[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"article-claude-code-source-leak-npm-sourcemap-zh":3,"tags-claude-code-source-leak-npm-sourcemap-zh":33,"related-lang-claude-code-source-leak-npm-sourcemap-zh":45,"related-posts-claude-code-source-leak-npm-sourcemap-zh":49,"series-tools-7087ed57-4d0b-4de6-a203-6c50166c5e2c":86},{"id":4,"title":5,"content":6,"summary":7,"source":8,"source_url":9,"author":10,"image_url":11,"keywords":12,"language":21,"translated_content":10,"views":22,"is_premium":23,"created_at":24,"updated_at":24,"cover_image":11,"published_at":25,"rewrite_status":26,"rewrite_error":10,"rewritten_from_id":27,"slug":28,"category":29,"related_article_id":30,"status":31,"google_indexed_at":32,"x_posted_at":10,"tweet_text":10,"title_rewritten_at":10,"title_original":10,"key_takeaways":10,"topic_cluster_id":10,"embedding":10,"is_canonical_seed":23},"7087ed57-4d0b-4de6-a203-6c50166c5e2c","Claude Code 源碼外洩：npm 裡藏了什麼","\u003Cp>2026 年 3 月 31 日，研究員 \u003Ca href=\"https:\u002F\u002Fx.com\u002Fchaofanshuo\" target=\"_blank\" rel=\"noopener\">Chaofan Shou\u003C\u002Fa> 在 X 發文說，他在 npm 裡翻到 \u003Ca href=\"https:\u002F\u002Fwww.npmjs.com\u002Fpackage\u002F@anthropic-ai\u002Fclaude-code\" target=\"_blank\" rel=\"noopener\">Claude Code\u003C\u002Fa> 的完整源碼。不是片段，也不是符號表。是 sourcemap 直接把原始碼帶出來。\u003C\u002Fp>\u003Cp>說真的，這種失誤很尷尬。因為 \u003Ca href=\"https:\u002F\u002Fwww.anthropic.com\u002F\" target=\"_blank\" rel=\"noopener\">Anthropic\u003C\u002Fa> 做的是 \u003Ca href=\"https:\u002F\u002Fdocs.anthropic.com\u002Fen\u002Fdocs\u002Fclaude-code\" target=\"_blank\" rel=\"noopener\">AI 編程 CLI\u003C\u002Fa>。這種產品最值錢的，往往就是命令流程、整合方式，還有和模型互動的細節。\u003C\u002Fp>\u003Cp>如果你平常有碰 npm 的 sourcemap，你大概知道它不是什麼神秘東西。它本來是給除錯用的。問題是，很多團隊只把它當前端工具。結果一不小心，公開包就把核心邏輯一起送出去。\u003C\u002Fp>\u003Ch2>這次到底外洩了什麼\u003C\u002Fh2>\u003Cp>這次的重點，不是有人硬闖系統。是公開發佈的套件，把不該公開的內容放進去了。也就是說，任何人只要下載公開包，就可能把原始碼還原出來。\u003C\u002Fp>\n\u003Cfigure class=\"my-6\">\u003Cimg src=\"https:\u002F\u002Fxxdpdyhzhpamafnrdkyq.supabase.co\u002Fstorage\u002Fv1\u002Fobject\u002Fpublic\u002Fcovers\u002Finline-1775113346338-k2m5.png\" alt=\"Claude Code 源碼外洩：npm 裡藏了什麼\" class=\"rounded-xl w-full\" loading=\"lazy\" \u002F>\u003C\u002Ffigure>\n\u003Cp>這種狀況最麻煩的地方，在於它很安靜。沒有警報聲。沒有登入失敗紀錄。沒有明顯攻擊痕跡。只有一個看似普通的 npm 套件，裡面藏著完整實作。\u003C\u002Fp>\u003Cp>對 AI 編程工具來說，這很敏感。因為它通常不只是本地 CLI。它還會碰 API、Token、檔案系統、遙測、快取，甚至遠端執行流程。任何一層寫得太隨便，都可能被看穿。\u003C\u002Fp>\u003Cul>\u003Cli>公開時間：2026-03-31\u003C\u002Fli>\u003Cli>曝光者：Chaofan Shou\u003C\u002Fli>\u003Cli>外洩位置：npm 公開套件\u003C\u002Fli>\u003Cli>外洩載體：sourcemap\u003C\u002Fli>\u003Cli>涉及產品：Claude Code\u003C\u002Fli>\u003C\u002Ful>\u003Ch2>為什麼 sourcemap 會出事\u003C\u002Fh2>\u003Cp>Sourcemap 的本意很單純。它讓壓縮後的程式碼，能對回原始碼。這樣工程師在出 bug 時，才知道問題到底在哪一行。\u003C\u002Fp>\u003Cp>但問題也在這裡。只要發佈流程沒管好，sourcemap 就會變成公開入口。它不只會暴露函式名稱，還可能把目錄結構、註解、流程分支，一起吐出來。\u003C\u002Fp>\u003Cp>這次會被放大討論，跟產品性質也有關。\u003Ca href=\"\u002Fnews\u002Fclaude-code-harness-engineering-design-zh\">Clau\u003C\u002Fa>de Code 是給開發者用的。使用者本來就對技術細節很敏感。大家自然會問：連包內容都沒檢查好，發布流程到底有多鬆？\u003C\u002Fp>\u003Cblockquote>“Security is a process, not a product.” — Bruce Schneier\u003C\u002Fblockquote>\u003Cp>Bruce Schneier 這句話很適合拿來套這次事件。外洩通常不是單點錯誤。它常常是打包、審查、簽發、回滾，整條鏈都沒卡住。\u003C\u002Fp>\u003Cp>還有一個現實問題。npm 套件會被快取、鏡像、轉發。你就算把上游刪掉，也不代表副本會立刻消失。這也是公開發佈失誤最難收拾的地方。\u003C\u002Fp>\u003Ch2>跟其他外洩案比，差在哪\u003C\u002Fh2>\u003Cp>很多軟體外洩，發生在內部倉庫，或是測試環境。這次比較麻煩。因為它出現在公開分發渠道。任何人都能抓。\u003C\u002Fp>\n\u003Cfigure class=\"my-6\">\u003Cimg src=\"https:\u002F\u002Fxxdpdyhzhpamafnrdkyq.supabase.co\u002Fstorage\u002Fv1\u002Fobject\u002Fpublic\u002Fcovers\u002Finline-1775113365192-v877.png\" alt=\"Claude Code 源碼外洩：npm 裡藏了什麼\" class=\"rounded-xl w-full\" loading=\"lazy\" \u002F>\u003C\u002Ffigure>\n\u003Cp>公開套件一旦出包，擴散速度很快。下載者會把它拉進自己的 cache。鏡像站會再複製一次。CI 也可能順手把它當依賴抓下來。這種傳播方式，很難靠單次撤包解決。\u003C\u002Fp>\u003Cp>你可以把幾種場景放一起看：\u003C\u002Fp>\u003Cul>\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.npmjs.com\u002F\" target=\"_blank\" rel=\"noopener\">npm\u003C\u002Fa> 公開套件外洩：擴散最快，回收最慢\u003C\u002Fli>\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002F\" target=\"_blank\" rel=\"noopener\">GitHub\u003C\u002Fa> 私有倉庫誤公開：可追查，但可能已被抓走\u003C\u002Fli>\u003Cli>內部日誌外洩：影響面可能較小，但清理成本高\u003C\u002Fli>\u003Cli>CI\u002FCD 產物外洩：常跟自動發佈綁在一起，容易重複發生\u003C\u002Fli>\u003C\u002Ful>\u003Cp>講白了，真正該怕的不是「程式碼被看到」。而是「為什麼它會被看到」。如果一個 CLI 的 sourcemap 就能還原核心流程，代表發布門禁有洞。\u003C\u002Fp>\u003Cp>這也會讓人開始懷疑，團隊到底有沒有做包內容審查。是只看版本號？還是連最終制品都逐檔確認？差很多。\u003C\u002Fp>\u003Ch2>對 Anthropic 和開發者的意思\u003C\u002Fh2>\u003Cp>對 \u003Ca href=\"https:\u002F\u002Fwww.anthropic.com\u002F\" target=\"_blank\" rel=\"noopener\">Anthropic\u003C\u002Fa> 來說，直接損失不是名聲，而是信任。因為賣 AI 編程工具的公司，最怕工程控管被質疑。\u003C\u002Fp>\u003Cp>開發者也會跟著想。今天是 \u003Ca href=\"\u002Fnews\u002F8-hidden-claude-code-features-leaked-source-zh\">Clau\u003C\u002Fa>de Code。明天可能是別家的 CLI、插件、代理層，或本地編排工具。只要走公開套件分發，就有機會踩到同樣的坑。\u003C\u002Fp>\u003Cp>所以這件事的教訓很實際。發佈前要檢查 sourcemap。要清掉不必要的映射。要把敏感邏輯從公開制品裡拆出去。這些都不是新招，但很多團隊就是會漏。\u003C\u002Fp>\u003Cul>\u003Cli>檢查 npm 套件內容，確認沒有多餘檔案\u003C\u002Fli>\u003Cli>限制 production 環境的 sourcemap 發佈\u003C\u002Fli>\u003Cli>把來源碼和發佈制品分開審查\u003C\u002Fli>\u003Cli>重查 CLI 的鑑權、遙測、遠端呼叫路徑\u003C\u002Fli>\u003C\u002Ful>\u003Cp>如果你在管 Node.js、Rust、前端，或發佈流水線，這次很適合做一次自查。尤其是會自動產生 map 檔、bundle 檔、debug artifact 的專案，最容易在最後一步出包。\u003C\u002Fp>\u003Cp>我也建議順手看一下官方文件。像 \u003Ca href=\"https:\u002F\u002Fdocs.npmjs.com\u002F\" target=\"_blank\" rel=\"noopener\">npm 官方文件\u003C\u002Fa>、\u003Ca href=\"https:\u002F\u002Fdocs.anthropic.com\u002F\" target=\"_blank\" rel=\"noopener\">Anthropic 文件\u003C\u002Fa>，還有你們自己的 release checklist。很多事故，不是技術不夠，是流程少一步。\u003C\u002Fp>\u003Ch2>這件事放回產業脈絡看\u003C\u002Fh2>\u003Cp>現在 AI 工具很多都走 CLI、SDK、Agent、插件這條路。原因很簡單。開發者要的是可嵌入、可自動化、可串接。這種產品一旦進入工作流，發布品質就會直接影響信任。\u003C\u002Fp>\u003Cp>而且 AI 工具跟一般 app 不一樣。它常常會處理 Token、上下文、檔案、repo、shell 指令。只要一個環節有資訊外洩，後果通常比一般工具更麻煩。\u003C\u002Fp>\u003Cp>從產業面看，這次也提醒大家一件事。很多公司很會講模型能力，卻不一定把供應鏈安全做好。模型再強，發佈流程爛掉，照樣會翻車。\u003C\u002Fp>\u003Cp>再看競品，像 \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fanthropics\u002Fclaude-code\" target=\"_blank\" rel=\"noopener\">Claude Code\u003C\u002Fa> 這類 CLI，和其他 AI coding 工具相比，大家比的不只是功能。還有包裝、更新、簽章、審查，這些都會影響信任感。你要是連 sourcemap 都管不好，使用者很難放心把 repo 交給你。\u003C\u002Fp>\u003Ch2>最後看什麼\u003C\u002Fh2>\u003Cp>這種事故最能看出一家公司的工程成熟度。真正重要的，不是發一篇「我們在調查」的聲明。是能不能快速講清楚影響範圍，撤下有問題版本，輪換可能暴露的密鑰，再把流程補起來。\u003C\u002Fp>\u003Cp>我會盯兩件事。第一，Anthropic 會不會公開說明受影響版本。第二，他們會不會更新 npm 發佈流程，讓 sourcemap 和公開制品分開管。這兩件事都很具體，也最能看出態度。\u003C\u002Fp>\u003Cp>我的判斷很直接。這不會讓 \u003Ca href=\"\u002Fnews\u002Fclaude-code-architecture-governance-practice-zh\">Clau\u003C\u002Fa>de Code 直接失去市場。可是它會讓更多團隊開始檢查自己的 release pipeline。接下來最實際的問題是：你們家的 package，真的有把不該公開的東西擋住嗎？\u003C\u002Fp>","Claude Code 的 npm sourcemap 疑似把完整源碼帶出來。這次不是入侵，而是發布流程出包，直接把 AI 編程 CLI 的細節攤開。","www.zhihu.com","https:\u002F\u002Fwww.zhihu.com\u002Fquestion\u002F2022392127145911515",null,"https:\u002F\u002Fxxdpdyhzhpamafnrdkyq.supabase.co\u002Fstorage\u002Fv1\u002Fobject\u002Fpublic\u002Fcovers\u002Finline-1775113346338-k2m5.png",[13,14,15,16,17,18,19,20],"Claude Code","Anthropic","npm","sourcemap","AI 編程工具","源碼外洩","發布流程","供應鏈安全","zh",0,false,"2026-04-02T05:24:31.450829+00:00","2026-04-02T05:24:31.292+00:00","done","ed695a5e-821c-41ca-8fbe-2292e95a65a0","claude-code-source-leak-npm-sourcemap-zh","tools","98aad9b3-ff86-4d55-b3c9-95fc24534307","published","2026-04-09T09:00:51.741+00:00",[34,35,36,38,39,41,43,44],{"name":18,"slug":18},{"name":15,"slug":15},{"name":17,"slug":37},"ai-編程工具",{"name":20,"slug":20},{"name":13,"slug":40},"claude-code",{"name":14,"slug":42},"anthropic",{"name":16,"slug":16},{"name":19,"slug":19},{"id":30,"slug":46,"title":47,"language":48},"claude-code-source-leak-npm-sourcemap-en","Claude Code源码泄漏：npm里藏了什么","en",[50,56,62,68,74,80],{"id":51,"slug":52,"title":53,"cover_image":54,"image_url":54,"created_at":55,"category":29},"d058a76f-6548-4135-8970-f3a97f255446","why-gemini-api-pricing-is-cheaper-than-it-looks-zh","為什麼 Gemini API 定價其實比看起來更便宜","https:\u002F\u002Fxxdpdyhzhpamafnrdkyq.supabase.co\u002Fstorage\u002Fv1\u002Fobject\u002Fpublic\u002Fcovers\u002Finline-1778869845081-j4m7.png","2026-05-15T18:30:25.797639+00:00",{"id":57,"slug":58,"title":59,"cover_image":60,"image_url":60,"created_at":61,"category":29},"68e4be16-dc38-4524-a6ea-5ebe22a6c4fb","why-vidhub-huiyuan-hutong-bushi-quan-shebei-tongyong-zh","為什麼 VidHub 會員互通不是「買一次全設備通用」","https:\u002F\u002Fxxdpdyhzhpamafnrdkyq.supabase.co\u002Fstorage\u002Fv1\u002Fobject\u002Fpublic\u002Fcovers\u002Finline-1778789450987-advz.png","2026-05-14T20:10:24.048988+00:00",{"id":63,"slug":64,"title":65,"cover_image":66,"image_url":66,"created_at":67,"category":29},"7a1e174f-746b-4e82-a0e3-b2475ab39747","why-buns-zig-to-rust-experiment-is-right-zh","為什麼 Bun 的 Zig-to-Rust 實驗是對的","https:\u002F\u002Fxxdpdyhzhpamafnrdkyq.supabase.co\u002Fstorage\u002Fv1\u002Fobject\u002Fpublic\u002Fcovers\u002Finline-1778767879127-5dna.png","2026-05-14T14:10:26.886397+00:00",{"id":69,"slug":70,"title":71,"cover_image":72,"image_url":72,"created_at":73,"category":29},"e742fc73-5a65-4db3-ad17-88c99262ceb7","why-openai-api-pricing-is-product-strategy-zh","為什麼 OpenAI API 定價是產品策略，不是註腳","https:\u002F\u002Fxxdpdyhzhpamafnrdkyq.supabase.co\u002Fstorage\u002Fv1\u002Fobject\u002Fpublic\u002Fcovers\u002Finline-1778749859485-chvz.png","2026-05-14T09:10:26.003818+00:00",{"id":75,"slug":76,"title":77,"cover_image":78,"image_url":78,"created_at":79,"category":29},"c757c5d8-eda9-45dc-9020-4b002f4d6237","why-claude-code-prompt-design-beats-ide-copilots-zh","為什麼 Claude Code 的提示設計贏過 IDE Copilot","https:\u002F\u002Fxxdpdyhzhpamafnrdkyq.supabase.co\u002Fstorage\u002Fv1\u002Fobject\u002Fpublic\u002Fcovers\u002Finline-1778742645084-dao9.png","2026-05-14T07:10:29.371901+00:00",{"id":81,"slug":82,"title":83,"cover_image":84,"image_url":84,"created_at":85,"category":29},"4adef3ab-9f07-4970-91cf-77b8b581b348","why-databricks-model-serving-is-right-default-zh","為什麼 Databricks Model Serving 是生產推論的正確預設","https:\u002F\u002Fxxdpdyhzhpamafnrdkyq.supabase.co\u002Fstorage\u002Fv1\u002Fobject\u002Fpublic\u002Fcovers\u002Finline-1778692245329-a2wt.png","2026-05-13T17:10:30.659153+00:00",[87,92,97,102,107,112,117,122,127,132],{"id":88,"slug":89,"title":90,"created_at":91},"de769291-4574-4c46-a76d-772bd99e6ec9","googles-biggest-gemini-launches-in-2026-zh","Google 2026 最大 Gemini 盤點","2026-03-26T07:26:39.21072+00:00",{"id":93,"slug":94,"title":95,"created_at":96},"855cd52f-6fab-46cc-a7c1-42195e8a0de4","surepath-real-time-mcp-policy-controls-zh","SurePath 推出即時 MCP 政策控管","2026-03-26T07:57:40.77233+00:00",{"id":98,"slug":99,"title":100,"created_at":101},"9b19ab54-edef-4dbd-9ce4-a51e4bae4ebb","mcp-in-2026-the-ai-tool-layer-teams-use-zh","2026 年 MCP：團隊真的在用的 AI 工具層","2026-03-26T08:01:46.589694+00:00",{"id":103,"slug":104,"title":105,"created_at":106},"af9c46c3-7a28-410b-9f04-32b3de30a68c","prompting-in-2026-what-actually-works-zh","2026 提示工程，真正有用的是什麼","2026-03-26T08:08:12.453028+00:00",{"id":108,"slug":109,"title":110,"created_at":111},"05553086-6ed0-4758-81fd-6cab24b575e0","garry-tan-open-sources-claude-code-toolkit-zh","Garry Tan 開源 Claude Code 工具包","2026-03-26T08:26:20.068737+00:00",{"id":113,"slug":114,"title":115,"created_at":116},"042a73a2-18a2-433d-9e8f-9802b9559aac","github-ai-projects-to-watch-in-2026-zh","2026 必看 20 個 GitHub AI 專案","2026-03-26T08:28:09.619964+00:00",{"id":118,"slug":119,"title":120,"created_at":121},"a5f94120-ac0d-4483-9a8b-63590071ac6a","claude-code-vs-cursor-2026-zh","Claude Code 與 Cursor 深度對比：202…","2026-03-26T13:27:14.279193+00:00",{"id":123,"slug":124,"title":125,"created_at":126},"0975afa1-e0c7-4130-a20d-d890eaed995e","practical-github-guide-learning-ml-2026-zh","2026 機器學習入門 GitHub 實用指南","2026-03-27T01:16:49.712576+00:00",{"id":128,"slug":129,"title":130,"created_at":131},"bfdb467a-290f-4a80-b3a9-6f081afb6dff","aiml-2026-student-ai-ml-lab-repo-review-zh","AIML-2026：像課綱的學生實驗 Repo","2026-03-27T01:21:51.467798+00:00",{"id":133,"slug":134,"title":135,"created_at":136},"80cabc3e-09fc-4ff5-8f07-b8d68f5ae545","ai-trending-github-repos-and-research-feeds-zh","AI Trending：把 AI 資源收成一張表","2026-03-27T01:31:35.262183+00:00"]