Claude Code source code reportedly leaked via NPM map file

According to a tweet from @Fried_rice, the source code for Claude Code appears to have been leaked via a map file in their NPM registry. The tweet links to a Hacker News discussion with 93 points and 35 comments, indicating significant developer interest in this security incident.

The original tweet URL is provided, but the fetched page content shows JavaScript is disabled or blocked, preventing access to the specific details of the leak. When JavaScript is disabled on X.com, the platform displays a message requesting users to enable JavaScript or switch to a supported browser.

This type of incident typically involves source map files that are accidentally included in production builds. Source maps are debugging tools that map minified/compiled code back to the original source code, and when published to public registries like NPM, they can expose proprietary code that developers intended to keep private.

For developers using AI coding agents, this incident highlights the importance of proper build configuration and deployment practices. Source maps should be excluded from production packages or published to private registries when they contain sensitive code.

The Hacker News discussion likely contains technical analysis of the specific files exposed, the extent of the leak, and potential security implications for Claude Code users. Developers interested in the technical details should check the HN thread for community analysis and discussion.