Back to home

Tag

npm

npm is the default distribution layer for JavaScript packages, and often the first place supply-chain mistakes show up. This tag tracks release errors, sourcemap leaks, dependency contamination, and packaging details that can expose internal code or debug assets.

4 articles

Claude Code源码泄露后,读完我发现了什么
Tools & Apps/Apr 4

Claude Code源码泄露后,读完我发现了什么

Claude Code源码因残留.map暴露。读完后,我看到了它的产品节奏、工程取舍,以及Anthropic的发布方式。

Claude Code Source Map Leak: What Happened
Tools & Apps/Apr 2

Claude Code Source Map Leak: What Happened

Anthropic shipped a 59.8 MB source map in Claude Code 2.1.88 on npm, exposing internal code details to anyone who pulled it.

Claude Code源码泄漏:npm里藏了什么
Tools & Apps/Apr 2

Claude Code源码泄漏:npm里藏了什么

Claude Code源码被塞进npm sourcemap后曝光。一次发布失误,让Anthropic的AI编程CLI细节直接摊开。

Claude Code Leak Exposes 512K Lines on npm
Tools & Apps/Apr 2

Claude Code Leak Exposes 512K Lines on npm

Anthropic confirmed a packaging error exposed Claude Code source on npm, revealing 512,000+ lines and new supply-chain risks.