The "safe" AI company leaked its code
Episode Description
Anthropic leaked Claude Code's entire source code, Railway exposed authenticated sessions, and Cloudflare announced a WordPress successor on April Fools.
Show Notes
Anthropic accidentally leaked the entire Claude Code source code through an NPM packaging error. Plus Railway's new CDN leaked authenticated user sessions, Google launched a Gemini switching tool and Gemma 3 under Apache 2.0, Cloudflare announced a TypeScript CMS they're calling a WordPress successor (on April 1st), and Payload shipped an LLM evaluation suite.
Transcript
What's up, everyone? Welcome to Next in Dev, a weekly overview of all the news I could find in the modern web dev industry. This week, Anthropic accidentally published the entire source code for Claude Code, Railway's brand new CDN leaked authenticated user sessions, Google wants you to dump your AI chatbot for Gemini, and Cloudflare announced a WordPress successor that half the internet thought was an April Fools' joke. Let's dive in.
The biggest story this week is an embarrassing one. Anthropic accidentally leaked Claude Code's source code through an npm packaging error. A recent release contained a source map file pointing to a zip archive on Anthropic's own cloud storage. There were nearly 2,000 TypeScript files, over 500,000 lines of code.
A security researcher flagged it on X and within hours the codebase was mirrored across GitHub with 84,000 stars before Anthropic could issue takedowns.
What's actually in the code is fascinating. There's a three-layer memory architecture where the agent treats its own memory as hints rather than facts and verifies everything against the actual codebase. There's an unreleased autonomous mode that lets Claude Code work in the background while you're away. And there's further evidence of an upcoming model codenamed Capybara.
This comes days after Fortune reported that Anthropic had already left 3,000 internal files publicly accessible. Two leaks in one week from the company whose entire brand is built on being more careful than everyone else isn't great. The features are impressive engineering, but the this is a 19 billion dollar ARR company, and it just gave every competitor a free look into how the sausage is made. Source map leaks are an easy mistake, but Anthropic chose to position itself as the safe one, and they need to earn it operationally, not just philosophically.
Speaking of things leaking: Railway launched CDN support on March 27. Three days later, a configuration update accidentally enabled caching on domains that had CDN turned off. For about an hour, Railway cached and served HTTP GET responses, including authenticated ones, across affected domains. Railway's incident report says roughly 0.05% of domains were affected, but users on the support forums reported being logged in as other users entirely. One user had evidence of customer data being exposed and hadn't received any notification almost 48 hours later. Railway acknowledged they didn't even have CDN logs initially. If you're running anything with authenticated users on Railway, audit your cache headers today.