2 children)

I hate to break it to you, but we're never going to be able to trust anything ever again. At least, not the way we used to. In the future, without any doubt, we are going to need to develop a different model of learning, using, and processing information that considers the provenance of where the information came from and how it got there from essentially first principles. We will have to build a web of investigation and trust to determine and mark what information is trustworthy and what is not, especially new information. None of this exists in any meaningful way yet, and the systems we used to have for it, like academic research and journalism for example, would have been catastrophically inadequate to handle this onslaught even at their peak, and they are nowhere near their peak anymore, having been deliberately eroded into a shadow of their former effectiveness so some assholes could get rich and powerful. So hopefully we'll be able to rely on solid ground like Wikipedia and... books as a starting point, and nobody gets around to burning the Library of Alexandria down in their rage against "woke stuff", because otherwise we're going to be rebuilding our information spaces pretty much from scratch in the near future, probably at the same time we're rebuilding civilized society in general. If this sounds incredibly uncertain, tedious and painful: yes, it will be, especially at first. But we will get better at it, eventually. We will develop new systems for it, we will become fluent in information again and the friction will fade.

I wish we could get to that stage right away, but unfortunately it will have to wait. We can't do anything to improve the swimming pool while we are currently drowning in it. This is the reality that rampant and unchecked use of AI technologies by soulless corporations and corrupt governments have wrought. Logic and reason never stood a chance, and we are entering the digital dark ages. The enlightenment is probably coming someday, but don't hold your breath for it.

Support your local library, that's the most helpful thing I can think of for individuals to do. Librarians know their shit.

[–] bss03 8 points 14 hours ago (1 children)

we are going to need to develop a different model of learning, using, and processing information that considers the provenance of where the information came from and how it got there

They used to teach this in schools under "critical thinking skills". Following the chain of sources to the primary sources was a task I had to to (at least in part) more than once in secondary school.

Authoritarians don't like that tho.

[–] cecilkorik@piefed.ca 1 points 2 hours ago

Absolutely, just like addiction to fast food causes obesity, our addiction to fast information has developed into a profound societal ignorance. Studying issues seriously takes time and effort, and if you think "ain't nobody got time for that" I'll tell you right now you're going to have to start to make time for it. Because if you don't, you'll end up knowing nothing, and being wrong about everything, and while that may be acceptable to anyone following all the other lemmings in the same direction (the double irony of "lemming behavior" being historical fake information itself, while posting this on lemmy is not lost on me), I'm also going to suggest to you there will be serious personal consequences from being wrong all the time, and those consequences are going to catch up with you sooner or later.

[–] njordomir@lemmy.world 2 points 13 hours ago

I agree. I've thought a lot about how valuable signing a simple message with a key can be. In an age where machines can appropriate your likeness, how do you accumulate and shed reputation, how do you prove it was you? One low tech version was taking a photo with a newspaper to prove you are a real person. Another is exchanging a public key with a person in real life so you can have reasonable certainty that communications signed with that key are legit. Since this boils down to denying what our eyes have seen, governments and businesses who are very keen on control reality are making their plays. Even identifying yourself cryptographically is only a temporary fix to maintain an existing identity. Your kids will be profiled and mimicked from day one. This whole slippery slope we've been sliding down lately seems very foreseen. It feels like these traps were engineered a very long time ago.

I think education is the absolute most important thing for a functioning post-truth society. Kids need to smell shit from 20 miles away because the world is full of traps for your mind same as it is for your wallet and your physical body. We also need to be able to verify and trust our tech stack. We need to pass down the stories of the times common people lost and the times common people won. We need to read and discuss philosophy. We'll also have to tackle American religion head on. Also excessively addictive entertainment designs. We are a deeply flawed society and I'm not sure where we should start except for taking some of our time back so people actually have the opportunity to think about these things.

[–] DireTech@sh.itjust.works 2 points 18 hours ago

Can they even code them to do that? They’ve struggled so much with the em-dash and never managed to block Disneys characters so I figure they can’t do it 100% of the time even if they want to.

[–] MangoCats@feddit.it -5 points 17 hours ago

and there would be legal consequences if caught.

Like for driving over the speed limit? Or putting glass in the regular trash instead of the recycling? Yeah, just what I need in my life, another arbitrary law that's enforced 0.0001% of the time as a flex by the people in power to target and abuse people they don't like.

[–] itisileclerk@lemmy.world 8 points 14 hours ago

The best learning method is from your own mistakes. So, Claude is still learning.

[–] rimu@piefed.social 103 points 22 hours ago* (last edited 21 hours ago) (2 children)

If you installed or updated Claude Code via npm on March 31, 2026, between 00:21 and 03:29 UTC, you may have inadvertently pulled in a malicious version of axios (1.14.1 or 0.30.4) that contains a Remote Access Trojan (RAT). You should immediately search your project lockfiles (package-lock.json, yarn.lock, or bun.lockb) for these specific versions or the dependency plain-crypto-js. If found, treat the host machine as fully compromised, rotate all secrets, and perform a clean OS reinstallation.

Lol 😂

[–] ellen.kimble@piefed.social 13 points 17 hours ago (1 children)

This is because if an unrelated hack on npm’s latest build. Anyone with this version of npm is affected

[–] criss_cross@lemmy.world 4 points 14 hours ago

That axios supply chain attack was a bitch. There were extensions compromised from that shit.

[–] DacoTaco@lemmy.world 2 points 12 hours ago

Its bad advise too, because the malware removed itself from those files to removed traces of itself

[–] NocturnalMorning@lemmy.world 15 points 19 hours ago (2 children)

By 4:23 am ET, Chaofan Shou (@Fried_rice), an intern at Solayer Labs, broadcasted the discovery on X (formerly Twitter).

Ha, by an intern

[–] djmikeale@feddit.dk 5 points 12 hours ago

Nice. One of the ways to write Chaofan in Chinese is 炒饭, which means fried rice. Amazing to be able to get that Twitter handle

[–] spez@sh.itjust.works 23 points 22 hours ago (3 children)

I mean it's not that big a deal. However, it would another thing if the model itself leaked. Now that would be something.

[–] MangoCats@feddit.it 7 points 20 hours ago

As they tell it, Claude Code is over 80% written by the models anyway...

[–] obbeel@lemmy.eco.br 3 points 17 hours ago (1 children)

Tool usage is very important. Qwen3.5 (135b) can already do wonderful things on OpenCode.

[–] cecilkorik@piefed.ca 10 points 16 hours ago* (last edited 16 hours ago) (1 children)

I dabble in local AI and this always blows my mind. How do people just casually throw 135b parameter models around? Are people like, renting datacenter hardware or GPU time or something, or are people just building personal AI servers with 6 5090s in them, or are they quantizing them down to 0.025 bits or what? what's the secret? how does this work? am I missing something? like the Q4 of Qwen3.5 122B is between 60-80GB just for the model alone. That's 3x 5090s minimum, unless I'm doing the math wrong, and then you need to fit the huge context windows these things have in there too. I don't get it.

Meanwhile I'm over here nearly burning my house down trying to get my poor consumer cards to run glm-4.7-flash.

[–] obbeel@lemmy.eco.br 4 points 16 hours ago

I pay for Ollama Cloud. As for the training of the big models, big companies do it using who-knows-what resources.

[–] lexiw@lemmy.world 7 points 22 hours ago

The harness is as important as the model

[–] pelespirit@sh.itjust.works 20 points 22 hours ago* (last edited 22 hours ago) (1 children)

Like a healthy brain. And just like a healthy brain, it'll still hallucinate and make mistakes probably:

The leaked source reveals a sophisticated, three-layer memory architecture that moves away from traditional "store-everything" retrieval.

As analyzed by developers like @himanshustwts, the architecture utilizes a "Self-Healing Memory" system.

[–] Semi_Hemi_Demigod@lemmy.world 18 points 22 hours ago (3 children)

We’re gonna make AGI and realize that being stupid sometimes and making mistakes is integral to general intelligence.

[–] Didntdoit71@feddit.online 9 points 20 hours ago (1 children)

Actually, the people in the know...already knew this. We've known for years. Mistakes are required for learning.

[–] maplesaga@lemmy.world 2 points 14 hours ago* (last edited 14 hours ago)

A mistake is maybe just allowing room for evolution to take place?

[–] MangoCats@feddit.it 6 points 20 hours ago

being stupid sometimes and making mistakes is integral to general intelligence.

Smart people figured this out a long time ago.

https://www.amazon.com/s?k=nassim+taleb+antifragile&adgrpid=187118826460

https://www.goodreads.com/en/book/show/18378002-intuition-pumps-and-other-tools-for-thinking

[–] a4ng3l@lemmy.world 0 points 14 hours ago

That’s what makes us humans at least…

[–] RIotingPacifist@lemmy.world 3 points 15 hours ago

This is just the UI right? Or the models too?