The airwaves are abuzz today about an Anthropic source code leak that, according to countless articles on the matter, represents an sizable loss of proprietary intellectual property and is a terrible embarrassment to the organization. Let's take a closer look at exactly what happened.
According to Anthropic, on March 31, 2026:
Earlier today, a Claude Code release included some internal source code. No sensitive customer data or credentials were involved or exposed. This was a release packaging issue caused by human error, not a security breach. We're rolling out measures to prevent this from happening again.
The leak was in the form of a source map file. Source map files are sometimes included in application distributions, sometimes they are purposely omitted. Anthropic was in the practice of omitting the source map file from Claude Code CLI distributions. In version 2.1.88, they accidentally left it in.
To understand what that means (and what it doesn't), we need to understand how an application like Claude Code CLI is packaged for distribution.
Claude Code is a TypeScript App
TypeScript is a dialect of JavaScript that includes static typing. Since static typing has some advantages over the dynamic typing available in JavaScript, TypeScript is popular among developers writing larger applications. TypeScript is typically not executed directly, instead, it is "transpiled" into JavaScript, then executed by a script interpreter like Node.js or Bun. In the case of Claude Code CLI, Anthropic uses Bun.
Claude Code is Minified Before Distribution
Minification refactors and rearranges JavaScript so the program is as small as possible while still being executable by a script interpreter. This reduces download time and disk space required, but does make the code somewhat more difficult for people to understand. All the things we use to make code easier to read, like whitespace and descriptive variable names, are replaced or removed.
How Minified Code is Debugged: A Source Map
If we are debugging a minified javascript application, the fact that the code is rather difficult to read can be a problem. This is where a source map comes in handy. The source map simply maps points in the minified code back to the un-minified files, so when we're using a debugger, it can show us the more human-readable version of the running code. Sometimes, source maps just contain URLs or file paths back to the original code files. Other times, they embed copies of those files right in the map. The source map in the Claude Code CLI 2.1.88 distribution contained the contents of the original Typescript files that were transpiled, merged, and minified to package the application.
Claude Code is Distributed on NPM
Claude Code is distributed on npmjs.com: https://www.npmjs.com/package/@anthropic-ai/claude-code. If we take a look at the version history, version 2.1.88 is conspicuously missing, which stands to reason.
Let's grab the last version before the leak, 2.1.87.
There's the application, "cli.js". We can see "bun.lock", which tells us Bun was used to package this application, and the file "sdk-tools.d.ts" tells us this is a TypeScript application. So no secrets there, these facts are apparent in releases that were pushed before the leak occurred.
The Code is Right There!
JavaScript is a scripting language like Python and Bash script, not a compiled language like C++, Go, or Rust. So, if you have a program that is written in JavaScript (or TypeScript), you have the code right at your fingertips. Just open the application file.
Now, this is minified JavaScript, not the TypeScript that the developers (human or AI) work with directly. It's pretty cryptic. It's also copyrighted by Anthropic, but since this is just a tiny snippet of the code, it's openly available to anyone who wants to see it, and I'm trying to debunk some of the claims being made against them, I'm hoping showing it here is not a problem. Anyway, let's try unminifying it.
Better, but not great. If only we had some sort of electronic superbrain to help us with this.
Up and running! "What model are you?" is my go-to prompt to verify everything's connected and running properly. Let's see what it can do with its own code.
Oh man, just that one prompt cost me 1/4th of a Big Mac! There's a lot of code there, and to analyze it all would cost me a lot of tokens. But I think you can see where this is going. For enough Big Macs, I could extract everything this application is doing. I could have Claude Code CLI de-obfuscate the JavaScript and make it just as readable as the original TypeScript. I could even have Claude Code rewrite it in another language like Python, or back to TypeScript. And I could do all of this before anything was leaked.
Would that take a lot of time? It would if I did it myself, but in this age, who would do such a thing? I could instead construct an agent to work through all of this for me. If I define the agent right, I could kick it off before bed, and have the finished product ready for me the next morning. I'm already writing and using agents like this every day now. I'm not going to do it for this effort, because it would be somewhat expensive for me as an individual, though it wouldn't be outrageously expensive. It might also violate Anthropic's Terms of Service, and I don't really want to do that.
(On a side note, some package repositories like Homebrew combine the minified JavaScript version of Claude Code CLI with the Bun interpreter, resulting in a single executable with the clear-text minified code embedded inside it. This is for convenience, since you don't need the interpreter installed separately to run the application. Nonetheless, all the minified Javascript can be easily extracted from that executable, or any JavaScript or TypeScript application distributed in this manner.)
The Claude Code Leak is a Huge Nothingburger
I hope I've made a pretty solid case to support that statement. The TypeScript leak does not reveal anything that couldn't already be determined from the application itself before the leak. Nothing of any serious value was lost in this event. The only thing the leak provided was a version of the code that is somewhat easier for humans to read. And given the tools that Anthropic themselves provide, the cryptic version of that code could be pretty easily decrypted.
To further drive this point home, let's look at some of the claims being made about this leak. According to Scientific American(!)
Among the surprises was code inside Claude Code, Anthropic’s AI coding assistant, that appears to scan user prompts for signs of frustration. It flags profanity, insults and phrases such as “so frustrating” and “this sucks,” and it appears to log that the user expressed negativity.
Let's go back to the last version of the application released before the leak.
LOL! What a great regexp (uncensored version). It's not often one has the opportunity to prove Scientific American wrong, but there were no surprises in the 2.1.88 leak, it was right there for anyone to see in 2.1.87. How about Ars Technica?
... observers digging through over 512,000 lines of code across more than 2,000 files have also discovered references to disabled, hidden, or inactive features that provide a peek into the potential roadmap for future features... among these features is Kairos, a persistent daemon that can operate in the background even when the Claude Code terminal window is closed.
It was already out there before the leak. It's just nobody bothered to look.
So why did Anthropic issue takedowns to people hosting the Typescript code? Well, the code is copyrighted, so they're perhaps justified in asking people not to distribute it. I don't think they were doing it in an attempt to protect their intellectual property though, aside from the fact that the leak made it a bit easier for people to pick apart how the application works. In my personal opinion, they should have released an article that explains the situation just as this one does, with a note along the lines of "hey guys, all that stuff's been out there for a while, so if you want to pick it apart, go for it!"
And to all the journalists out there blowing this up, please do better.