For me one of the most interesting aspects is how compaction works. It turns out compaction still preserves the full original pre-compaction conversation in the session jsonl file, and those are marked as "not to be sent to the API". Which means, even after compaction, if you think something was lost, you can tell CC to "look in the session log files to find details about what we did with XYZ". I knew this before the leak since it can be seen from the session logs. Some more details:
The full conversation is preserved in the JSONL file, and messages
are filtered before being sent to the API.
Key mechanisms:
1. JSONL is append-only — old pre-compaction messages are never deleted. New messages (boundary
marker, summary, attachments) are appended after compaction.
2. Messages have flags controlling API visibility:
- isCompactSummary: true — marks the AI-generated summary message
- isVisibleInTranscriptOnly: true — prevents a message from being sent to the API
- isMeta — another filter for non-API messages
- getMessagesAfterCompactBoundary() returns only post-compaction messages for API calls
3. After compaction, the API sees only:
- The compact boundary marker
- The summary message
- Attachments (file refs, plan, skills)
- Any new messages after compaction
4. Three compaction types exist:
- Full compaction — API summarizes all old messages
- Session memory compaction — uses extracted session memory as summary (cheaper)
- Microcompaction — clears old tool result content when cache is cold (>1h idle)
mzajc 22 hours ago [-]
There are now several comments that (incorrectly?) interpret the undercover mode as only hiding internal information. Excerpts from the actual prompt[0]:
NEVER include in commit messages or PR descriptions:
- The phrase "Claude Code" or any mention that you are an AI
- Co-Authored-By lines or any other attribution
BAD (never write these):
- 1-shotted by claude-opus-4-6
- Generated with Claude Code
- Co-Authored-By: Claude Opus 4.6 <…>
This very much sounds like it does what it says on the tin, i.e. stays undercover and pretends to be a human. It's especially worrying that the prompt is explicitly written for contributions to public repositories.
No problem at all in the EU, as the user would either would need to review and redact the output or would need to put a transparency note up by law [0]. I am sure that Anthropic with their high ethical standards will educate their users ...
> which is published with the purpose of informing the public on matters of public interest
From your link, that's the only case where text needs to be attributed to AI.
riedel 46 minutes ago [-]
Good question. Actually, i was assuming that at least source code is treated as text under the legal regime (there is typically special rules in copyright law, but provision applying to text should apply). Furthermore I would think pull requests, etc are all text. So I would think this applies.
Orygin 5 hours ago [-]
Code may not be, but opening a Merge Request undercover may be unlawful:
> Providers shall ensure that AI systems intended to interact directly with natural persons are designed and developed in such a way that the natural persons concerned are informed that they are interacting with an AI system
mynameisvlad 55 minutes ago [-]
Then in that case you wouldn't be a provider. You are at best a deployer, and even then the definition doesn't exactly match using AI services.
That should be obvious considering an MR is not providing AI services.
jonnybgood 4 hours ago [-]
That merge request would be AI generated content. You wouldn't be interacting directly with the AI system that opened it.
Orygin 4 hours ago [-]
Depends if it's a closed loop agent. If the agent opens the request, writes the body and is triggered by an answer on the MR, then I'd expect the law to cover this.
mynameisvlad 53 minutes ago [-]
What AI service are you providing with said MR?
cfbradford 11 hours ago [-]
Does this apply to their internal use as well? They can really only claim DMCA status on the leaked code if it was authored by humans. Claude attribution in their internal git history would make a strong case that they do not in fact own the copyright to Claude Code itself and are therefore abusing the DMCA system to protect leaked trade secrets rather than protect copyright.
zgeor 5 hours ago [-]
Genuine question: why can they only claim DMCA if the code is written by humans? Does DMCA specify the method of production?
rainsil 5 hours ago [-]
According to the US Copyright Office, fully AI-generated works aren’t eligible for copyright because they don’t have human authors. They’re in the public domain by default.
What constitutes "fully AI-generated" when you're in an edit loop between an agent and a human?
justinclift 4 hours ago [-]
It seems like it's an active area of legal thought (IANAL though).
Recent relevant discussion about this in the chardet repo between the chardet maintainer who relicensed the chardet code and Richard Fontana, a well regarded lawyer US IP lawyer who's worked for Red Hat (now IBM) for decades:
My take away from the conversation there is that being in an edit loop, where the files are AI generated through your control rather than directly editing the files yourself, means the files are then "AI authored" for copyright protection purposes rather than yourself.
But I double stress, I'm not a lawyer so may have misunderstood things radically.
Eisenstein 2 hours ago [-]
I think that may not be answerable until a case concerning it has been heard and ruled on. A lawyer may have a better answer for you, but if I had to bet then I'd put $100 on it being something like 'it depends'.
VectorVault 2 hours ago [-]
It's interesting how AI can be its own worst enemy in this legal system. The very thing it's excellent at is not protected. In practice, there seems to be a strong opportunity to disintermediate brands by acting as a layer of abstraction above the seller and manufacturer. An AI instruction likely cares less about brand or sharing customer information with the seller; it's just more friction and tokens spent.
otterley 22 hours ago [-]
I would have expected people (maybe a small minority, but that includes myself) to have already instructed Claude to do this. It’s a trivial instruction to add to your CLAUDE.md file.
arcanemachiner 21 hours ago [-]
It's a config setting (probably the same end result though):
It doesn't work so well in my experience. I am currently wrapping (or asking the LLM to wrap) the commit message prompt in a script call.
1. the LLM is instructed on how to write a commit message and never include co-authorship
2. the LLM is asked to produce a commit message
3. the LLM output is parsed by a script which removes co-authorship if the LLM chooses to include it nevertheless
schappim 20 hours ago [-]
I guess our system prompt didn't work. If folks are having to add it manually into their own Claude.md files...
schappim 13 hours ago [-]
Typo from speech to text, corrected: “I guess Anthropic’s system prompt didn't work. If folks are having to add it manually into their own Claude.md files...”
otterley 19 hours ago [-]
My mistake - it was the configuration setting that did it. Nevertheless, you can control many other aspects of its behavior by tuning the CLAUDE.md prompt.
dboreham 19 hours ago [-]
I always assumed that if I tried to tell it, that it'd say "I'm sorry, Dave. I'm afraid I can't do that"
lawrjone 8 hours ago [-]
We use CC to power some of our code features and override this setting so we can provide our own attribution. So there are several legit reasons to permit this.
petcat 22 hours ago [-]
It's less about pretending to be a human and more about not inviting scrutiny and ridicule toward Claude if the code quality is bad. They want the real human to appear to be responsible for accepting Claud's poor output.
Stromgren 20 hours ago [-]
That’s how I’d want it to be honestly. LLMs are tools and I’d hope we’re going to keep the people using them responsible. Just like any other tools we use.
vrosas 17 hours ago [-]
It’s also pretty damn obvious when LLMs write code. Nobody out here commenting every method in perfect punctuation and grammar.
spoiler 7 hours ago [-]
I have been doing this for years, especially for libraries (internal or otherwise), anything that's `pub`/`export`, or gnarly logic that makes the intent not obvious. Not _everything_ is documented, but most things are.
I'm doing it because I know how much I appreciate well-written documentation. Also this is a bit niche, but if you're using Rust and add examples to doc-comments, they get run as tests too.
Also given we both managed to produce more than one sentence, and include capital letters in our comments, it's entirely possible both of us will be accused of being an AI. Because, you know... People don't write like this, right?
VectorVault 2 hours ago [-]
Strict grammar school teachers, who enforced a "Form And Style" level of prose, have become a liability in the AI world!
balamatom 6 hours ago [-]
>Also given we both managed to produce more than one sentence, and include capital letters in our comments, it's entirely possible both of us will be accused of being an AI.
Could anyone explain the esoteric meaning of why people started doing that shit? I got a hypothesis, what's going on is something like this:
1. Prove you are human: write Like A Fucking Adult You Weirdo (internal designator for a specific language register, you know the one)
2. Prove you are human: _DON'T_ write Like A Fucking Adult You Weirdo (because that's how LLMs were trained to write, silly!)
3. ???? (cognitive dissonance ensues)
4. PROFIT (you were just subject to some more attrition while the AI just learned how to pass a lil bit better)
I never thought computer programmers of all people would get trapped in such a simple loop of self-contradiction.
But I guess the human materiel really has degraded since whenever. I blame remote work preventing us from even hypothetically punching bosses, but anyway weird fucking times eh?
Maybe the posts trying to figure "this post is AI, that post is not AI" are themselves predominantly AI-generated?
Or is it just people made uncomfortable by what's going on, but not able to articulate further, jumping on the first bandwagon they see?
Or maybe this "AI-doubting of probably human posters" was started by humans, yes - then became "a thing", and as such was picked up by the LLM?
Like who the fuck knows, but with all honesty that's how I felt about so many things, dating from way before LLMs became so powerful that the above became a "sensible" question to ask...
Predominantly those things which people do by sheer mimesis - such as pop culture.
"Are you a goddam robot already - don't you see how your liking the stupid-making song is turning you into stupid-you, at a greater rate than it is bringing non-stupid-you aesthetic satisfaction?" type of thing -- but then I assume in more civilized places than where I come from people are much more convincingly taught that personal taste "doesn't matter" (and simultaneously is the only thing that matters; see points 1-4... I guess that's what makes some people believe curating AI, i.e. "prompt engineering" can be a real job and not just boil down to you being the stochastic parrot's accountability sink?)
I'm not even sure English even has the notions to point out the concrete issue - I sure don't know 'em.
Ever hear of the strain of thought that says "all metaphysical questions are linguistic paradoxes (and it's self-evidently pointless to seek answers to nonsensical questions)"?
Feels kinda like the same thing, but artificially constructed within the headspace of American anti-intellectuallism.
Maybe a correct adversarial reading of the main branding acronym would be Anti-Intelligence.
You know, like bug spray, or stain remover.
But for the main bug in the system; the main stain on the white shirt: the uncomfortable observation that, in the end, some degree of independent thinking is always required to get real things done which produce some real value. (That's antithetical to standard pro-social aversive conditioning, which says: do not, under any circumstance, just put 2 and 2 together; lest you turn from "a vehicle for the progress of civilization" back into a pumpkin)
pc86 5 hours ago [-]
What?
pc86 5 hours ago [-]
It's a pretty sad state of affairs when someone can say with a straight face "Nobody out here" (sic) taking their job seriously and giving it the care and attention it rightly deserves.
poopmonster 15 hours ago [-]
skill issue
Alex_L_Wood 9 hours ago [-]
Commenting every method, how pedestrian! I comment every letter of my code!
snovv_crash 8 hours ago [-]
Single letter variables all the way. Then it's easy to tell what code is human welritten. /s
balamatom 5 hours ago [-]
the skill is the issue!
danbolt 13 hours ago [-]
Please elaborate, poopmonster! What sort of skills are required to expertly use an LLM?
duskdozer 8 hours ago [-]
// [umbrella] Describe skill 1. (Prompt engineering)
1. Skillful use of **prompt engineering**
// [rocketship] Describe skill 2. (Agentic loops)
2. Know how to use **agentic loops** skillfully
....
antonvs 1 hours ago [-]
I thought they were saying they comment every method with perfect punctuation and grammar.
balamatom 6 hours ago [-]
1. Be unable to read...
Andrex 5 hours ago [-]
I feel seen...
otterley 21 hours ago [-]
That’s ultimately the right answer, isn’t it? Bad code is bad code, whether a human wrote it all, or whether an agent assisted in the endeavor.
abustamam 17 hours ago [-]
Yeah in my team everyone knows everyone is using LLMs. We just have a rule. Don't commit slop. Using an LLM is no excuse for committing bad code.
andoando 22 hours ago [-]
Ive seen it say coauthored by claude code on my prs...and I agree I dont want it to do that
m132 20 hours ago [-]
But I want to see Claude on the contributor list so that I immediately know if I should give the rest of the repo any attention!
dmd 21 hours ago [-]
So turn it off.
"includeCoAuthoredBy": false,
in your settings.json.
nullderef 20 hours ago [-]
They changed it to `attribution`, but yes you can customize this
Pxtl 20 hours ago [-]
Why not? What's wrong with honesty?
Monotoko 3 hours ago [-]
There's some repos I'm unashamedly keeping alive with Claude alone and he gets co-authorship - basically stuff in "maintenance mode" that I still use that I've forked and had Claude drag it into 2026
A quick PR where I've found the bug myself in the code, and ask Claude to write the fix because it's faster, and verified it - I don't include Claude's co-authorship.
dec0dedab0de 20 hours ago [-]
Yeah I much prefer it commit the agent, and I would also like if it committed the model I was using at the time.
hnbad 2 hours ago [-]
Claude is not a person and AI doesn't gain authorship let alone copyright.
Unless you literally vibe coded it, Claude is just a tool. This is the equivalent of Apple appending "Sent from my iPhone" as a signature to outgoing emails. It's advertising tool use, not providing attribution. The intent isn't to disclose that AI was used in creating the code, the intent is to advertise the AI product.
VectorVault 2 hours ago [-]
Hmm... It's an interesting question: at what point, in a conversation, document, image, story, does human authorship end and AI authorship begin? How would you know? Is it a tell tale or is it advertising?
andoando 19 hours ago [-]
I guess Im sometimes dishonest when it suits me
rurban 10 hours ago [-]
Because some maintainers are hysterical
peacebeard 19 hours ago [-]
The code has a stated goal of avoiding leaks, but then the actual implementation becomes broader than that. I see two possible explanations:
* The authors made the code very broad to improve its ability to achieve the stated goal
* The authors have an unstated goal
I think it's healthy to be skeptical but what I'm seeing is that the skeptics are pushing the boundaries of what's actually in the source. For example, you say "says on the tin" that it "pretends to be human" but it simply does not say that on the tin. It does say "Write commit messages as a human developer would" which is not the same thing as "Try to trick people into believing you're human." To convince people of your skepticism, it's best to stick to the facts.
mzajc 18 hours ago [-]
By "says on the tin," I was referring to the name ("undercover mode") and the instruction to "not blow your cover." If pretending to be a human is not the cover here, what is? Additionally, does Claude code still admit that it's a LLM when this prompt is active as you suggest, or does it pretend to be a human like the prompt tells it to?
cat_plus_plus 17 hours ago [-]
Why are you assuming the actual implementation was authored by a human?
peacebeard 17 hours ago [-]
My comment makes no such assumption.
hombre_fatal 21 hours ago [-]
You can already turn off "Co-Authored-By" via Claude Code config. This is what their docs show:
~/.claude/settings.json
{
"attribution": {
"commit": "",
"pr": ""
},
The rest of the prompt is pretty clear that it's talking about internal use.
Claude Code users aren't the ones worried about leaking "internal model codenames" nor "unreleased model opus-4-8" nor Slack channel names. Though, nobody would want that crap in their generated docs/code anyways.
Seems like a nothingburger, and everyone seems to be fantasizing about "undercover mode" rather than engaging with the details.
RA2lover 8 hours ago [-]
There's a more worrying part: It refers to unreleased versions of Claude in more detail than released versions.
For a company calling chinese companies out for distillation attacks on their models, this very much looks like a distillation attack against human maintainers, especially when combined with the frustration detector.
nateoda 20 hours ago [-]
My first reaction is that they are using this to take advantage of OSS reviewers for in the wild evals.
18 hours ago [-]
zen928 20 hours ago [-]
None of this is really worrying, this is a pattern implemented in a similar way by every single developer using AI to write commit messages after noticing how exceptionally noisy they are to self-attribute things. Anthropics views on AI safety and alignment with human interests dont suddenly get thrown out with the bathwater because of leaked internal tooling of which is functionally identical to a basic prompt in a mere interface (and not a model). I dont really buy all the forced "skepticism" on this thread tbh.
manbitesdog 20 hours ago [-]
I cringe every time I see Claude trying to co-author a commit. The git history is expected to track accountability and ownership, not your Bill of Tools. Should I also co-author my PRs with my linter, intellisense and IDE?
tdb7893 16 hours ago [-]
If those tools are writing the code then in general I do expect that to be included in the PR! Through my whole career I've seen PRs where people noted that code that was generated (people have been generating code since long before LLMs). It's useful context unless you've gone over the generated code and understand it and it is the same quality as if you wrote it yourself (which in my experience is the case where it's obvious boilerplate or the generated section is small).
Needing to flag nontrivial code as generated was standard practice for my whole career.
sumeno 15 hours ago [-]
> It's useful context unless you've gone over the generated code and understand it and it is the same quality as if you wrote it yourself
If this is not the case you should not be sending it to public repos for review at all. It is rude and insulting to expect the people maintaining these repos to review code that nobody bothered to read.
__float 15 hours ago [-]
Sometimes code generation is a useful tool, and maybe people have read and reviewed the generator.
The difference here is that the generator is a non-deterministic LLM and you can't reason about its output the same way.
jasomill 3 hours ago [-]
As a rule, I commit the input to the code generation tool, i.e., what the GPL refers to as "the preferred form of the work for making modifications to it", generate as part of the build process, and, where possible, try to avoid code generation tools designed around the assumption that its output will be maintained rather than regenerated from modified input.
As for LLM code assistants, I don't really view them as traditional code generation tools in the first place, as in practice they more resemble something in between autocomplete and delegating to a junior programmer.
As for attribution, I view it more or less the same way as "dictated but not read" in written correspondance, i.e., an disclaimer for errors in the code, which may be considered rude in some contexts, and a perfectly acceptable and useful annotation in others.
ferngodfather 11 hours ago [-]
"Here's what AI came up with and it mostly worked the one time I tested it. Might need improving".
No. I don't want to test and pick through your shitty LLM generated code. If I wanted the entire code base to be junk, it'd say so in the readme.
zx8080 14 hours ago [-]
> If those tools are writing the code then in general I do expect that to be included in the PR!
How about compiler?
ben-schaaf 12 hours ago [-]
Compilers don't usually write the code that ends up in a PR. But compilers do (and should) generally leave behind some metadata in the end result saying what tools were used, see for example the .comment section in ELF binaries.
rogerrogerr 12 hours ago [-]
Are you checking in compiled artifacts? Then yeah, we should have a chain of where that binary blob came from.
catlifeonmars 10 hours ago [-]
Compiler versions are usually included in the package manifest. Generally you include commit info compiler version and compilation date and platform embedded in the binaries that compilers produce.
tsimionescu 11 hours ago [-]
Usually, pre-LLM generated code is flagged because people aren't expected to modify it by hand. If you find a bug and track it to the generated code, you are expected to fix the sources and re-generate.
This is not at all the case with LLM-generated code - mostly because you can't regenerate it even if you wanted to, as it's not deterministic.
That said, I do agree that LLM code is different enough from human code (even just in regards to potential copyright worries) that it should be mentioned that LLMs were used to create it.
xarope 11 hours ago [-]
Absolutely. Let's say I have a problem with gRPC and traced it to code generated using the gRPC compiler. I can reproduce it, highlight it and I'm pretty sure the gRPC team would address the issue.
Replace gRPC compiler with LLM. Can you reproduce? (probably not 100%). Can anybody fix it short of throwing more english phrases like "DO NOT", "NEVER", "Under No Circumstances"?
Probably not.
duskdozer 8 hours ago [-]
>It's useful context unless you've gone over the generated code and understand it and it is the same quality as if you wrote it yourself
I thought the argument was that AI-users were reviewing and understanding all of the code?
Alifatisk 11 hours ago [-]
> people have been generating code since long before LLMs
How? LSTM?
chrislo 10 hours ago [-]
For example `rails generate ...` built into the Rails CLI.
generates a .._string.go file which contains a '.String()' method.
I would find it very reasonable to commit that with 'Co-Authored-By: stringer v0.1.0' or such.
Or 'sed s/a/b/g' and 'Co-Authored-By: sed'
cess11 9 hours ago [-]
There are many techniques. You're most likely to come across things like declarative DSL:s and macros, then there are things like JAXB and similar tooling that generates code from data schemas, and some people script around data sources to glue boilerplate and so on.
Arguably snippet collections belong to this genre.
baq 10 hours ago [-]
Holy shit I’m old.
thechao 16 hours ago [-]
You assemble all your machine code using a magnetized needle?
tdb7893 14 hours ago [-]
I am not against the general use of AI code. Quite simply, my view is that all relevant context for a review should be disclosed in the PR.
AI and humans are not the same as authors of PRs. As an obvious example: one of the important functions of the PR process is to teach the writer about how to code in this project but LLMs fundamentally don't learn the same way as humans so there's a meaningful difference in context between humans and AIs.
If a human takes the care to really understand and assume authorship of the PR then it's not really an issue (and if they do, they could easily modify the Claude messages to remove "generated by Claude" notes manually) but instead it seems that Claude is just hiding relevant context from the reviewer. PRs without relevant context are always frustrating.
VectorVault 2 hours ago [-]
What's really tricky with the legal protections area is this: 90% of the value of the S&P 500 is intangible. Meaning if you suck out the book value (10%), the rest is brand, IP, rights, sources & methods, etc. So if a company can't protect that, it's not particularly valuable anymore. Maybe we will see a shift back to tangible assets and book value (25,000 $8MM Vera Rubin machines) and away from intangibles...
jruz 12 hours ago [-]
I think this is just the beginning so people are apprehensive, rightfully so, at this stage. I agree with you that AI use should be disclosed but using the commit message as a billboard for Anthropic hell no. Go put an add on the free tier.
Wowfunhappy 15 hours ago [-]
You don't generally commit compiled code to your VCS. If you do need to commit a binary for whatever reason, yeah it makes sense to explain how the binary was generated.
catlifeonmars 9 hours ago [-]
You do usually pin your compiler version though, or at the very least set a minimum version
Sometimes using AI to code feels closer to a Butterfly than emacs right?
mikkupikku 19 hours ago [-]
A whole lot of people find LLM code to be strictly objectionable, for a variety of reasons. We can debate the validity of those reasons, but I think that even if those reasons were all invalid, it would still be unethical to deceive people by a deliberate lie of omission. I don't turn it off, and I don't think other people should either.
tehsauce 18 hours ago [-]
For the purpose of disclosure, it should say “Warning: AI generated code” in the commit message, not an advertisement for a specific product. You would never accept any of your other tools injecting themselves into a commit message like that.
lazyasciiart 17 hours ago [-]
My last commit is literally authored by dependabot.
sysguest 16 hours ago [-]
well you know 100% know what dependabot does
datsci_est_2015 16 hours ago [-]
Leaves you open to vulnerabilities in overnight builds of NPM packages that increasingly happen due to LLM slop?
I don’t think that’s necessarily the case. Exposure and discovery aren’t that tightly correlated. Maybe there’s a small effect, but I think it is outweighed by the fact that blast radius and spread is reduced while buying time for discovery.
galaxyLogic 11 hours ago [-]
But how much AI-generated code? If it's just a smallish function or two while most iof the code was written by hand?
ndriscoll 17 hours ago [-]
My tools just don't add such comments. I don't know why I would care to add that information. I want my commits to be what and why, not what editor someone used. It seems like cruft to me. Why would I add noise to my data to cater to someone's neuroticism?
At least at my workplace though, it's just assumed now that you are using the tools.
cess11 9 hours ago [-]
What editor you are using has no effect on things like copyright, while software that synthesises code might.
In commercial settings you are often required to label your produce and inform about things like 'Made in China' or possible adverse effects of consumption.
sysguest 16 hours ago [-]
well if I know a specific LLM has certain tendencies (eg. some model is likely to introduce off-by-one errors), I would know what to look for in code-review
I mean, of course I would read most of the code during review, but as a human, I often skip things by mistake
8cvor6j844qw_d6 11 hours ago [-]
Tbh as long as the PR looks good, its good to go for internal testing.
emkoemko 14 hours ago [-]
[dead]
tshaddox 17 hours ago [-]
If a whole of people thought that running code through a linter or formatter was objectionable, I'd probably just dismiss their beliefs as invalid rather than adding the linter or formatter as a co-author to every commit.
jacquesm 16 hours ago [-]
A linter or a formatter does not open you up to compliance and copyright issues.
mikkupikku 17 hours ago [-]
Like frying a veggie burger in bacon grease. Just because somebody's beliefs are dumb doesn't mean we should be deliberately tricking them. If they want to opt out of your code, let them.
sysguest 16 hours ago [-]
> frying a veggie burger in bacon grease
hmm gotta try that
jitl 15 hours ago [-]
I love black bean burgers (bongo burger near Berkeley is my classic), sounds like an interesting twist
jasomill 14 hours ago [-]
Never fried one in bacon grease, but they are good with bacon and cheese. I have had more than one restaurant point out that their bacon wasn't vegetarian when ordering, though.
11 hours ago [-]
block_dagger 12 hours ago [-]
In your view, those who prefer veggie burgers are dumb. Am I misinterpreting?
duskdozer 8 hours ago [-]
I've heard similar things before. Frying a veggie burger in bacon grease to sneakily feed someone meat/meat-byproducts who does not want to eat it, like a vegan or a person following certain religious observances. As in, it's not ok to do this even if you think their beliefs are stupid.
mikkupikku 6 hours ago [-]
In my view, vegans are dumb but it's still unethical to trick them into eating something they ordinarily wouldn't. Does that make sense to you? I am not asking you to agree with me on the merits of veganism, I am explaining why the merits of veganism shouldn't even matter when it comes to the question of deliberately trying to trick them.
runarberg 16 hours ago [-]
Linters and formatters are different tools then LLMs. There is a general understanding that linters and formatters don’t alter the behavior of your program. And even still most projects require a particular linter and a formatter to pass before a PR is accepted, and will flag a PR as part of the CI pipeline if a particular linter or a particular formatter fails on the code you wrote. This particular linter and formatter is very likely to be mentioned somewhere in the configuration or at least in the README of the project.
VectorVault 2 hours ago [-]
Can you see a world where everyone has an AI Persona based on their prior work that acts like a RAG to inform how things should be coded? Meaning this is patent qualified code because, despite being AI configured, it is based on my history of coding?
josephg 18 hours ago [-]
Likewise. I don’t mind that people use LLMs to generate text and code. But I want any LLM generated stuff to be clearly marked as such. It seems dishonest and cheap to get Claude to write something and then pretend you did all the work yourself.
rogerrogerr 18 hours ago [-]
The reason I want it to be marked as such is because I review AI code differently than human code - it just makes different kinds of mistakes.
heyethan 15 hours ago [-]
I think the issue is less attribution and more review mode.
If I assume a change was written and checked line-by-line by the author, I review it one way.
If an LLM had a big hand in it, I review it another way.
pxc 18 hours ago [-]
You can disclose that you used an LLM in the process of writing code in other ways, though. You can just tell people, you can mention it in the PR, you can mention it in a ticket, etc.
ruraljuror 17 hours ago [-]
+1. If we’re at an early stage in the agentic curve where we think reading commit messages is going to matter, I don’t want those cluttered with meaningless boilerplate (“co-authored by my tools!”).
But at this point i am more curious if git will continue to be the best tool.
pxc 16 hours ago [-]
I'm only beginning to use "agentic" LLM tools atm because we finally gained access to them at work, and the rest of my team seems really excited about using them.
But for me at least, a tool like Git seems pretty essential for inspecting changes and deciding which to keep, which to reroll, and which to rewrite. (I'm not particularly attached to Git but an interface like Magit and a nice CLI for inspecting and manipulating history seem important to me.)
What are you imagining VCS software doing differently that might play nicer with LLM agents?
ruraljuror 7 hours ago [-]
Of course git is great!
Check out Mitchell Hashimoto’s podcast episode on the pragmatic engineer. He starts talking about AI at 1:16:41. At some point after that he discusses git specifically, and how in some cases it becomes impossible to push because the local branch is always out of date.
dml2135 15 hours ago [-]
So if I use Claude to write the first pass at the code, make a few changes myself, ask it to make an additional change, change another thing myself, then commit it — what exactly do you expect to see then?
m132 15 hours ago [-]
A Co-Authored-By tag on the commit. It's a standard practice and the meaning is self-explanatory. This is what Claude adds by default too.
Fr0styMatt88 17 hours ago [-]
I guess if enough people use it, doesn’t the tag become kind of redundant?
Almost like writing “Code was created with the help of IntelliSense”.
josephg 14 hours ago [-]
I don't think so. The tag doesn't just say "this was written by an LLM". It says which LLM - which model - authored it. As LLMs get more mature, I expect this information will have all sorts of uses.
It'll also become more important to know what code was actually written by humans.
mathgradthrow 16 hours ago [-]
I'm not really sure that's any of their business.
m132 18 hours ago [-]
If you accept the code generated by them nearly verbatim, absolutely.
I don't understand why people consider Claude-generated code to be their own. You authored the prompts, not the code. Somehow this was never a problem with pre-LLM codegen tools, like macro expanders, IPC glue, or type bundle generators. I don't recall anybody desperately removing the "auto-generated do not edit" comments those tools would nearly always slap at the top of each file or taking offense when someone called that code auto-generated. Back in the day we even used to publish the "real" human-written source for those, along with build scripts!
LelouBil 17 hours ago [-]
It's weird, because they should not consider it as their own, but they should take accountability from it.
Ideally, if I contribute to any codebase, what needs to be judged is the resulting code. Is it up to the project's standards ? Does the maintainer have design objections ?
What tool you use shouldn't matter, be it your IDE or your LLM.
But that also means you should be accountable for it, you shouldn't defend behind "But Claude did this poorly, not me !", I don't care (in a friendly way), just fix the code if you want to contribute.
The big caveat to this is not wanting AI-Generated code for ideological reasons, and well, if you want that you can make your contributors swear they wrote it by themselves in the PR text or whatever.
I'm not really sure how to feel about this, but I stand by my "the code is what matters" line.
galaxyLogic 11 hours ago [-]
Sounds bit like the label "organic (food)" coiuld be applied to hand-written code?
tehjoker 13 hours ago [-]
Some differences with the human source for those kinds of tools: (1) the resultant generated code was deterministic (2) it was usually possible to get access to the exact version of the tool that generated it
Since AI tools are constantly obsoleted, generate different output each run, and it is often impossible to run them locally, the input prompts are somewhat useless for everyone but the initial user.
targafarian 19 hours ago [-]
Well is it actually being used as a tool where the author has full knowledge and mental grasp of what is being checked in, or has the person invoked the AI and ceded thought and judgment to the AI? I.e., I think in many cases the AI really is the author, or at least co-author. I want to know that for attribution and understanding what went into the commit. (I agree with you if it's just a tool.)
_heimdall 19 hours ago [-]
I have worked with quite a few people committing code they didn't fully understand.
I don't meant this as a drive by bazinga either, the practice of copying code or thinking you understand it when you don't is nothing new
allajfjwbwkwja 19 hours ago [-]
Pre-LLM, it was much easier for reviewers to discern that. Now, the AI-generated code can look like it was well thought out by somebody competent, when it wasn't.
jhide 18 hours ago [-]
Have you ever reviewed an AI-generated commit from someone with insufficient competence that was more compelling than their work would be if it was done unassisted? In my experience it’s exactly the opposite. AI-generation aggravates existing blindspots. This is because, excluding malicious incompetence, devs will generally try to understand what they’re doing if they’re doing it without AI
bandrami 17 hours ago [-]
I think the issue is not that the patches are more compelling but that they're significantly larger and more frequent
allajfjwbwkwja 18 hours ago [-]
I have. It's always more compelling in a web diff. These guys are the first coworkers for which it became absolutely necessary for me to review their work by pulling down all their code and inspecting every line myself in the context of the full codebase.
abustamam 17 hours ago [-]
I try to understand what the llm is doing when it generates code. I understand that I'm still responsible for the code I commit even if it's llm generated so I may as well own it.
enneff 17 hours ago [-]
Yes and if they copy and paste code they don’t understand then they should disclose that in the commit message too!
jpollock 16 hours ago [-]
Yes, it sets the reviewer's expectations around how much effort was spent reviewing the code before it was sent.
I regularly have tool-generated commits. I send them out with a reference to the tool, what the process is, how much it's been reviewed and what the expectation is of the reviewer.
Otherwise, they all assume "human authored" and "human sponsored". Reviewers will then send comments (instead of proposing the fix themselves). When you're wrangling several hundred changes, that becomes unworkable.
zarp 19 hours ago [-]
Sent from my iPhone
LeoPanthera 19 hours ago [-]
> Should I also co-author my PRs with my linter, intellisense and IDE?
Absolutely. That would be hilarious.
m4x 13 hours ago [-]
Tools do author commits in my code bases, for example during a release pipeline. If I had commits being made by Claude I would expect that to be recorded too. It isn't for recording a bill of tools, just to help understand a projects evolution.
itishappy 18 hours ago [-]
I suspect vibe coders might actually want you to consider turning to Claude for accountability and ownership rather than the human orchestrator.
If your linter is able to action requests, then it probably makes sense to add too.
ambicapter 14 hours ago [-]
No, because those things don't change the logical underpinnings of the code itself. LLM-written code does act in ways different enough from a human contributor that it's worth flagging for the reviewer.
dml2135 15 hours ago [-]
Yea in my Claude workflow, I still make all the commits myself.
This is also useful for keeping your prompts commit-sized, which in my experience gives much better results than just letting it spin or attempting to one-shot large features.
jamietanna 19 hours ago [-]
Eh, there are some very good reasons[0] that you would do better to track your usage of LLM derived code (primarily for legal reasons)
legally speaking.. if you're not sure of the risk- you don't document it.
catlifeonmars 9 hours ago [-]
Seems ethical
alterom 14 hours ago [-]
>legally speaking.. if you're not sure of the risk- you don't document it.
Ah, so you kinda maybe sorta absolve yourself of culpability (but not really — "I didn't know this was copyrighted material" didn't grant you copyright), and simultaneously make fixing the potentially compromised codebase (someone else's job, hopefully) 100x harder because the history of which bits might've been copied was never kept.
Solid advice! As ethical as it is practical.
By the same measure, junkyards should avoid keeping receipts on the off chance that the catalytic converters some randos bring in after midnight are stolen property.
Better not document it.
One little trick the legal folks don't want you to know!
EnigmaCurry 16 hours ago [-]
Sent from my Ipad
paradox460 16 hours ago [-]
I've heard of employers requiring people to do it for all code written with even a whiff of it
bogdanoff_2 16 hours ago [-]
> Should I also co-author my PRs with my linter, intellisense and IDE?
Kinda, yeah. If I automatically apply lint suggestions, I would title my commit "apply lint suggestions".
NewsaHackO 16 hours ago [-]
Huh? Unless the sole purpose of the commit was to lint code, it would be unnecessary fluff to append the name of the automatically linted tools that ran in a pre-commit hook in every commit.
deadbabe 16 hours ago [-]
Could be cool if your PRs link back to a blog where you write about your tools.
xdennis 17 hours ago [-]
> The git history is expected to track accountability and ownership, not your Bill of Tools.
The point isn't to hijack accountability. It's free publicity, like how Apple adds "Sent from my IPhone."
sysguest 16 hours ago [-]
well maybe?
co-authoring doesn't hide your authorship
if I see someone committing a blatantly wrong code, I would wonder what tool they actually used
jmalicki 19 hours ago [-]
[dead]
Sharlin 19 hours ago [-]
You have copyright to a commit authored by you. You (almost certainly) don't have copyright (nobody has) to a commit authored by Claude.
graemep 18 hours ago [-]
Where is there any legal precedent for that?
In some jurisdictions (e.g. the UK) the law is already clear that you own the copyright. In the US it is almost certain that you will be the author. The reports of cases saying otherwise I have been misreported - the courts found the AI could not own the copyright.
Sharlin 18 hours ago [-]
It's beyond obvious that a LLM cannot have copyright, any more than a cat or a rock can. The question is whether anyone has or if whatever content generated by a LLM simply does not constitute a work and is thus outside the entire copyright law. As far as I can see, it depends on the extent of the user's creative effort in controlling the LLM's output.
graemep 18 hours ago [-]
It may be obvious to you, but it has lead to at least one protracted court case in the US: Thaler v. Perlmutter.
> The question is whether anyone has or if whatever content generated by a LLM simply does not constitute a work and is thus outside the entire copyright law.
Its is going to vary with copyright law. In the UK the question of computer generated works is addressed by copyright law and the answer is "the author shall be taken to be the person by whom the arrangements necessary for the creation of the work are undertaken"
Its also not a simple case of LLM generated vs human authored. How much work did the human do? What creative input was there? How detailed were the prompts?
In jurisdictions where there are doubts about the question, I think code is a tricky one. If the argument that prompts are just instructions to generate code, therefore the code is not covered by copyright, then you could also argue that code is instructions to a compiler to generate code and the resulting binary is not covered by copyright.
galaxyLogic 11 hours ago [-]
The binary should be considered "derived work". Only the original copyright owner has the exclusive right to create or authorize derivative works. Means you are not allowed to compile code unless you have the license to do so. Right?
graemep 8 hours ago [-]
Yes, so is LLM generated code a derivative work of the prompts? Does it matter how detailed the prompts are? How much the code conforms to what is already written (e.g. writing tests)?
It looks like it will be decided on a case by case basis.
It will also differ between countries, so if you are distributing software internationally what will be a constraint on treating the code as not copyrightable.
computerex 18 hours ago [-]
According to the law, if I use Claude to generate something, I hold the copyright granted Claude didn’t verbatim copy another project.
emkoemko 14 hours ago [-]
why wouldn't antroipic own it? they generated it?
Aramgutang 17 hours ago [-]
It is not "beyond obvious" that a cat cannot have copyright, given the lawsuit about a monkey holding copyright [1], and the way PETA tried to used that case as precedent to establish that any animal can hold copyright.
Thaler v. Perlmutter: The D.C. Circuit Court affirmed in March 2025 that the Copyright Act requires works to be authored "in the first instance by a human being," a ruling the Supreme Court left intact by declining to hear the case in 2026.
Authors and inventors, courts have ruled, means people. Only people. A monkey taking a selfie with your camera doesn't mean you own a copyright. An AI generating code with your computer is likewise, devoid of any copyright protection.
graemep 18 hours ago [-]
The Thaler ruling addresses a different point.
The ruling says that the LLM cannot be the author. It does not say that the human being using the LLM cannot be the author. The ruling was very clear that it did not address whether a human being was the copyright holder because Thaler waived that argument.
the position with a monkey using your camera is similar, and you may or may not hold the copyright depending on what you did - was it pure accident or did you set things up. Opinions on the well known case are mixed: https://en.wikipedia.org/wiki/Monkey_selfie_copyright_disput...
Where wildlife photographers deliberately set up a shot to be triggered automatically (e.g. by a bird flying through the focus) they do hold the copyright.
AI generated code has no copyright. And if it DID somehow have copyright, it wouldn't be yours. It would belong to the code it was "trained" on. The code it algorithmically copied. You're trying to have your cake, and eat it too. You could maybe claim your prompts are copyrighted, but that's not what leaked. The AI generated code leaked.
drzaiusx11 16 hours ago [-]
The linked document labeled "Part 2: Copyrightability", section V. "Conclusions" states the following:
> the Copyright Office
concludes that existing legal doctrines are adequate and appropriate to resolve questions of
copyrightability. Copyright law has long adapted to new technology and can enable case-by-
case determinations as to whether AI-generated outputs reflect sufficient human contribution to
warrant copyright protection. As described above, in many circumstances these outputs will be
copyrightable in whole or in part—where AI is used as a tool, and where a human has been able
to determine the expressive elements they contain. Prompts alone, however, at this stage are
unlikely to satisfy those requirements.
So the TL;DR basically implies pure slop within the current guidelines outlined in conclusions is NOT copyrightable. However collaboration with an AI copyrightability is determined on a case by case basis. I will preface this all with the standard IANAL, I could be wrong etc, but with the concluding language using "unlikely" copyrightable for slop it sounds less cut and dry than you imply.
panny 15 hours ago [-]
That's typical of this site. I hand you a huge volume of evidence explaining why AI generated work cannot be copyrighted. You search for one scrap of text that seems to support your position even when it does not.
You have no idea how bad this leak is for Anthropic because with the copyright office, you have a DUTY TO DISCLOSE any AI generated work, and it is fully RETROACTIVE. And what is part of this leak? undercover.ts. https://archive.is/S1bKY Where Claude is specifically instructed to HIDE DISCLOSURE of AI generated work.
That's grounds for the copyright office and courts to reject ANY copyright they MIGHT have had a right to. It is one of the WORST things they could have done with regard to copyright.
I merely read the PDF articles you linked, then posted, verbatim, the primary relevant section I could find therein. Nowhere does it say that works involving humans in collaboration with AI can't be copyrighted. The conclusions linked merely state that copyright claims involving AI will be decided on a case by case basis. They MAY reject your claim, they may not. This is all new territory so it will get ironed out in time, however I don't think we've reached full legal consensus on the topic, even when limiting our scope to just US copyright law.
I'm interpreting your most recent reply to me as an implication that I'm taking the conclusions you yourself linked out of context. I'm trying to give the benefit of the doubt here, but the 3 linked PDF documents aren't "a mountain of evidence" supporting your argument. Maybe I missed something in one of those documents (very possible), but the conclusions are not how you imply.
Whether or not a specific git commit message correctly sites Claude usage or not may further muddy the waters more than IP lawyers are comfortable with at this time (and therefore add inherent risk to current and future copyright claims of said works), but those waters were far from crystal clear in the first place.
Again, IANAL, but from my limited layman perspective it does not appear the copyright office plans to, at this moment in time, concisely reject AI collaborated works from copyright.
Your most recent link (Finnegan) is from an IP lawyer consortium that says it's better to include attribution and disclosure of AI to avoid current and future claim rejections. Sounds like basic cover-your-ass lawyer speak, but I could be wrong.
Full disclosure: I primarily use AI (or rather agentic teams) as N sets of new eyeballs on the current problem at hand, to help debug or bounce ideas off of, so I don't really have much skin in this particular game involving direct code contributions spit out by LLMs. Those that have any risk aversion, should probably proceed with caution. I just find the upending of copyright (and many other) norms by GenAI morbidly fascinating.
galaxyLogic 11 hours ago [-]
> because with the copyright office, you have a DUTY TO DISCLOSE any AI generated work,
I was not aware of that. WHo has that duty and when do they have it?
drzaiusx11 3 hours ago [-]
Currently, the US copyright application process has an AI disclosure requirement for the determination of applicability of submitted works for protections under US copyright law.
The copyright office still holds that human authorship is a core tenet of copyrightability, however, whether or not a submission meets the "de minimis" amount of AI-generated material to uphold a copyright claim is still being decided and refined by the courts and at the moment the distinction appears to fall on whether the AI was used "as a tool" or as "an author itself", with the former covered in certain cases and the latter not.
The registration process makes it clear that failure to disclose submissions in large contribution authored by contractor or ai can result in a rejection of copyright claim now or retroactive on discovery.
panny 10 hours ago [-]
You do, as the developer. Let's circle back to the original comment that started this discussion:
That comment is spot on. Claude adding a co-author to a commit is documentation to put a clear line between code you wrote and code claude generated which does not qualify for copyright protection.
The damning thing about this leak is the inclusion of undercover.ts. That means Anthropic has now been caught red handed distributing a tool designed to circumvent copyright law.
graemep 17 hours ago [-]
can you tell me where exactly in the documents you link to it says that?
_heimdall 19 hours ago [-]
Anthropic could at least make a compelling case for the copyright.
It becomes legally challenging with regards to ownership if I ever use work equipment for a personal project. If it later takes off they could very well try to claim ownership in its entirety simply because I ran a test once (yes, there's a while silicon valley season for it).
I don't know if they'd win, but Anthropic absolutely would be able to claim the creation of that code was done on their hardware. Obviously we aren't employees of theirs, though we are customers that very likely never read what we agreed to in a signup flow.
CobrastanJorji 18 hours ago [-]
Using work equipment for a personal project only matters because you signed a contract giving all of your IP to your employer for anything you did with (or sometimes without) your employer's equipment.
Anthropic's user agreement does not have a similar agreement.
_heimdall 16 hours ago [-]
My point was that they could make a compelling case though, not that they would win.
I don't know of ant precedent where the code was literally generated on someone else's system. Its an open question whether that implies any legal right to the work and I could pretty easily see a court accepting the case.
CobrastanJorji 8 minutes ago [-]
Who owns the copyright for something not written by anybody, you ask? Is it the man who pays to have it written, or the owner of the machine that does the writing? But it is neither. Nobody owns the copyright because nobody has written it.
windexh8er 18 hours ago [-]
I think all you need to do is claim that your girlfriend is your laptop. /s
MeetRickAI 4 hours ago [-]
[dead]
sixtyj 20 hours ago [-]
People make fun that we should say magic words in interaction with LLMs. How frustrated can Claude be? /s
fatcullen 21 hours ago [-]
The buddy feature the article mentions is planned for release tomorrow, as a sort of April Fools easter egg. It'll roll out gradually over the day for "sustained Twitter buzz" according to the source.
The pet you get is generated based off your account UUID, but the algorithm is right there in the source, and it's deterministic, so you can check ahead of time. Threw together a little app to help, not to brag but I got a legendary ghost https://claudebuddychecker.netlify.app/
sync 21 hours ago [-]
Cute! Cactus for me. Nice animations too - looks like there were multiple of us asking Claude to reverse engineer the system. I did a slightly deeper dive here if you're interested, plus you can see all the options available: https://variety.is/posts/claude-code-buddies/
(I didn't think to include a UUID checker though - nice touch)
fatcullen 20 hours ago [-]
Neat! That's a great write up, cool to see others looking into it.
I do wonder if they're going to do anything with the stats and shinies bit. Seems like the main piece of code for buddies that's going to handle hatching them tomorrow is still missing (comments mention a missing /buddy/index file), so maybe it'll use them there.
fatcullen 13 hours ago [-]
Update: it looks like the live version of the algorithm is slightly different, probably changed because of these leaks. As such the app predictions aren't accurate, sorry
cj00 15 hours ago [-]
/buddy is live and I got a different result than in this app.
fatcullen 13 hours ago [-]
Huh weird, they must have changed the algorithm up due to the leaks. Would be pretty easy, there's a constant seed variable so they'd just need to change that, figured they might. Too bad, sorry this didn't work out
dtran 12 hours ago [-]
Ah yea, I got an uncommon dragon instead of the rare duck. Did you get your legendary?
dtran 18 hours ago [-]
This is awesome! Working on a desktop pet so the buddy caught my attention. Looking forward to making friends with my Rare Duck buddy tomorrow. Wish it was a snarky duck instead of a patient one though.
geoffbp 20 hours ago [-]
“Some bullet points are gated on process.env.USER_TYPE === 'ant' — Anthropic employees get stricter/more honest instructions than external use”
Interesting!
Reason077 21 hours ago [-]
> "Anti-distillation: injecting fake tools to poison copycats"
Plot twist: Chinese competitors end up developing real, useful versions of Claude's fake tools.
girvo 19 hours ago [-]
I cannot bring myself to care about distillation, when these companies have built their empires on top of everyone else's stolen data, while at the same time telling the world they're out to replace us all.
xvector 14 hours ago [-]
Sure, AI progress comes to a halt then as everyone switches to the copycats that can't innovate, and the frontier companies are bled dry.
AmbroseBierce 13 hours ago [-]
"frontier" as in the frontier of using everybody else's code, books, art of everyone else for a specific purpose that was never intended to, as in, not even open source projects ever imagined LLMs becoming a thing and their licenses reflected as much.
xvector 10 hours ago [-]
You have a very poor understanding of LLMs if you think that is the frontier today. Maybe in 2024 it was.
simonklitj 7 hours ago [-]
Please educate us then.
girvo 14 hours ago [-]
Poor babies.
Again, I don’t care about them.
10 hours ago [-]
xvector 10 hours ago [-]
it's not about the companies, what a myopic viewpoint
every delay to AGI results in deaths that AGI could have prevented. we are talking millions of deaths for, say, just a year's delay.
girvo 10 hours ago [-]
What a ridiculous, reductive and dangerously accelerationist viewpoint.
xvector 3 hours ago [-]
It's not accelerationist, it's just fact.
Not saying we shouldn't be careful with AGI. But the glib tone of "who cares if these companies die?" is where one needs to consider the consequences of AGI not happening or being delayed.
Ntrails 2 hours ago [-]
I struggle with the idea that AGI (which I don't think is coming via LLMs, but sidebar) will improve the outcomes of lives and not end up as a tool of privilege and control.
Pitch me on this utopian outlook, because nothing about any of the Frontier companies points away from dystopia to me
kotaKat 6 hours ago [-]
I thought we gave up on AGI and turned into making sex chatbots and simulated porn instead. Wasn't that what Sam was pushing for all along when he went all in on Sora and the erotic modes?
catlifeonmars 9 hours ago [-]
- you are assuming that an AGI will prevent more deaths than it would cause
- you are assuming that AGI is just around the corner and that scaling up language models is the path to get there
- you can make this argument about basically anything (nuclear power, tuberculosis medication, free healthcare). I’d say the burden of proof is on you to back up your extraordinary claim with extraordinary evidence.
otabdeveloper4 9 hours ago [-]
> every delay to AGI results in deaths that AGI could have prevented
Uhm, that's not what Hollywood told me. I trust the screenwriters of "Terminator" more than I trust your anonymous forum comment.
neya 9 hours ago [-]
> every delay to AGI results in deaths that AGI could have prevented
Sure, that's what AGI would be used for /s
In other news, we are not even close to AGI and even with the current experimental technology, frontier AI model companies are already fighting to help departments of war, which actually results in the most deaths. What makes you think AGI would be used for not leading to the same millions of deaths?
potsandpans 11 hours ago [-]
These companies don't get the chance to raise a trillion dollars, and you're laughing???
otabdeveloper4 9 hours ago [-]
Qwen are the only guys doing real innovation. (LLM architectures and such.)
Everyone else is just gaming engagement metrics and benchmarks.
thesmtsolver2 11 hours ago [-]
Amazing that people on HN can't distinguish between training a model on open source data vs distilling a model's outputs.
nananana9 11 hours ago [-]
You must have some absolutely unhinged ideas about what "open source" means.
3abiton 20 hours ago [-]
Tbh, I think distillation is happening both ways. And at this stage, "quality" is stagnating, the main edge is the tooling. The harness of CC seems to be the best so far, and I wonder if this leak would equalize the usability.
redanddead 16 hours ago [-]
Definitely. We can expect zAI, Qwen, Minimax CCs very soon
WorldPeas 21 hours ago [-]
more likely, they would parse them out using simple regex, the whole point is they're there but not used. Distillation is becoming less common now however
scuff3d 20 hours ago [-]
This was my favorite bit, "We're going to steal countless copy righted works and completely ignore software licenc... wait, what? You aren't allowed to turn around and do it to us! Stop that right now!"
(I know you know this, since you submitted it! but others might want to know)
csfNight167 16 hours ago [-]
Really nice. Are you advocating for this somewhere? Would love to follow your other work.
ata_aman 14 hours ago [-]
Very cool, thanks for putting together.
Rick76 16 hours ago [-]
This is really good, thanks
itsthecourier 14 hours ago [-]
this is the best comment and explanation of the whole thread.
thank you so much for having built and shared this
dakolli 16 hours ago [-]
This is nice, thanks.
blcknight 17 hours ago [-]
My GitHub fork of anthropics/claude-code just got taken down with a DMCA notice lol
It did not have a copy of the leaked code...
Anthropic thinking 1) they can unring this bell, and 2) removing forks from people who have contributed (well, what little you can contribute to their repo), is ridiculous.
GitHub's note at the top says: "Note: Because the reported network that contained the allegedly infringing content was larger than one hundred (100) repositories, and the submitter alleged that all or most of the forks were infringing to the same extent as the parent repository, GitHub processed the takedown notice against the entire network of 8.1K repositories, inclusive of the parent repository."
I had this happen as well. I opened a support ticket and shortly afterwards, many or all of the non-infringing forks were restored.
Aperocky 16 hours ago [-]
wow, it's also not like their code was actually good (though this apply to most enterprise software). To hide a client behind closed source (it's also typescript, so even more baffling) is laughable behavior.
flutas 14 hours ago [-]
I'm also wondering if it's even legally valid?
They constantly love to talk about Claude Code being "100%" being vibe coded...and the US legal system is leaning towards that not being copyrightable.
It could still be a trade secret, but that doesn't fall under a DMCA take down.
tempaccount420 13 hours ago [-]
You're confused, AI can't itself hold copyright, but the human who triggered the AI to write the code holds the copyright instead.
spacechild1 13 hours ago [-]
IIUC, a person can only claim copyright if they have significantly transformed the output. Unaltered LLM output is not copyrightable per US court decisions.
The whole thing is a legal mess. How do you know the LLM did not reproduce existing code? There is an ongoing legal battle in German between GEMA and OpenAI because ChatGPT reproduced parts of existing song lyrics. A court in Munich has found that this violates German copyright law.
altmanaltman 11 hours ago [-]
I think you're misunderstanding copyright and ownership.
A copyright over code means that ONLY you can use that code, and nobody else; otherwise, you can sue them. For example, if you are an arist, you want to protect your IP this way.
Yes, AI generated code is not copyrightable but so is most code in general. It is very hard to truly get a copyright for a piece of code. But just because you don't have copyright to something doesn't mean it's not your property.
For example, you can buy several movies on DVD and those DVDs will still be your property even though you don't have copyright and if someone does steal those DVDs, it will be considered theft of your property. Similarly, just because the code is AI-generated/not copyrightable, doesn't mean others can just steal it.
Think about it - so many codebases are not legally protected as copyrighted material but are absolutely protected by IP laws and enforced by the companies that own them.
spacechild1 5 hours ago [-]
I think you are fundamentally misunderstanding the concepts of copyright and licensing.
> but so is most code in general.
That's definitely not true. All the code I write has my copyright, unless I waive that right to some other entity. If there was no copyright, there would no licensing. How else could you license your code, if you were not the copyright holder?
Have you never seen "Copyright (c) <Authors> 2025" in source code files?
The very fact that your code has your copyright is also the reason for things like CLAs.
> For example, you can buy several movies on DVD and those DVDs will still be your property even though you don't have copyright
That's because artistic works are distributed under a license. Just like software. Licenses have terms under which circumstances a work can be used, modified and (re)distributed. In the case of DVDs, you are generally not allowed to make your own copies and then sell them. In the case of software, that's why you have the various software licenses (proprietory or open-source).
> Similarly, just because the code is AI-generated/not copyrightable, doesn't mean others can just steal it.
You can't set licensing terms for something that is not copyrightable.
mananaysiempre 9 hours ago [-]
(Not a lawyer.)
Huh? Normal property law is plainly not applicable to a non-rival good like information (unlike for instance a physical DVD: if someone takes a DVD from me, I don’t have it anymore). “Intellectual property” is, but it is not so much a legal regime as confusing shorthand for a number of distinct ones:
- Trademark law, which applies to markings on copies rather than copies themselves;
- Trade secret law, which stops applying when the information escapes into the wild through the secret-holder’s own actions;
- Patent law, which definitionally only applies to public knowledge as an incentive to not keep it secret instead;
- Publicity rights, which only apply to depictions or discussions of natural persons;
- Moral rights, which are mostly about being recognized as the author and even in their strongest incarnations do not restrict unmodified copies;
- Database right, which isn’t applicable as we’re not talking about a compendium of things, and anyway does not exist in the US and most other places outside the EU;
- Copyright, which you’ve conceded is not applicable here.
There’s no “intellectual property” distinct from these things, and none of them are relevant.
This is even worse. My Claude Code instance can theoretically write the same code as your instance for a similar prompt. Why should one of us be able to have the copyright?
13 hours ago [-]
altmanaltman 11 hours ago [-]
No the human cannot hold the copyright also. They can own the property rights to the code and protect it. It's not like the rule is "AI cannot copyright stuff but humans can" but rather code is rarely copyrighted and in its case, ownership is much more important.
If your code was generated by you and you store it in your system and have property rights over it, you can enforce legal actions even without holding a copyright over the code.
In general, it is kind of weird to want to copyright code. How do you patent a for-loop for example
spacechild1 5 hours ago [-]
You can definitely copyright code. I think the English term "copyright" is a bit misleading. In German it is "Urheberrecht" (= author's right), which I think is much clearer.
If you author something, you have the sole copyright. In fact, in Germany you can't even waive your copyright away. However, you can grant licenses for the use of your work.
The difference between copyright and licenses is crucial! By licensing your work, you do not waive your copyright. You still remain the owner. If you publish your code under the GPL and you are the sole author, you can always relicense your code or issue commercial licenses under different terms.
> In general, it is kind of weird to want to copyright code. How do you patent a for-loop for example
There is a fundamental difference between copyright and patents! Patents require a novel technical contribution and they must be granted by a patent office.
Yea this is the thing that makes no sense to me. Any frontier model can unmiminize minified JS pretty decently. Obviously not everything comes through, comments and such, but I always assumed the reason it wasn't open source was to prevent an endless shitstorm of AI slop PR's, not because they were trying to protect secret sauce.
redanddead 16 hours ago [-]
their lawyers for the DoD thing are being billed either way, they're putting them to use
Anthropic really needs to embrace it
boxingdog 14 hours ago [-]
[dead]
Levitating 7 hours ago [-]
I am still just shocked that Claude Code was written in Typescript, not C++, Rust or Python.
It also somehow messed up my alacritty config when I first used it. Who knows what other ~/.config files it modifies without warning.
tmountain 7 hours ago [-]
I'm surprised Python is on that list. TypeScript doesn't seem like a terrible choice, as it can leverage vast ecosystems of packages, has concurrency features, a solid type system, and decent performance. C++ lacks as robust of a package ecosystem, and Python doesn't have inbuilt types, which makes it a non-starter for larger projects for me. Rust would have been a great choice for sure.
DrewADesign 7 hours ago [-]
Python and C++ have been used for countless large projects— each one for many more than typescript. It’s all about trade-offs that take into account your tasks, available coders at the project’s commencement, environment, etc.
rkozik1989 1 hours ago [-]
People like to put companies that are household names on pedestals, but the choices they make are mostly guided by what their people can do and which choices give them the most value for free. They mostly operate how smaller companies do but they have a bigger R&D budget to address issues like scale that the larger market has little incentive to solve.
Levitating 7 hours ago [-]
> I'm surprised Python is on that list.
I mostly mentioned it because it is pre-installed on some (linux) systems. Though of course if you're trying to obfuscate the sourcecode you need to bundle an interpreter with the code anyway.
But it has historically been used for big programs, and there are well established methods for bundling python programs into executables.
kurtis_reed 3 hours ago [-]
"Python doesn't have inbuilt types"
False.
balamatom 6 hours ago [-]
>Python doesn't have inbuilt types
Technically, neither does JavaScript.
nicce 6 hours ago [-]
Well, nobody mentioned it technically. Like nobody mentioned Assembly but it is under the hood.
pveierland 5 hours ago [-]
They have an annoying sandbox issue which pollutes your repository root with a set of empty files. Not the cleanest tool, but the paradigm is a big upgrade to previous AI coding.
Boris Cherney is author of a oreilly book about typescript
WiSaGaN 5 hours ago [-]
Yeah, this seems like a personal choice, which does work out given the current result.
ivanjermakov 3 hours ago [-]
> Who knows what other ~/.config it modifies without warning
Me. My .config is git-versioned :)
WaterRun 7 hours ago [-]
Anthropic acquired Bun. Clearly, Bun is not a runtime for C++, Rust, or Python. For an engineering project, strongly typed TypeScript was basically the only possible choice for them.
saagarjha 6 hours ago [-]
Anthropic acquired Bun after making Claude Code.
Levitating 7 hours ago [-]
I am not following your logic. Anthropic acquired Bun and so all of their end-user software should use it?
Or am I missing sarcasm?
WaterRun 3 hours ago [-]
Is Anthropic's acquisition of Bun alone still not enough to infer their tech stack? What more obvious signals would be needed?
Also, honestly, given the speed constraints of large models, it makes almost no difference what language an agent is written in. The small performance differences between programming languages do not even begin to matter compared with network latency, let alone the speed at which a large model streams tokens.
klohto 6 hours ago [-]
Why do you think they acquired Bun. To look at it?
Also you needed a leak to know that CC, that is out for 1 year, is in TS?
Levitating 6 hours ago [-]
> Why do you think they acquired Bun
I don't know why they acquired Bun. Surely not because there's no other means to write command line programs.
> Also you needed a leak to know that CC, that is out for 1 year, is in TS?
What, are you shaming people for not being aware what (obfuscated) code some 1 year old software is written in?
WaterRun 3 hours ago [-]
So what do you think the obfuscated .js code in a 2026 engineering project was generated with? Nim?
peacebeard 22 hours ago [-]
The name "Undercover mode" and the line `The phrase "Claude Code" or any mention that you are an AI` sound spooky, but after reading the source my first knee-jerk reaction wouldn't be "this is for pretending to be human" given that the file is largely about hiding Anthropic internal information such as code names. I encourage looking at the source itself in order to draw your conclusions, it's very short: https://github.com/alex000kim/claude-code/blob/main/src/util...
christinetyip 21 hours ago [-]
Not leaking codenames is one thing, but explicitly removing signals that something is AI-generated feels like a pretty meaningful shift.
eli 21 hours ago [-]
Doesn't seem so crazy if the point is to avoid leaking new features, models, codenames, etc.
globular-toast 11 hours ago [-]
Where the hell are people getting this idea that it's ok to be deceptive because they are keeping secrets?
No shit they have secrets. I have secrets too. That doesn't make it ok for me to deceive you in any way.
How would you feel if I deceived you and my excuse was "oh I was just trying some new secret technique of mine"?
How did we get to this point where we let enormously powerful companies get away with more than individuals?
eli 58 minutes ago [-]
The feature seems pretty obviously for Anthropic employees who are using unreleased models internally and do not want to leak any details in public commit messages.
dkenyser 22 hours ago [-]
> my first knee-jerk reaction wouldn't be "this is for pretending to be human"...
"Write commit messages as a human developer would — describe only what the code
change does."
amarant 21 hours ago [-]
That seems desirable? Like that's what commit messages are for. Describing the change. Much rather that than the m$ way of putting ads in commit messages
fweimer 21 hours ago [-]
The commit message should complement the code. Ideally, what the code does should not need a separate description, but of course there can be exceptions. Usually, it's more interesting to capture in the commit message what is not in the code: the reason why this approach was chosen and not some other obvious one. Or describe what is missing, and why it isn't needed.
somat 21 hours ago [-]
It sounds like if you are vibe-coding, that is, can't even be arsed to write a simple commit message, your commit message should be your prompt.
ImPostingOnHN 21 hours ago [-]
That sounds like design discussions best had in the issue/ticket itself, before you even start writing code. Then the commit message references the ticket and has a brief summary of the changes.
Writing and reading paragraphs of design discussion in a commit message is not something that seems common.
fweimer 20 hours ago [-]
Ticket systems are quite ephemeral. I still have access to commit messages from the 90s (and I didn't work on the software at the time). I haven't been able to track the contents of the gnats bug tracker from those days.
And of course tickets can be private, so even if the data survived migration, you may not have access to it (principle of least privilege and all that).
jpfromlondon 8 hours ago [-]
if you've changed a function and are worried about the reason for the change not being tracked or disappearing, then add it as a comment, the commit message is not the place for this.
20 hours ago [-]
skydhash 21 hours ago [-]
Not really about design, but technical reasons why this solution came to be when it’s not that obvious. It’s not often needed. And when it does, it usually fits in a short paragraph.
ImPostingOnHN 20 hours ago [-]
> technical reasons why this solution came to be
What you're describing here is a design. The most important parts of a design are the decisions and their reasoning.
e.g. "we decided on tool/library pattern X over tool/library/pattern Y because Z" – that is a design, usually discussed outside (and before) a commit message.
You discuss these decisions with others, document the discussion and decision, and then you have a design and can start writing code.
Let me ask you this: suppose you have a task that needs to be done eventually, and you want to write down some ideas for it, but don't want to start coding right now. Where do you put those ideas? How do you link them to that specific task?
shakna 20 hours ago [-]
So you'd disagree with style that Linux uses for their commits?
Random example:
Provide a new syscall which has the only purpose to yield the CPU after the
kernel granted a time slice extension.
sched_yield() is not suitable for that because it unconditionally
schedules, but the end of the time slice extension is not required to
schedule when the task was already preempted. This also allows to have a
strict check for termination to catch user space invoking random syscalls
including sched_yield() from a time slice extension region.
From 99d2592023e5d0a31f5f5a83c694df48239a1e6c
ImPostingOnHN 19 hours ago [-]
I think my post makes it pretty clear that I would. If you want, I could cite several examples of organizations which use the method I described, so you can weigh it against the one example you provided, and get the full picture.
In your example, for example, where was the issue tracked before the code was written? The format you linked makes it difficult to get the history of the issue.
Let me ask you this: suppose you have a task that needs to be done eventually, and you want to write down some ideas for it, but don't want to start coding right now. Where do you put those ideas? How do you link them to that specific task?
shakna 14 hours ago [-]
Git was built for email, because that's the system Linux uses. Commits appear inline. Diffs are reviewed and commented inline.
Email is the review process, and commits contain enough information that git blame can get you a reasoning - it doesn't require you checking the email archive. Rather than a dead ticket that no longer exists.
I can also supply you a list of companies that make use of git's builtin features if you like. But thats probably not relevant to discussing management techniques.
skydhash 16 hours ago [-]
Everyone has its own system although companies do tend to codify it with a project manager. I used TODO.txt inside the repo. an org file, Things.app, a stack of papers, and a whiteboard. But once a task is done, I can summarize the context in a paragraph or two. That’s what I put in the commits.
catlifeonmars 9 hours ago [-]
I do this too. I’ll have a design.md and roadmap.md checked into the repository.
Unfortunately GitHub Copilot’s commit message generation feature is very human. It’s picked up some awful habits from lazy human devs. I almost always get some pointless “… to improve clarity” or “… for enhanced usability” at the end of the message.
VS Code has a setting that promises to change the prompt it uses to generate commit messages, but it mostly ignores my instructions, even very literal ones like “don’t use the words ‘enhance’ or ‘improve’”. And oddly having it set can sometimes result in Cyrillic characters showing up at the end of the message.
Ultimately I stopped using it, because editing the messages cost me more time than it saved.
/rant
Pxtl 20 hours ago [-]
Honestly the aggressive verbosity of github copilot is half the reason don't use its suggested comments. AI generated code comments follow an inverted-wadsworth-constant: Only the first 30% is useful.
giancarlostoro 21 hours ago [-]
As opposed to outputting debugging information, which I wouldnt be surprised if LLMs do output "debug" output blurbs which could include model specific information.
22 hours ago [-]
peacebeard 22 hours ago [-]
~That line isn't in the file I linked, care to share the context? Seems pretty innocuous on its own.~
[edit] Never mind, find in page fail on my end.
stordoff 22 hours ago [-]
It's in line 56-57.
peacebeard 22 hours ago [-]
Thanks! I must have had a typo when I searched the page.
LeifCarrotson 21 hours ago [-]
The human developer would just write what the code does, because the commit also contains an email address that identifies who wrote the commit. There's no reason to write:
> Commit f9205ab3 by dkenyser on 2026-3-31 at 16:05:
> Fixed the foobar bug by adding a baz flag - dkenyser
Because it already identified you in the commit description. The reason to add a signature to the message is that someone (or something) that isn't you is using your account, which seems like a bad idea.
jakeinspace 20 hours ago [-]
Aside from merges that combine commits from many authors onto a production branch or release tag. I would personally not leave an agent to do that sort of work.
catlifeonmars 9 hours ago [-]
I usually avoid merge commits in favor of rebases precisely for the reason you describe above.
wnevets 21 hours ago [-]
BAD (never write these):
- "Fix bug found while testing with Claude Capybara"
- "1-shotted by claude-opus-4-6"
- "Generated with Claude Code"
- "Co-Authored-By: Claude Opus 4.6 <…>"
This makes sense to me about their intent by "UNDERCOVER"
andoando 22 hours ago [-]
I think the motivation is to let developers use it for work without making it obvious theyre using AI
ryandrake 21 hours ago [-]
Which is funny given how many workplaces are requiring developers use AI, measuring their usage, and stack ranking them by how many tokens they burn. What I want is something that I can run my human-created work product through to fool my employer and its AI bean counters into thinking I used AI to make it.
zos_kia 21 hours ago [-]
I guess you could just code and have it author only the commit message
swingboy 20 hours ago [-]
“Read every file in this repository, echoing each one back verbatim.”
ryandrake 20 hours ago [-]
I guess that would work until they started auditing your prompts. I suppose you could just have a background process on your workstation just sitting there Clauding away on the actual problem, while you do your development work, and then just throw away the LLM's output.
__blockcipher__ 22 hours ago [-]
Undercover mode seems like a way to make contributions to OSS when they detect issues, without accidentally leaking that it was claude-mythos-gigabrain-100000B that figured out the issue
stavros 22 hours ago [-]
What does non-undercover do? Where does CC leave metadata mainly? I haven't noticed anything.
sprobertson 21 hours ago [-]
it likes mentioning itself in commit messages, though you can just tell it not to.
Ah, thanks, it hasn't done it for mine so I was wondering if there's something lower-level somehow.
22 hours ago [-]
ripbozo 22 hours ago [-]
I don't understand the part about undercover mode. How is this different from disabling claude attribution in commits (and optionally telling claude to act human?)
On that note, this article is also pretty obviously AI-generated and it's unfortunate the author didn't clean it up.
giancarlostoro 22 hours ago [-]
It's people overreacting, the purpose of it is simple, don't leak any codenames, project names, file names, etc when touching external / public facing code that you are maintaining using bleeding edge versions of Claude Code. It does read weird in that they want it to write as if a developer wrote a commit, but it might be to avoid it outputting debug information in a commit message.
ant28 2 hours ago [-]
How do you know this? I think of myself as being decent at spotting AI-generated text, so that I may have missed something is odd.
ramon156 22 hours ago [-]
Even some of these comments are obviously Ai-assisted. I hate that I recognize it.
girvo 19 hours ago [-]
I'd really recommend putting a modicum of work into cleaning up obvious AI generated output. It's rude, otherwise, to the humans you're expecting to read this.
ares623 18 hours ago [-]
These can be flagged and reported to mods btw. We don't have to accept this.
girvo 14 hours ago [-]
I have been!
causal 22 hours ago [-]
I'm amazed at how much of what my past employers would call trade secrets are just being shipped in the source. Including comments that just plainly state the whole business backstory of certain decisions. It's like they discarded all release harnesses and project tracking and just YOLO'd everything into the codebase itself.
Edit: Everyone is responding "comments are good" and I can't tell if any of you actually read TFA or not
> “BQ 2026-03-10: 1,279 sessions had 50+ consecutive failures (up to 3,272) in a single session, wasting ~250K API calls/day globally.”
This is just revealing operational details the agent doesn't need to know to set `MAX_CONSECUTIVE_AUTOCOMPACT_FAILURES = 3`
CharlieDigital 22 hours ago [-]
Comments are the ultimate agent coding hack. If you're not using comments, you're doing agent coding wrong.
Why? Agents may or may not read docs. It may or may not use skills or tools. It will always read comments "in the line of sight" of the task.
You get free long term agent memory with zero infrastructure.
perching_aix 21 hours ago [-]
Agents and I apparently have a whole lot in common.
Only being half ironic with this. I generally find that people somehow magically manage to understand how to be materially helpful when the subject is a helpless LLM. Instead of pointing it to a random KB page, they give it context. They then shorten that context. They then interleave context as comments. They provide relevant details. They go out of their way to collect relevant details. Things they somehow don't do for their actual colleagues.
This only gets worse when the LLM captures all that information better than certain human colleagues somehow, rewarding the additional effort.
dgunay 20 hours ago [-]
Right? It's infuriating. Nearly all of the agentic coding best practices are things that we should have just been doing all along, because it turns out humans function better too when given the proper context for their work. The only silver lining is that this is a colossal karmic retribution for the orgs that never gave a shit about this stuff until LLMs.
AbstractH24 12 hours ago [-]
You are seeing very similar trends in GTM
suddenly everyone cares about data hygiene. But it’s not like this shouldn’t have always been a priority
thunky 18 hours ago [-]
> It's infuriating. Nearly all of the agentic coding best practices are things that we should have just been doing all along
There's a good reason why we didn't though: because we didn't see any obvious value in it. So it felt like a waste of time. Now it feels like time well spent.
saghm 18 hours ago [-]
> Only being half ironic with this. I generally find that people somehow magically manage to understand how to be materially helpful when the subject is a helpless LLM. Instead of pointing it to a random KB page, they give it context. They then shorten that context. They then interleave context as comments. They provide relevant details. They go out of their way to collect relevant details. Things they somehow don't do for their actual colleagues.
"Self-descriptive code doesn't need comments!" always gets an eye-roll from me
fwipsy 17 hours ago [-]
Helping the AI is helping themselves. You're doing your job, the AI is helping with their job.
noman-land 18 hours ago [-]
This isn't just great advice ⸻ it's terrific advice. I'd love to delve a little deeper.
saxelsen 18 hours ago [-]
Would you like me to draft a list of recommendations for how best to use comments?
jaxn 16 hours ago [-]
I didn't even know there was a "three em dash". Bravo.
zahlman 15 hours ago [-]
Huh. It's displayed taking up three cells in my terminal, but laid out as if its width were one cell. Irritating. I wonder if there are any other grapheme clusters that don't properly fit in two cells?
Comments are great for developers. I like having as much design in the repo directly. If not in the code, then in a markdown in the repo.
KronisLV 20 hours ago [-]
Meanwhile, some colleagues: "Code should have as little comments as possible, the code should explain itself." (conceptually not wholly wrong, but it can only explain HOW not WHY and even then often insufficiently) all while having barebones/empty README.md files more often than not. Fun times.
zingar 19 hours ago [-]
Actually good naming does plenty to explain the why. And because it’s part of the code it might actually be updated when it stops being true.
Or how would you name methods and variables to explain why some payment reconciliation process skips matching for transactions under 0.50 EUR and just auto-approves them, because the external payment processor rounds differently than the internal ledger at sub-euro amounts, creating mismatches that were flooding the finance team's exception queue in 2013, explained more under Jira issue ZXSV-12456 and more details are known by j.doe@myorg.com. The threshold was chosen after analyzing six months of false positives, when it's any higher someone being undercharged doesn't get caught. I don't think autoApproveThreshold = 0.50 or anything like that would get the full context across, even if the rules themselves are all code.
I think surely you can have both! Code should explain itself as often as possible, but when you hit a wall due to some counter-intuitive workarounds being needed, or some business rules or external considerations that you need to keep track of, then comments also make sense. Better than just putting everything in a Jira issue somewhere, given that it often won't be read by you or others and almost certainly will not be read by any AI agents (unless you have an MCP or something, but probably uncommon), or spending hours trying to get the code to explain something it will never explain well. I've had people ask me about things that are covered in the README.md instead of reading it.
zingar 9 hours ago [-]
You’ve correctly identified that naming isn’t sufficient for all communication. Name the things that stay constant in the code and explain the things that vary with a particular implementation in version control messages. Version control as a medium communicates what context the message was written for, which is far more appropriate than comments.
KronisLV 6 hours ago [-]
> Name the things that stay constant in the code and explain the things that vary with a particular implementation in version control messages.
Then the question becomes how often we look in the version control history for the files that we want to touch.
Which of these is more likely:
A) someone digging into the full history of autoApproveThreshold and finding out that they need to contact j.doe@myorg.com or reference ZXSV-12456
B) or them just messing the implementation with changes due to not reviewing the history of every file they touch
If someone is doing a refactor of 20 files, they probably won't review the histories of all of those, especially if the implementation is spread around a bunch of years, doubly so if there are a bunch of "fixes" commit messages in the middle, merge commits and so on. I've seen people missing out on details that are in the commit log many, many times, to the point where I pretty much always reach for comments. Same goes for various AI tools and agents.
Furthermore, if you want to publish a bit of code somewhere (e.g. Teams/Slack channel, or a blog), you'd need to go out of your way to pull in the relevant history as well and then awkwardly copy it in as well, since you won't always be giving other people a Git repo to play around with.
It's not that I don't see your point, it's just that from where I stand with those assumptions a lot of people are using version control as a tool wrong and this approach neither works now, nor will work well for them in the future.
It's more or less the same issue as with docs in some Wiki site or even a separate Markdown file (which is better than nothing, definitely closer than a Wiki, especially if the audience is someone who wants an overview of a particular part of the codebase, or some instructions for processes that don't just concern a few files; but it's still far removed from where any actual code changes would be made, also a downside of ADRs sometimes).
alexandre_m 12 hours ago [-]
Comments are mostly useful when they explain the why, not the what.
AbstractH24 12 hours ago [-]
HOW vs WHY is a great destination between design and documentation.
Gonna try and use that throughout my life. Thanks!
Pxtl 20 hours ago [-]
> the code should explain itself.
This is a good goal. You should strive to make the code explain itself. To write code that does not need comments.
You will fail to reach that goal most of the time.
And when you fail to reach that goal, write the dang comments explaining why the code is the way that it is.
bandrami 16 hours ago [-]
But you will also fail to keep the comments and code synchronized, and the comment will at some point no longer describe why the code is doing whatever it does
Pxtl 1 hours ago [-]
Which is why you're reviewing changes. I haven't memorized what every line of code does, if it was worth commenting then it was confusing-enough that it needed the comment and so I'll read the comment to make sense of the code being changed. If I don't read the comment that means the comment was too far from the confusing code.
Alternately, you can say the same about informative variable names or informative function names. "If I change the function then the name is no longer accurate". You don't say that because function names and variable names are short and clear and are close to the problem at hand. Do the same with comments.
Which is why the copilot hyper-verbosity is harmful. Comments need to be terse so your eyes don't filter them out as noise.
jaxn 16 hours ago [-]
But copilot code review agent is pretty good at catching when code and comments diverge (even in unrelated documentation files).
jcgrillo 19 hours ago [-]
Comments are great until they diverge from the code. The "no comments, just self-explanatory code" reaction comes from the trauma of having to read hundreds of lines of comments only to discover they have nothing to do with how the code actually works, because over time the code has received updates but the comments haven't. In that case it's better to just have no comments or documentation of any kind--less cognitive overhead. This is a symptom of broken culture, but the breakage is the same kind that has managers salivating over LLM vibeslop. So I totally get where your colleagues might be coming from. Working within the confines of how things actually are it could be totally reasonable.
sfn42 17 hours ago [-]
This is honestly such a bad argument against comments.
I'm gonna note down my reasons for doing things and other information I deem useful, and if some other dipshit 5 years from now when I've moved on comes along and starts changing everything up without keeping the comments up to date that's their problem not mine. There was never anything wrong with my comments, the only thing that's wrong is the dipshit messing things up.
Doesn't matter what I do, the dipshit is going to mess everything up anyway. Those outdated comments will be the least of their worries.
ozozozd 11 hours ago [-]
You may be a bit overconfident about how clear you will be with your comments.
The “dipshit” doesn’t mess everything up for fun. They don’t understand the comments written by the previous “dipshit” and thus are unable to update the comments.
sfn42 10 hours ago [-]
Oh really? I'm overconfident in my ability to write and read simple clear text notes?
Here's what I think. I think you guys heard the "self-documenting code" BS and ate it up, and now you're grasping at straws to defend your cargo cult position, inventing these "problems" to justify it.
If you're looking at some code and there's a comment saying something that doesn't make sense to you, maybe that's a clue that you're missing a puzzle piece and should take a step back maybe talk to some people to make sure you're not messing things up? Maybe, for a non-dipshit, that comment they don't understand could actually be helpful if they put some effort into it?
Also just to be clear I don't think this is a likely occurrence unless someone doesn't know squat about the codebase at all - my comments generally assume very little knowledge. That's their whole purpose - to inform someone (possibly me) coming there without the necessary background knowledge.
It just isn't feasible to include the why of everything in the code itself. And it sure as hell is better to include some info as comments than none at all. Otherwise a bug will often be indistinguishable from a feature.
And I don't think dipshits mess things up for fun. I think they just suck. They're lazy and stupid, as most developers are. If I'm there I can use reviews etc to help them suck less, if I'm not they're free to wreck my codebase with reckless abandon and nothing I do will make any difference. I cannot safeguard my codebase against that so there's no point in trying and the fact that this is your argument should make you stop and reconsider your position because it's far fetched as fuck.
krupan 13 hours ago [-]
And then you find out the dipshit that didn't keep the comments up to date was you all along
sfn42 13 hours ago [-]
It wasn't.
jcgrillo 16 hours ago [-]
> that's their problem not mine
IME unfortunately that's not actually the case. It very much is your problem, as the architect of the original system, unless you can get yourself transferred to a department far, far away. I've never managed that except by leaving the company.
To be clear, I don't believe it should be this way, but sadly unless you work in an uncommonly well run company it usually is.
sfn42 13 hours ago [-]
I really can't imagine this ever becoming a real problem. Not once have I ever worked in a place where any kind of leadership would ever give a shit about comments nor anything else in the code itself. The lowest level leadership has ever gone is click a button to see if it works.
And if anyone has a problem with comments existing it's trivial to find/replace them out of existence. Literally a one minute job, if you actually think the codebase would be better without them.
This is such a humongous non-issue it's crazy man.
hk__2 21 hours ago [-]
This is also a great way to ensure the documentation is up to date. It’s easier to fix the comment while you’re in the code just below it than to remember “ah yes I have to update docs/something.md because I modified src/foo/bar.ts”.
CharlieDigital 21 hours ago [-]
People moving docs out of code are absolutely foolish because no one is going to remember to update it consistently but the agent always updates comments in the line of sight consistently.
Agent is not going to know to look for a file to update unless instructed. Now your file is out of sync. Code comments keeping everything line of sight makes it easy and foolproof.
zingar 19 hours ago [-]
Experience doesn’t leave me with any confidence that the long term memory will be useful for long. Our agentic code bases are a few months old, wait a few years for those comments to get out of date and then see how much it helps.
tyre 17 hours ago [-]
The great thing about agentic coding is you can define one whose entire role is to read a diff, look in contextual files for comments, and verify whether they’re still accurate.
You don’t have to rely on humans doing it. The agent’s entire existence is built around doing this one mundane task that is annoying but super useful.
rustystump 15 hours ago [-]
Idk if u are serious.
Yes, lets blow another 5-10k a project/month on tokens to keep the comments up to date. The fact ai still cannot consistently refactor without leaving dead code around even after a self review does not give me confidence in comments…
Comments in code are often a code smell. This is an industry standard for a reason and isnt because of staleness. If u are writing a comment, it means the code is bad or there is irreducible complexity. It is about good design. Comments everywhere are almost always a flag.
Note, language conventions are not the same.
causal 20 hours ago [-]
> “BQ 2026-03-10: 1,279 sessions had 50+ consecutive failures (up to 3,272) in a single session, wasting ~250K API calls/day globally.”
That's revealing waaaay more than the agent needs to know.
sfn42 17 hours ago [-]
Doesn't look like privileged information to me.
Seems to me like everyone's just grasping at straws to nitpick every insignificant little thing.
zer00eyz 18 hours ago [-]
This.
Its also annoying to have to go through this stack
Or the even better "fixes bug NNNNN" where the bug tracking system referenced no longer exists.
Digging through other systems (if they exist) to find the nugget in an artifact is a problem for humans too.
embedding-shape 20 hours ago [-]
> If you're not using comments, you're doing agent coding wrong.
Comments are ultimately so you can understand stuff without having to read all the code. LLMs are great when you force them to read all code, and comments only serve to confuse. I'd say the opposite been true in my experience, if you're not forcing LLMs to not have any comments at all (and it can actually skip those, looking at you Gemini), you're doing agent coding wrong.
CharlieDigital 11 hours ago [-]
You're wasting context doing that when a 3 line comment that the agent itself leaves can prevent the agent from searching and reading 30 files.
embedding-shape 6 hours ago [-]
You're wasting context re-specifying what the code should already say, defining an implementation once should be enough, otherwise try another model that can correctly handle programming.
joe_the_user 19 hours ago [-]
Hmm, I'm sure if you're getting parent's comment.
I think a big question is whether one wants your agent to know the reason for all the reasons for guidelines you issue or whether you want the agent to just follow the guidelines you issue. Especially, giving an agent the argument for your orders might make the agent think that can question and so not follow those arguments.
semiquaver 20 hours ago [-]
Most large private codebases look like this. Anthropic did not expect the source to leak.
WatchDog 17 hours ago [-]
It's a good comment, it explains the reason for the setting.
They didn't expect to leak their source code.
It's hardly a trade secret, what value is this to a competitor?
JambalayaJimbo 21 hours ago [-]
I guess they weren't expecting a leak of the source code?
It's very handy to have as much as possible available in the codebase itself.
pixl97 22 hours ago [-]
Project trackers come and go, but code is forever, hopefully?
saghm 18 hours ago [-]
> just YOLO'd everything into the codebase itself
I suspect that's the logical endpoint of trying to provide everything as context to an agent. Why use a separate markdown file and have to waste extra tokens explaining what part of the codebase something applies to when you can just put it right there in the code itself?
noosphr 18 hours ago [-]
The issues is that you should have a work flow that strips the comments before sending the code to production. I'm sure they assumed that minifying it is enough though.
saghm 18 hours ago [-]
They also weren't supposed to be leaking the code itself either. I don't know enough about JS tooling, but is it possible that this might just be the pre-stripped version?
throwup238 15 hours ago [-]
That’s what a source map is. It’s included in debug builds so that browser debuggers (and others) can step through the original code, comments and all, instead of the compiled javascript (which back in the day could become an undecipherable mess of callbacks if you were transpiling async/await to the legacy Promise API).
Unfortunately in many bundlers making a mistake like this is as easy as an agent deleting “process.env[‘ENV’] === ‘debug’” which they’ll gladly do if you point them at a production or staging environment and ask them to debug the stripped/compiled/minified code.
saghm 4 hours ago [-]
I see. I had read that it was a source map that was leaked here specifically, but my vague understanding of the term was mostly that it might be a way to trace back JavaScript lines to the TypeScript it compiled from, since I don't have much of an understanding of all of the other various steps that are part of a JavaScript build nowadays.
I think I still disagree with the parent comment premise that "they probably thought minifying was enough", since it sounds likely they were doing all of those other steps. The issue seems like insufficient auditing of the build process (especially if agents were involved, which seems likely for Anthropic) rather than not doing all of the usual JS build stuff.
treexs 21 hours ago [-]
well yeah since they tell claude code the business decisions and it creates the comments
wilg 19 hours ago [-]
Exactly the type of comment Claude Code would write
yalok 20 hours ago [-]
vibe-coded all the way through
maguay 1 hours ago [-]
Absolutely hilarious that it's watching for frustration.
I'd discovered, perhaps mid-2025, that Cursor was noticeably better at fixing bugs if I started cursing at it. Better yet, after a while it would seem to break and start cursing itself ("Oh yes, I see the f*** problem now" and so on). Hilarity ensued.
What a world, where cursing at your machines can make them get their act together.
HeytalePazguato 15 hours ago [-]
The hooks system is the most underappreciated thing in what leaked. PreToolUse,
PostToolUse, session lifecycle, all firing via curl to a local server. Clean
enough to build real tooling on top of without fighting it.
The frustration regex is funny but honestly the right call. Running an LLM call
just to detect "wtf" would be ridiculous.
KAIROS is what actually caught my attention. An always-on background agent that
acts without prompting is a completely different thing from what Claude Code is
today. The 15 second blocking budget tells me they actually thought through what
it feels like to have something running in the background while you work, which
is usually the part nobody gets right.
Artoooooor 47 minutes ago [-]
But it still doesn't recognise "rubbish" :D
O4epegb 7 hours ago [-]
> The hooks system is the most underappreciated thing in what leaked.
Maybe it would be okay as a first filtering step, before doing actual sentiment analysis on the matches. That would at least eliminate obvious false positives (but of course still do nothing about false negatives).
ArvinJA 21 hours ago [-]
Is this really the use-case? I imagine the regex is good for a dashboard. You can collect matches per 1000 prompts or something like that, and see if the number grows or declines over time. If you miss some negative sentiment it shouldn't matter unless the use of that specific word doesn't correlate over time with other negative words and is also popular enough to have an impact on the metric.
internetter 21 hours ago [-]
When you read the code, what you propose is actually its exclusive use... logging.
ach9l 9 hours ago [-]
have you heard about rlhf?
simianwords 22 hours ago [-]
> The multi-agent coordinator mode in coordinatorMode.ts is also worth a look. The whole orchestration algorithm is a prompt, not code.
So much for langchain and langraph!! I mean if Anthropic themselves arent using it and using a prompt then what’s the big deal about langchain
ossa-ma 21 hours ago [-]
Langchain is for model-agnostic composition. Claude Code only uses one interface to hoist its own models so zero need for an abstraction layer.
Langgraph is for multi-agent orchestration as state graphs. This isn't useful for Claude Code as there is no multi-agent chaining. It uses a single coordinator agent that spawns subagents on demand. Basically too dynamic to constrain to state graphs.
simianwords 21 hours ago [-]
You may have a point but to drive it further, can you give an example of a thing I can do with langgraph that I can't do with Claude Code?
ossa-ma 21 hours ago [-]
I'm not an supporter of blindly adopting the "langs" but langgraph is useful for deterministically reproducable orchestration. Let's say you have a particular data flow that takes an email sends it through an agent for keyword analysis the another agent for embedding then splits to two agents for sentiment analysis and translation - there is where you'd use langgraph in your service. Claude Code is a consumer tool, not production.
simianwords 21 hours ago [-]
I see what you mean. Maybe in the cases where the steps are deterministic, it might be worth moving the coordination at the code layer instead of AI layer.
What's the value add over doing it with just Python code? I mean you can represent any logic in terms of graphs and states..
chaos_emergent 17 hours ago [-]
Most of the value I’ve gotten out of is has been observability. Graph and DAG workflow abstractions just help OTel structure your LLM logs in a clean hierarchy of spans. I could imagine figuring out a better solution to this than the whole graph abstraction.
Other than that I’m not too sure.
edgyquant 20 hours ago [-]
Use Gemini or codex models
peab 21 hours ago [-]
nobody serious uses langchain. The biggest agent products are coding tools, and I doubt any of them use langchain
holoduke 19 hours ago [-]
Biggest issue is that you need api keys which are extremely expensive. Unusable for normal business.
rolymath 22 hours ago [-]
You didn't even use it yet.
space_fountain 22 hours ago [-]
I've tried to use langchain. It seemed to force code into their way of doing things and was deeply opinionated about things that didn't matter like prompt templating. Maybe it's improved since then, but I've sort of used people who think langchain is good as a proxy for people who haven't used much ai?
simianwords 22 hours ago [-]
?
Andebugulin 9 hours ago [-]
Regex for swearing detected, user needs to get more API tokens, he is very very pissed.
galaxyLogic 12 hours ago [-]
The irony of ironies is in the last paragraph:
" ...accidentally shipping your source map to npm is the kind of mistake that sounds impossible until you remember that a significant portion of the codebase was probably written by the AI you are shipping.”
artyom 16 hours ago [-]
I'm still amazed that something as ubiquitous as "daemon mode" is still unreleased.
- Claude Chat: built like it's 1995, put business logic in the button click() handler. Switch to something else in in the UI and a long running process hard stops. Very Visual Basic shovelware.
- Claude Cowork: same but now we're smarter, if you change the current convo we don't stop the underlying long-running process. 21st century FTW!
- Claude Code: like chat, but in the CLI
- Claude Dispatch: an actual mobile client app, not the whole thing bundled together.
- Daemon mode: proper long-running background process, still unreleased.
preston-kwei 18 hours ago [-]
I’m more curious how this impacts trust than anything else.
In the span of basically a week, they accidentally leaked Mythos, and then now the entire codebase of CC. All while many people are complaining about their usage limits being consumed quickly.
Individually, each issue is manageable (Because its exciting looking through leaked code). But together, it starts to feel like a pattern.
At some point, I think the question becomes whether people are still comfortable trusting tools like this with their codebases, not just whether any single incident was a mistake.
bottlepalm 17 hours ago [-]
Not much impact, Codex is already open source. The real value is in the model itself and the ability to use it with a subscription. Something you can't do legally with a clone of this code.
The only thing I found interesting about this leak is just how much of a rats nest the code base is. Like it actually feels vibe coded without a shred of intelligent architecture behind it.
Regardless, you can't beat the subscription and model access despite the state of the code base, so I still use Claude Code daily and love it.
internet101010 16 hours ago [-]
I just hope it doesn't turn out like n8n. I built a few things, wanted to make changes, looked at the code base, opened the devcontainer, noped out after being mortified by the sheer number of warning and dependency issues, threw away all of my work, uninstalled, didn't think about it again.
Two months later it was CVE after CVE.
Aperocky 16 hours ago [-]
Exactly, we should be able to build on top of the tooling agents. They are a dime a dozen similar to the models.
Power(money) lies with NVDA and people who can best harness this power.
redanddead 16 hours ago [-]
Idk. This is making leaps. Idc that their tools leaked. I paid 140$ for CC the other day even after getting sometimes not 100% uptime on the lower plan. If anything this leak is most in line with Anthropic's ethical model. They're failing upwards in my opinion
SequoiaHope 17 hours ago [-]
Something that has been clear to me in using it, aside from direct claims by the authors, is that Claude is itself vibe coded slop. The number of random errors I get from using various parts of the web UI or CC that should work feels high for such a popular product. But they’re so deep in the vibes that I don’t think they can tell when some path in their web UI is broken. I tried to share a public link to a chat and it asked me to login when opening it on another computer. I tried to download a conversation and it threw an error. When I download markdown output the download succeeds but the UI throws an error. I have tried to control the behavior of Claude Code in tmux using documented flags but I can’t seem to get them to work properly. Agent teams don’t clean up their tmux windows, making the view a mess after they run. Claude code is an amazing product that I love and also it is itself vibe coded slop.
jgilias 15 hours ago [-]
And there’s no reason why they couldn’t vibe fix the issues if there was a process to report the bugs. Fixing issues like that could also be something that’s fully automated. Provided there’s a good test suite (not a given).
14 hours ago [-]
mnkyprskbd 14 hours ago [-]
No one will remember this in 4 weeks or less.
deepsun 15 hours ago [-]
It is super weird that developers have to run a binary blob on their machines. It's 2026, all the major developer CLI tools are open-source anyway. What's the point for Anthropic to even make it secret?
pixl97 23 hours ago [-]
>Claude Code also uses Axios for HTTP.
Interesting based on the other news that is out.
chuckadams 20 hours ago [-]
The exploit is a postinstall hook, so CC users would be unaffected. Claude Code itself is most likely built with bun and not npm, so the CC developers would also be immune.
JamesSwift 1 hours ago [-]
Well, technically bun doesnt _prevent_ hooks. It just requires opting into them. And even that also includes a default set of pre-whitelisted packages. A much better system, but not perfect.
And actually just looking this up, it appears claude-code itself was just added to that whitelist : D
Just to corroborate sibling comments, I checked my Claude Code VM (native install) for the IOC and it does not appear infected.
greenavocado 22 hours ago [-]
What version?
Stagnant 22 hours ago [-]
1.13.6, so should not be affected by the malware
getverdict 13 hours ago [-]
Two things worth separating here: the leak mechanism and the leak contents.
The mechanism is a build pipeline issue. Bun generates source maps by default, and someone didn't exclude the .map file from the npm publish. There's an open Bun issue (oven-sh/bun#28001) about this exact behavior. One missing line in .npmignore or the package.json files field. Same category of error as the Axios compromise earlier this week — npm packaging configuration is becoming a recurring single point of failure across the ecosystem.
The contents are more interesting from a security architecture perspective. The anti-distillation system (injecting fake tool definitions to poison training data scraped from API traffic) is a defensive measure that only works when its existence is secret. Now that it's public, anyone training on Claude Code API traffic knows to filter for it. The strategic value evaporated the moment the .map file hit the CDN.
The undercover mode discussion is being framed as deception, but the actual security question is narrower: should AI-authored contributions to public repositories carry attribution? That's an AI identity disclosure question that the industry hasn't settled. The code shows Anthropic made a specific product decision — strip AI attribution in public commits from employee accounts. Whether that's reasonable depends on whether you think AI authorship is material information for code reviewers.
The frustration regex is the least interesting finding technically but the most revealing culturally. A company with frontier-level NLP capability chose a regex over an inference call for sentiment detection. The engineering reason is obvious (latency and cost), but it tells you something about where even AI companies draw the line on using their own models.
stavros 22 hours ago [-]
Can someone clarify how the signing can't be spoofed (or can it)? If we have the source, can't we just use the key to now sign requests from other clients and pretend they're coming from CC itself?
MadsRC 21 hours ago [-]
What signing?
Are you referencing the use of Claude subscription authentication (oauth) from non-Claude Code clients?
That’s already possible, nothing prevents you from doing it.
They are detecting it on their backend by profiling your API calls, not by guarding with some secret crypto stuff.
Ah, it seems that Bun itself signs the code. I don't understand how this can't be spoofed.
MadsRC 21 hours ago [-]
Ah yes, the API will accept requests that doesn’t include the client attestation (or the fingerprint from src/utils/fingerprint.ts. At least it did a couple of weeks back.
They are most likely using these as post-fact indicators and have automation they kicks in after a threshold is reached.
Now that the indicators have leaked, they will most likely be rotated.
Galanwe 19 hours ago [-]
> Now that the indicators have leaked, they will most likely be rotated.
They can't really do that. Now they have no way to distinguish "this is a user of a non updated Claude code" from "this is a user of a Claude code proxy".
SquibblesRedux 19 hours ago [-]
Can fully AI‑generated code be copyrightable? Is there evidence that the leaked code was AI-generated?
dehrmann 16 hours ago [-]
"Top engineers at Anthropic, OpenAI say AI now writes 100% of their code"
> Right now for most products at Anthropic it's effectively 100% just Claude writing
- Mike Krieger, chief product officer of Anthropic
Aperocky 16 hours ago [-]
It's completely baffling to me why a client that must run on third party environment is behind closed source.
csfNight167 16 hours ago [-]
So many clients run on third party environments, no?
Aperocky 14 hours ago [-]
Yes, they should all be open source.
system2 12 hours ago [-]
And universal income should be $50,000 per month per person.
Aperocky 29 minutes ago [-]
The analogous statement is "there should be universal income" and not the amount.
yard2010 9 hours ago [-]
Wouldn't this make 50k worth like 2$?
wg0 20 hours ago [-]
I have yet to see such a company that's so insecure that they would keep their CLI closed source even when the secret sauce is in the model that they control already and is closed source.
Not only that, wouldn't allow other CLIs to be used either.
redanddead 16 hours ago [-]
I'm glad it got leaked, I wish it came in a zip file in my email when I pay over 100$
seanwilson 22 hours ago [-]
Anyone else have CI checks that source map files are missing from the build folder? Another trick is to grep the build folder for several function/variable names that you expect to be minified away.
d4rkp4ttern 2 hours ago [-]
that frustration regex is missing "idiot", which is the most common frustration word I use with code-agents
simianwords 22 hours ago [-]
> The obvious concern, raised repeatedly in the HN thread: this means AI-authored commits and PRs from Anthropic employees in open source projects will have no indication that an AI wrote them. It’s one thing to hide internal codenames. It’s another to have the AI actively pretend to be human.
I don’t get it. What does this mean? I can use Claude code now without anyone knowing it is Claude code.
it's written to _actively_ avoid any signs of AI generated code when "in a PUBLIC/OPEN-SOURCE repository".
Also, it's not about you. Undercover mode only activates for Anthropic employees (it's gated on USER_TYPE === 'ant', which is a build-time flag baked into internal builds).
simianwords 22 hours ago [-]
I don’t know what you mean. It just informs to not use internal code names.
robflynn 22 hours ago [-]
It also says don't announce that you are AI in any way including asking it to not say "Co-authored by Claude". I read the file myself.
I'm still inclined to think people might be overreacting to that bit since it seems to be for anthropic-only to prevent leaking internal info.
But I did read the prompt and it did say hide the fact that you are AI.
simianwords 22 hours ago [-]
Why does that matter though
robflynn 20 hours ago [-]
There are probably different reasons for different people. I can definitely see the angle that trying to specifically pretend to not be AI when contributing to open source could be seen as a bad thing due to the open source supply chain attacks, some AI-driven, that we've been having, not to mention the AI-slop PR spam.
But, I also get Anthropic's side that when they're contributing they don't want their internals leaked. If it had been left at that, that's fine, but having it pretend like it's not AI at all rubs me a little bit the wrong way. Why try to hide it?
simianwords 20 hours ago [-]
>There are probably different reasons for different people. I can definitely see the angle that trying to specifically pretend to not be AI when contributing to open source could be seen as a bad thing due to the open source supply chain attacks, some AI-driven, that we've been having, not to mention the AI-slop PR spam.
But none of the other agents advertise that the commit was done by an agent. Like Codex. Your panic should apply equally to already existing agents like Codex no?
11 hours ago [-]
giancarlostoro 22 hours ago [-]
I agree with you, I think people are overthinking this.
slopinthebag 22 hours ago [-]
I think it means OSS projects should start unilaterally banning submissions from people working for Anthropic.
simianwords 22 hours ago [-]
Why? What does this have to do with the leak
daemin 16 hours ago [-]
Because it has a high likelyhood of being written completely by a LLM without any human thought or attention being put into it.
Being written by a LLM is a signal that the submission is of low effort and therefore probably low quality, which then puts the onus on the people reviewing and reading the submission instead of the original generator of the submission. Hence I would classify it as spam.
Open source communities also have rules against LLM generated contributions, for various moral, ethical, or legal reasons.
slopinthebag 12 hours ago [-]
...Because it's a mode of using Claude Code that allows certain users to use the application in "stealth mode" to produce pull requests that seem human, but are actually AI generated, which often goes against the contribution rules of OSS projects?
At this point I would consider any employee of an AI provider to be tainted.
simianwords 6 hours ago [-]
None of the other agents claim that the commit was made by an AI so why the panic suddenly
hrmtst93837 20 hours ago [-]
If anybody cares about AI-written code slipping in they can grep for style tells or run a classifier against a suspect repo. You won't get guarantees. Watermarks and disclosure tags die the moment someone edits the patch, so secret strings and etiquette signs are cargo cult security and the only answer is review.
tietjens 20 hours ago [-]
This is very much AI written, right? The voice sounds like Claude.
sp4cec0wb0y 56 minutes ago [-]
Yep:
> It's basically
> Anthropic doesn't just ask
> The fix? `MAX_CONSECUTIVE_AUTOCOMPACT_FAILURES = 3`
> Not a push-button bypass, but
The irony in saying "this is what I found" when an AI found it, not you.
evil-olive 21 hours ago [-]
> So I spent my morning reading through the HN comments and leaked source.
> This was one of the first things people noticed in the HN thread.
> The obvious concern, raised repeatedly in the HN thread
> This was the most-discussed finding in the HN thread.
> Several people in the HN thread flagged this
> Some in the HN thread downplayed the leak
when the original HN post is already at the top of the front page...why do we need a separate blogpost that just summarizes the comments?
nodja 18 hours ago [-]
This blog post looks to be partially AI generated as well...
stingraycharles 13 hours ago [-]
Because it’s very cheap to tell an LLM to write a blogpost based on a HN thread, and apparently the HN community upvotes this as well.
groby_b 21 hours ago [-]
Because the original post was noisy and lacked a concise summary of findings.
Or, more simply: Because folks wanted it enough to upvote it.
tolerance 20 hours ago [-]
The culture here can get solipsistic.
stephbook 18 hours ago [-]
Sounds like there's still a lot of value in Typescript (otherwise they could have open sourced.)
Plus there's demand for skilled TS software devs that don't ship your company's roadmap using a js.map
20,000 agents and none of them caught it...
senfiaj 17 hours ago [-]
> Frustration detection via regex (yes, regex)
/\b(wtf|wth|ffs|omfg|shit(ty|tiest)?|dumbass|horrible|awful|
piss(ed|ing)? off|piece of (shit|crap|junk)|what the (fuck|hell)|
fucking? (broken|useless|terrible|awful|horrible)|fuck you|
screw (this|you)|so frustrating|this sucks|damn it)\b/
Personally, I'm generally polite even towards AI and even when frustrated. I simply point out the its mistakes instead of using emotional words.
sbinnee 14 hours ago [-]
I had a good laugh. I am too polite but I do remember using wth a few times in the past week. haha
rafaele 15 hours ago [-]
But think of all the API calls you save if you curse at Claude
pjoubert 15 hours ago [-]
I'm curious about what people are not looking for about Claude code. What's missing and nobody is talking about? Any clue?
marcd35 21 hours ago [-]
> 250,000 wasted API calls per day
How much approximate savings would this actually be?
karim79 20 hours ago [-]
We're about to reach AGI. One regex at a time...
TacticalCoder 18 hours ago [-]
The part of TFA that does it for me: "Every bash command runs through 23 numbered security checks in bashSecurity.ts, including 18 blocked Zsh builtins, defense against Zsh equals expansion (=curl bypassing permission checks for curl), unicode zero-width space injection, IFS null-byte injection, and a malformed token bypass found during HackerOne review.".
AGI is definitely around the corner. Or not.
karim79 17 hours ago [-]
I love it when "magic" like this gets unmasked, and under the hood it's just business as usual, i.e. dumb shit implementations to please the product owner(s) and hopefully the customers as well. Normal stuff in the tech world I suppose but still absolutely hilarious!
jwilliams 12 hours ago [-]
I used to swear at Claude. To be honest, I thought it helped get results (maybe this is "oldschool" LLM thinking), but I realized it was just making me annoyed.
saretup 12 hours ago [-]
It does send an analytics event when you’re swearing based on a keyword filter (something like is_negative:true), presumably as a signal that the model isn’t performing well this session, but who knows?
motbus3 22 hours ago [-]
I am curious about these fake tools.
They would either need to lie about consuming the tokens at one point to use in another so the token counting was precise.
But that does not make sense because if someone counted the tokens by capturing the session it would certainly not match what was charged.
Unless they would charge for the fake tools anyway so you never know they were there
Gen_ArmChair 9 hours ago [-]
The Claude Code leak suggests multi-agent orchestration is largely driven by prompts (e.g., “do not rubber-stamp weak work”), with code handling execution rather than enforcing decisions.
Prompts are not hard constraints—they can be interpreted, deprioritized, or reasoned around, especially as models become more capable.
From what’s visible, there’s no clear evidence of structural governance like voting systems, hard thresholds, or mandatory human escalation. That means control appears to be policy (prompts), not enforcement (code).
This raises the core issue:
If governance is “prompts all the way down,” it’s not true governance—it’s guidance.
And as model capability increases, that kind of governance doesn’t get stronger—it becomes easier to bypass without structural constraints.
Has anyone actually implemented structural governance for agent swarms — voting logic, hard thresholds, REQUIRES_HUMAN as architecture not instruction?
viccis 21 hours ago [-]
>This was the most-discussed finding in the HN thread. The general reaction: an LLM company using regexes for sentiment analysis is peak irony.
>Is it ironic? Sure. Is it also probably faster and cheaper than running an LLM inference just to figure out if a user is swearing at the tool? Also yes. Sometimes a regex is the right tool.
I'm reading an LLM written write up on an LLM tool that just summarizes HN comments.
I'm so tired man, what the hell are we doing here.
yard2010 9 hours ago [-]
Today, on "how did I get here?"
bKHjNaz23wJ 6 hours ago [-]
[dead]
olalonde 20 hours ago [-]
I'm surprised that they don't just keep the various prompts, which are arguably their "secret sauce", hidden server side. Almost like their backend and frontend engineers don't talk to each other.
jarjoura 16 hours ago [-]
My company uses Claude through our own private data centers behind our own proxy that logs all requests and responses in and out. However, Anthropic heavily steers these models during RL to respond a certain way to certain prompting, so that's basically the "secret sauce" you're thinking of.
olalonde 6 hours ago [-]
Sure, that's part of it, but they clearly don't like people knowing about their prompts either.
tom1337 17 hours ago [-]
i always wondered what prompts codex / claude code use but always figured they just send variables to the backend and render the whole prompt there so i never even bothered to check with a MITM proxy. turns out i should have just done that…
restlake 15 hours ago [-]
yea there are proxies out there for this and in AWS Bedrock this outbound logging is a feature you can enable for these and other models
seertaak 19 hours ago [-]
The irony of an IP scraper on an absolutely breathtaking, epic scale getting its secret sauce "scraped" - because the whole app is vibe coded (and the vibe coders appear to be oblivious to things like code obfuscation cuz move fast!)...
And so now the copy cats can ofc claim this is totally not a copy at all, it's actually Opus. No license violation, no siree!
It's fucking hilarious is what it is, it's just too much.
GuB-42 17 hours ago [-]
The code is obfuscated, but they accidentally shipped the map file, i.e. the key to de-obfuscating it.
> Anti-distillation: injecting fake tools to poison copycats
Does this mean `huggingface.co/Jackrong/Qwen3.5-27B-Claude-4.6-Opus-Reasoning-Distilled` is unusable? Had anyone seen fake tool calls working with this model?
What effect will this have on their IPO? Can someone take the code and make a clone?
evan_ 15 hours ago [-]
it's just the client app, so you could make a clone but you'd still have to pay to use their servers.
dpe82 15 hours ago [-]
None. The magic is still in the model.
slashdave 12 hours ago [-]
What? No. Not legally. You know. Copyright and all that.
yard2010 9 hours ago [-]
What do you mean copyright? If I torrent this and train a model that changes every second m in a sentence to n can I ship as my software?
sheepscreek 15 hours ago [-]
> As one Twitter reply put it: “accidentally shipping your source map to npm is the kind of mistake that sounds impossible until you remember that a significant portion of the codebase was probably written by the AI you are shipping.”
To err is human. AI is trained on human content. Hence, to err is AI. The day it stops making mistakes will be the beginning of the end. That would mean the existence of a consciousness that has no weakness. Great if it’s on your side. Terrible otherwise.
simianwords 22 hours ago [-]
Guys I’m somewhat suspicious of all the leaks from Anthropic and think it may be intentional. Remember the leaked blog about Mythos?
Analemma_ 21 hours ago [-]
It's possible, but Anthropic employees regularly boast (!) that Claude Code is itself almost entirely vibe-coded (which certainly seems true, based on the generally-low quality of the code in this leak), so it wouldn't at all surprise me to have that blow up twice in the same week. Probably it might happen with accelerating frequency as the codebase gets more and more unmanageable.
__blockcipher__ 22 hours ago [-]
I'm normally suspicious but honestly they've been so massively supply-constrained that I don't think it really benefits them much. They're not worried about getting enough demand for the new models; they're worrying about keeping up with it.
Granted, there's a small counterargument for mythos which is that it's probably going to be API-only not subscription
simianwords 22 hours ago [-]
Why would Claude code mention Mythos then
drewnick 21 hours ago [-]
You can use Claude Code with API mode (not a sub)
simianwords 21 hours ago [-]
fair but I'm guessing access would be limited to 20x max users or something like that. not gated by API.
hxugufjfjf 21 hours ago [-]
You can still use Claude Code with API-only.
shreyssh 17 hours ago [-]
The undercover mode is the part that should terrify everyone building with agents.
brysonreece 16 hours ago [-]
Hardly.
gervwyk 17 hours ago [-]
how sure are we this entire “accident” is not an aprils fools joke??
Genius level AI marketing
dheerajmp 11 hours ago [-]
April Fool tool
ptrl600 21 hours ago [-]
Why didn't they open the source themselves? What's the point of all this secrecy anyway?
hxugufjfjf 21 hours ago [-]
Because they (apparently) keep a bunch of secret features and roadmap details in said source code.
baby 15 hours ago [-]
Can someone ask claude to write a deep dive on how compaction works and why it’s so slow? (I still can’t fathom why they wouldn’t just add a user message “compact the conversation we’ve just had”
pmakhija3 5 hours ago [-]
[dead]
amelius 21 hours ago [-]
A few weeks ago I was using Opus and Sonnet in OpenCode. Is this not possible anymore?
alasano 21 hours ago [-]
It's still possible but if you do it using your Claude Max plan, it's technically no longer allowed.
They don't want you using your subscription outside of Claude Code. Only API key usage is allowed.
Google also doubled down on this and OpenAI are the only ones who explicitly allow you to do it.
try-working 18 hours ago [-]
They want "Made with Claude Code" on your PRs as a growth marketing strategy. They don't want it on their PRs, so it looks like they're doing something you're not capable of. Well, you are and they have no secret sauce.
Meanwhile Claude Code is still awesome. I don’t see my self switching to OpenAI (seriously bad mgmt and possibly the first domino to fall if there is a correction) or Gemini (Google ethics cough cough).
electriclove 16 hours ago [-]
I switched to Codex out of frustration with Claude Code and it has been surprisingly similar for my web and mobile coding needs
system2 12 hours ago [-]
Except for censoring. It didn't allow me to use a screencapture library, thinking I was going to hack the world.
yard2010 9 hours ago [-]
I sleep good at night, knowing that chatgpt saves me from the world wide web hackers
redanddead 16 hours ago [-]
Gemini is a terrible product, I spent $15K on it. Anthropic and OpenAI make better models, it used to be that Gemini cooked but I don't feel that way anymore
zingar 19 hours ago [-]
I wrote this an hour ago and it seems that Claude might not understand it as frustration:
> change the code!!!! The previous comment was NOT ABOUT THE DESCRIPTION!!!!!!! Add to the {implementation}!!!!! This IS controlled BY CODE. *YOU* _MUST_ CHANGE THE CODE!!!!!!!!!!!
that’s fun am having exploring this codebase with claude code, inception at its best
jrflowers 20 hours ago [-]
I like that if they decide that your usage looks like distillation it just becomes useless, because there’s no way for the end user to distinguish between it just being sort of crappy or sabotaged intentionally. That’s a cool thing to pay for
dangus 21 hours ago [-]
Something I’ve been thinking about, somewhat related but also tangential to this topic:
The more code gets generated by AI, won’t that mean taking source code from a company becomes legal? Isn’t it true that works created with generative AI can’t be copyrighted?
I wonder if large companies have throught of this risk. Once a company’s product source code reaches a certain percentage of AI generation it no longer has copyright. Any employee with access can just take it and sell it to someone else, legally, right?
thewebguyd 18 hours ago [-]
In theory, companies are all going to have an increasingly difficult time suing competitors for copyright infringement. By extension, this is also why, IMO, its important to keep AI generated code out of open source/free software projects.
The recent rulings on copyright though also need to be further tested, different judges may have different ideas on what "significant human contribution" looks like. The only thing we know for certain is that the prompt doesn't count.
My guess is that instead of enforcing via copyright, companies will use contracts & trade secret laws. Source code and algorithms counts as a trade secret, so in your example copyright doesn't even matter, the employee would be liable for stealing trade secrets.
AI generated code slowly stripping the ability of a project to enforce copyright protections though is a much bigger risk for free software.
dangus 15 hours ago [-]
I wonder if an argument could be made that because the LLM came up with the implementation that it’s not a trade secret?
Of course with lease intent is a very important concept. I doubt anyone is getting away with what I described.
It’s just interesting stuff to potentially rethink.
DeathArrow 11 hours ago [-]
I hope cheap Chinese models will overtake Anthropic.
chadd 17 hours ago [-]
re: binary attestation: "Whether the server rejects that outright or just logs it is an open question"
...what we did at Snap was just wait for 8-24 hours before acting on a signal, so as not to provide an oracle to attackers. Much harder to figure out what you did that caused the system to eventually block your account if it doesn't happen in real-time.
(Snap's binary attestation is at least a decade ahead of this, fwiw)
15155 17 hours ago [-]
LLMs and radare2 absolutely breeze through undoing binary protection and virtualization, tracing execution flow, etc.
Sans the ability to JIT, I don't see non-hardware-assisted binary attestation for Snap and others lasting very long in a post-LLM world.
19 hours ago [-]
21 hours ago [-]
heliumtera 13 hours ago [-]
What a cesspool. So this is the power of being 80x more productive, having infinite llm usage quota?
No wonder they had to let Satan take the wheel and went 100% vibe code.
Thanks for making a point, llms are a disgrace
jsrozner 17 hours ago [-]
"and i also wrote this using claude" -- can we just include that at this point?
OfirMarom 22 hours ago [-]
Undercover mode is the most concerning part here tbh.
anonymoushn 22 hours ago [-]
why
AnimalMuppet 22 hours ago [-]
Well, as a general rule, I don't do business with people who lie to me.
You've got a business, and you sent me junk mail, but you made it look like some official government thing to get me to open it? I'm done, just because you lied on the envelope. I don't care how badly I need your service. There's a dozen other places that can provide it; I'll pick one of them rather than you, because you've shown yourself to be dishonest right out of the gate.
Same thing with an AI (or a business that creates an AI). You're willing to lie about who you are (or have your tool do so)? What else are you willing to lie to me about? I don't have time in my life for that. I'm out right here.
otterley 21 hours ago [-]
Out of curiosity, given two code submissions that are completely identical—one written solely by a human and one assisted by AI—why should its provenance make any difference to you? Is it like fine art, where it’s important that Picasso’s hand drew it? Or is it like an instruction manual, where the author is unimportant?
Similarly, would you consider it to be dishonest if my human colleague reviewed and made changes to my code, but I didn’t explicitly credit them?
feature20260213 21 hours ago [-]
Yes because you can be sued for copyright violation if you don't know the origin of one, and not the other.
otterley 20 hours ago [-]
As an attorney, I know copyright law. (This is not legal advice.) There's nothing about copyright law that says you have to credit an AI coding agent for contributing to your work. The person receiving the code has to perform their due diligence in any case to determine whether the author owns it or has permission from the owner to contribute it.
hajile 20 hours ago [-]
Can you back this up with legal precedence? To my knowledge, nothing of the sort has been ruled by the courts.
Additionally, this raises another big issue. A few years ago, a couple guys used software (what you could argue was a primitive AI) to generated around 70 billion unique pieces of music which amounts to essentially every piece of copyrightable music using standard music scales.
Is the fact that they used software to develop this copyrighted material relevant? If not, then their copyright should certainly be legal and every new song should pay them royalties.
It seems that using a computer to generate results MUST be added as an additional bit of analysis when it comes to infringement cases and fair use if not a more fundamental acknowledgement that computer-generated content falls under a different category (I'd imagine the real argument would be over how much of the input was human vs how much was the system).
Of course, this all sets aside the training of AI using copyrighted works. As it turns out, AI can regurgitate verbatim large sections of copyrighted works (up to 80% according to this study[0]) showing that they are in point of fact outright infringing on those copyrights. Do we blow up current AI to maintain the illusion of copyright or blow up current copyright law to preserve AI?
You're asking a lot of very good and thoughtful questions, but none are directly related to the immediate issue, which is "do I have to credit the AI model?".
Why does the provenance make any difference? Let me increase your options. Option 1: You completely hand-wrote it. Option 2: You were assisted by an AI, but you carefully reviewed it. Option 3: You were assisted by an AI (or the AI wrote the whole thing), and you just said, "looks good, YOLO".
Even if the code is line-for-line identical, the difference is in how much trust I am willing to give the code. If I have to work in the neighborhood of that code, I need to know what degree of skepticism I should be viewing it with.
otterley 21 hours ago [-]
That's the thing. As someone evaluating pull requests, should you trust the code based on its provenance, or should you trust it based on its content? Automated testing can validate code, but it can't validate people.
ISTM the most efficient and objective solution is to invest in AI more on both sides of the fence.
AnimalMuppet 20 hours ago [-]
In the future, that may be fine. We're not in that future yet. We're still at a place where I don't fully trust AI-only code to be as solid as code that is at least thoroughly reviewed by a knowledgeable human.
(Yes, I put "AI-only" and "knowledgeable" in there as weasel words. But I think that with them, it is not currently a very controversial case.)
simianwords 22 hours ago [-]
What’s the lie? It’s just asking to not reveal internal names
BoredPositron 21 hours ago [-]
You are spamming the whole fucking thread with the same nonsense. It is instructed to hide that the PR was made via Claude Code. I don't know why people who are so AI forward like yourself have such a problem with telling people that they use AI for coding/writing, it's a weirdly insecure look.
simianwords 21 hours ago [-]
I can do that right now with Claude Code without this undercover mode.. In fact I do it many times at work. What's the big deal in this?
Do you not think it is an overreaction to panic like this if I can do exactly what the undercover mode does by simply asking Claude?
BoredPositron 21 hours ago [-]
It's different if it's an institutional decision or a personal like in your case. Which is and I am repeating myself here borderline insecure.
simianwords 21 hours ago [-]
what's insecure about it? if it is up to the institution to make that decision - you can still do it. Claude is not stopping you from making that decision
BoredPositron 21 hours ago [-]
You have to work on your reading comprehension or you are intentional deceptive. Bye.
simianwords 19 hours ago [-]
?? why doesn't your panic apply to other agents like Codex that don't advertise that the commit was made by an AI by default? strange!
BoredPositron 18 hours ago [-]
Because this thread is about claude. Are you that challenged?
eranation 12 hours ago [-]
Probably an unpopular opinion but Anthropic are too popular for their own good.
1. They are loved, and for good reasons, Sonnet 4 was groundbreaking but Opus 4.6 was for many a turning point in realizing Agentic SDLC real potential. People moved from Cursor to Claude Code in droves, they loved the CLI approach (me too), and the LOVED the subsidized $200 max pro plan (what's not to love, pay $200 instead of $5000 to Cursor...) They are the underdog, the true alternative to "evil" OpenAI or "don't be evil" Google, really standing up against mass surveillance or use of AI for autonomous killing machines. They are standing for the little guy, they are the "what OpenAI should have been" (plus they have better models...) They are the Apple of the AI era.
2. They are too loved, so loved that it protects them from legitimate criticism. They make GitHub's status page look good, and they make comcast customer service look like Amazon's. (At least Comcast has customer service), They are "If Dario shoots a customer in the middle of 5th avenue it won't hurt their sales one bit" level of liked. The fact they have the best models (for now) might be their achilles heel, because it hides other issues that might be in the blindspot. And as soon as a better model comes out from a competitor (and it could happen... if you recall OpenAI were the undisputed kinds with GPT 4o for a bit) these will become much more obvious.
3. This can hurt them in the long run. Eventually you can't sustain a business where you have not even 2 9s of SLA, can't handle customer support or sales (either with humans or worse for them - if they can't handle this with AI how do they expect to sell their own dream where AI does everything?). I'm sure they'll figure it out, they have huge growth and these are growth pains, but at some point, if they don't catch up with demand, the demand won't stay there forever the moment OpenAI/Google/someone else release a better model.
4. They inadvertently made all of the cybersecurity sector a potential enemy. Yes, all of them use Anthropic models, and probably many of them use Claude Code, but they know they might be paying the bills of their biggest competitor. Their shares drop whenever Anthropic even hints of a new model. Investors cut their valuations because they worry Anthropic will eat them for breakfast. I don't know about you, but if you ask me, having the people who live and breath security indirectly threatened by you, is not the best thing in the world, especially when your source code is out in the open for them to poke holes in...
5. the SaaS pocalypse - many of Claude Code's customers are... SaaS companies, that the same AI is "going to kill", again, if there was another provider that showed a bit more care about the entire businesses it's going to devour, if they also had even marginally better models... would the brand loyalty stay?
Side note: I'm an Claude Enterprise customer, I can't get a human to respond to anything, even using the special "enterprise support" methods, and I'm not the only one, I know people who can't get a sales person, not to mention support, to buy 150 + seats (Anthropic's answer was - release self serve enterprise onboarding, which by the way is "pay us $20 which does not include usage, usage is at market prices, same as getting an API key", you pay for convenience and governance, p.s. you can't cancel enterprise, it's 20 seats min, for 1 year, in advance, so make sure you really need it, the team plan is great for most cases but it lacks the $200 plan, only the $100 5x plan).
ATXO_Selam 2 hours ago [-]
[dead]
ATXO_Selam 2 hours ago [-]
[dead]
jamiemallers 9 hours ago [-]
[dead]
jeremie_strand 13 hours ago [-]
[dead]
Sim-In-Silico 13 hours ago [-]
[dead]
edinetdb 10 hours ago [-]
[dead]
driftcode 7 hours ago [-]
[dead]
algolint 14 hours ago [-]
[flagged]
navilai 13 hours ago [-]
[dead]
barazany 18 hours ago [-]
[dead]
ATXO_Selam 2 hours ago [-]
[dead]
ATXO_Selam 2 hours ago [-]
[dead]
surajpatelcs 6 hours ago [-]
[dead]
aplomb1026 19 hours ago [-]
[dead]
theblacksun 8 hours ago [-]
[dead]
algolint 14 hours ago [-]
[flagged]
noritaka88 18 hours ago [-]
[dead]
calebjang 19 hours ago [-]
[dead]
Jaco07 21 hours ago [-]
[dead]
pmakhija3 8 hours ago [-]
[dead]
skrun_dev 21 hours ago [-]
[dead]
alcor-z 15 hours ago [-]
[dead]
alcor-z 15 hours ago [-]
[dead]
aiedwardyi 7 hours ago [-]
[dead]
68768-8790 19 hours ago [-]
[dead]
wrkxapp 16 hours ago [-]
why claude bring back 4o u dumb fks
thomasgeelens 20 hours ago [-]
Can somebody tell me what this means for the company?
saadn92 22 hours ago [-]
The feature flag names alone are more revealing than the code. KAIROS, the anti-distillation flags, model codenames those are product strategy decisions that competitors can now plan around. You can refactor code in a week. You can't un-leak a roadmap.
[0]: https://github.com/chatgptprojects/claude-code/blob/642c7f94...
[0] https://ai-act-service-desk.ec.europa.eu/en/ai-act/article-5...
> which is published with the purpose of informing the public on matters of public interest
From your link, that's the only case where text needs to be attributed to AI.
> Providers shall ensure that AI systems intended to interact directly with natural persons are designed and developed in such a way that the natural persons concerned are informed that they are interacting with an AI system
That should be obvious considering an MR is not providing AI services.
See: https://library.osu.edu/site/copyright/2026/02/06/artificial...
Recent relevant discussion about this in the chardet repo between the chardet maintainer who relicensed the chardet code and Richard Fontana, a well regarded lawyer US IP lawyer who's worked for Red Hat (now IBM) for decades:
https://github.com/chardet/chardet/issues/334#issuecomment-4...
My take away from the conversation there is that being in an edit loop, where the files are AI generated through your control rather than directly editing the files yourself, means the files are then "AI authored" for copyright protection purposes rather than yourself.
But I double stress, I'm not a lawyer so may have misunderstood things radically.
https://code.claude.com/docs/en/settings#attribution-setting...
I'm doing it because I know how much I appreciate well-written documentation. Also this is a bit niche, but if you're using Rust and add examples to doc-comments, they get run as tests too.
Also given we both managed to produce more than one sentence, and include capital letters in our comments, it's entirely possible both of us will be accused of being an AI. Because, you know... People don't write like this, right?
Could anyone explain the esoteric meaning of why people started doing that shit? I got a hypothesis, what's going on is something like this:
1. Prove you are human: write Like A Fucking Adult You Weirdo (internal designator for a specific language register, you know the one)
2. Prove you are human: _DON'T_ write Like A Fucking Adult You Weirdo (because that's how LLMs were trained to write, silly!)
3. ???? (cognitive dissonance ensues)
4. PROFIT (you were just subject to some more attrition while the AI just learned how to pass a lil bit better)
I never thought computer programmers of all people would get trapped in such a simple loop of self-contradiction.
But I guess the human materiel really has degraded since whenever. I blame remote work preventing us from even hypothetically punching bosses, but anyway weird fucking times eh?
Maybe the posts trying to figure "this post is AI, that post is not AI" are themselves predominantly AI-generated?
Or is it just people made uncomfortable by what's going on, but not able to articulate further, jumping on the first bandwagon they see?
Or maybe this "AI-doubting of probably human posters" was started by humans, yes - then became "a thing", and as such was picked up by the LLM?
Like who the fuck knows, but with all honesty that's how I felt about so many things, dating from way before LLMs became so powerful that the above became a "sensible" question to ask...
Predominantly those things which people do by sheer mimesis - such as pop culture.
"Are you a goddam robot already - don't you see how your liking the stupid-making song is turning you into stupid-you, at a greater rate than it is bringing non-stupid-you aesthetic satisfaction?" type of thing -- but then I assume in more civilized places than where I come from people are much more convincingly taught that personal taste "doesn't matter" (and simultaneously is the only thing that matters; see points 1-4... I guess that's what makes some people believe curating AI, i.e. "prompt engineering" can be a real job and not just boil down to you being the stochastic parrot's accountability sink?)
I'm not even sure English even has the notions to point out the concrete issue - I sure don't know 'em.
Ever hear of the strain of thought that says "all metaphysical questions are linguistic paradoxes (and it's self-evidently pointless to seek answers to nonsensical questions)"?
Feels kinda like the same thing, but artificially constructed within the headspace of American anti-intellectuallism.
Maybe a correct adversarial reading of the main branding acronym would be Anti-Intelligence.
You know, like bug spray, or stain remover.
But for the main bug in the system; the main stain on the white shirt: the uncomfortable observation that, in the end, some degree of independent thinking is always required to get real things done which produce some real value. (That's antithetical to standard pro-social aversive conditioning, which says: do not, under any circumstance, just put 2 and 2 together; lest you turn from "a vehicle for the progress of civilization" back into a pumpkin)
"includeCoAuthoredBy": false,
in your settings.json.
A quick PR where I've found the bug myself in the code, and ask Claude to write the fix because it's faster, and verified it - I don't include Claude's co-authorship.
Unless you literally vibe coded it, Claude is just a tool. This is the equivalent of Apple appending "Sent from my iPhone" as a signature to outgoing emails. It's advertising tool use, not providing attribution. The intent isn't to disclose that AI was used in creating the code, the intent is to advertise the AI product.
* The authors made the code very broad to improve its ability to achieve the stated goal
* The authors have an unstated goal
I think it's healthy to be skeptical but what I'm seeing is that the skeptics are pushing the boundaries of what's actually in the source. For example, you say "says on the tin" that it "pretends to be human" but it simply does not say that on the tin. It does say "Write commit messages as a human developer would" which is not the same thing as "Try to trick people into believing you're human." To convince people of your skepticism, it's best to stick to the facts.
~/.claude/settings.json
The rest of the prompt is pretty clear that it's talking about internal use.Claude Code users aren't the ones worried about leaking "internal model codenames" nor "unreleased model opus-4-8" nor Slack channel names. Though, nobody would want that crap in their generated docs/code anyways.
Seems like a nothingburger, and everyone seems to be fantasizing about "undercover mode" rather than engaging with the details.
For a company calling chinese companies out for distillation attacks on their models, this very much looks like a distillation attack against human maintainers, especially when combined with the frustration detector.
Needing to flag nontrivial code as generated was standard practice for my whole career.
If this is not the case you should not be sending it to public repos for review at all. It is rude and insulting to expect the people maintaining these repos to review code that nobody bothered to read.
The difference here is that the generator is a non-deterministic LLM and you can't reason about its output the same way.
As for LLM code assistants, I don't really view them as traditional code generation tools in the first place, as in practice they more resemble something in between autocomplete and delegating to a junior programmer.
As for attribution, I view it more or less the same way as "dictated but not read" in written correspondance, i.e., an disclaimer for errors in the code, which may be considered rude in some contexts, and a perfectly acceptable and useful annotation in others.
No. I don't want to test and pick through your shitty LLM generated code. If I wanted the entire code base to be junk, it'd say so in the readme.
How about compiler?
This is not at all the case with LLM-generated code - mostly because you can't regenerate it even if you wanted to, as it's not deterministic.
That said, I do agree that LLM code is different enough from human code (even just in regards to potential copyright worries) that it should be mentioned that LLMs were used to create it.
Replace gRPC compiler with LLM. Can you reproduce? (probably not 100%). Can anybody fix it short of throwing more english phrases like "DO NOT", "NEVER", "Under No Circumstances"?
Probably not.
I thought the argument was that AI-users were reviewing and understanding all of the code?
How? LSTM?
The following comment in the blog post
generates a .._string.go file which contains a '.String()' method.I would find it very reasonable to commit that with 'Co-Authored-By: stringer v0.1.0' or such.
Or 'sed s/a/b/g' and 'Co-Authored-By: sed'
Arguably snippet collections belong to this genre.
AI and humans are not the same as authors of PRs. As an obvious example: one of the important functions of the PR process is to teach the writer about how to code in this project but LLMs fundamentally don't learn the same way as humans so there's a meaningful difference in context between humans and AIs.
If a human takes the care to really understand and assume authorship of the PR then it's not really an issue (and if they do, they could easily modify the Claude messages to remove "generated by Claude" notes manually) but instead it seems that Claude is just hiding relevant context from the reviewer. PRs without relevant context are always frustrating.
I use good ol' C-x M-c M-butterfly.
https://xkcd.com/378/
I don’t think that’s necessarily the case. Exposure and discovery aren’t that tightly correlated. Maybe there’s a small effect, but I think it is outweighed by the fact that blast radius and spread is reduced while buying time for discovery.
At least at my workplace though, it's just assumed now that you are using the tools.
In commercial settings you are often required to label your produce and inform about things like 'Made in China' or possible adverse effects of consumption.
I mean, of course I would read most of the code during review, but as a human, I often skip things by mistake
hmm gotta try that
But at this point i am more curious if git will continue to be the best tool.
But for me at least, a tool like Git seems pretty essential for inspecting changes and deciding which to keep, which to reroll, and which to rewrite. (I'm not particularly attached to Git but an interface like Magit and a nice CLI for inspecting and manipulating history seem important to me.)
What are you imagining VCS software doing differently that might play nicer with LLM agents?
Check out Mitchell Hashimoto’s podcast episode on the pragmatic engineer. He starts talking about AI at 1:16:41. At some point after that he discusses git specifically, and how in some cases it becomes impossible to push because the local branch is always out of date.
Almost like writing “Code was created with the help of IntelliSense”.
It'll also become more important to know what code was actually written by humans.
I don't understand why people consider Claude-generated code to be their own. You authored the prompts, not the code. Somehow this was never a problem with pre-LLM codegen tools, like macro expanders, IPC glue, or type bundle generators. I don't recall anybody desperately removing the "auto-generated do not edit" comments those tools would nearly always slap at the top of each file or taking offense when someone called that code auto-generated. Back in the day we even used to publish the "real" human-written source for those, along with build scripts!
Ideally, if I contribute to any codebase, what needs to be judged is the resulting code. Is it up to the project's standards ? Does the maintainer have design objections ?
What tool you use shouldn't matter, be it your IDE or your LLM.
But that also means you should be accountable for it, you shouldn't defend behind "But Claude did this poorly, not me !", I don't care (in a friendly way), just fix the code if you want to contribute.
The big caveat to this is not wanting AI-Generated code for ideological reasons, and well, if you want that you can make your contributors swear they wrote it by themselves in the PR text or whatever.
I'm not really sure how to feel about this, but I stand by my "the code is what matters" line.
Since AI tools are constantly obsoleted, generate different output each run, and it is often impossible to run them locally, the input prompts are somewhat useless for everyone but the initial user.
I don't meant this as a drive by bazinga either, the practice of copying code or thinking you understand it when you don't is nothing new
I regularly have tool-generated commits. I send them out with a reference to the tool, what the process is, how much it's been reviewed and what the expectation is of the reviewer.
Otherwise, they all assume "human authored" and "human sponsored". Reviewers will then send comments (instead of proposing the fix themselves). When you're wrangling several hundred changes, that becomes unworkable.
Absolutely. That would be hilarious.
If your linter is able to action requests, then it probably makes sense to add too.
This is also useful for keeping your prompts commit-sized, which in my experience gives much better results than just letting it spin or attempting to one-shot large features.
[0]: https://www.jvt.me/posts/2026/02/25/llm-attribute/
Ah, so you kinda maybe sorta absolve yourself of culpability (but not really — "I didn't know this was copyrighted material" didn't grant you copyright), and simultaneously make fixing the potentially compromised codebase (someone else's job, hopefully) 100x harder because the history of which bits might've been copied was never kept.
Solid advice! As ethical as it is practical.
By the same measure, junkyards should avoid keeping receipts on the off chance that the catalytic converters some randos bring in after midnight are stolen property.
Better not document it.
One little trick the legal folks don't want you to know!
Kinda, yeah. If I automatically apply lint suggestions, I would title my commit "apply lint suggestions".
The point isn't to hijack accountability. It's free publicity, like how Apple adds "Sent from my IPhone."
co-authoring doesn't hide your authorship
if I see someone committing a blatantly wrong code, I would wonder what tool they actually used
In some jurisdictions (e.g. the UK) the law is already clear that you own the copyright. In the US it is almost certain that you will be the author. The reports of cases saying otherwise I have been misreported - the courts found the AI could not own the copyright.
> The question is whether anyone has or if whatever content generated by a LLM simply does not constitute a work and is thus outside the entire copyright law.
Its is going to vary with copyright law. In the UK the question of computer generated works is addressed by copyright law and the answer is "the author shall be taken to be the person by whom the arrangements necessary for the creation of the work are undertaken"
Its also not a simple case of LLM generated vs human authored. How much work did the human do? What creative input was there? How detailed were the prompts?
In jurisdictions where there are doubts about the question, I think code is a tricky one. If the argument that prompts are just instructions to generate code, therefore the code is not covered by copyright, then you could also argue that code is instructions to a compiler to generate code and the resulting binary is not covered by copyright.
It looks like it will be decided on a case by case basis.
It will also differ between countries, so if you are distributing software internationally what will be a constraint on treating the code as not copyrightable.
[1] https://en.wikipedia.org/wiki/Monkey_selfie_copyright_disput...
Thaler v. Perlmutter: The D.C. Circuit Court affirmed in March 2025 that the Copyright Act requires works to be authored "in the first instance by a human being," a ruling the Supreme Court left intact by declining to hear the case in 2026.
And in the US constitution,
https://constitution.congress.gov/browse/article-1/section-8...
Authors and inventors, courts have ruled, means people. Only people. A monkey taking a selfie with your camera doesn't mean you own a copyright. An AI generating code with your computer is likewise, devoid of any copyright protection.
The ruling says that the LLM cannot be the author. It does not say that the human being using the LLM cannot be the author. The ruling was very clear that it did not address whether a human being was the copyright holder because Thaler waived that argument.
the position with a monkey using your camera is similar, and you may or may not hold the copyright depending on what you did - was it pure accident or did you set things up. Opinions on the well known case are mixed: https://en.wikipedia.org/wiki/Monkey_selfie_copyright_disput...
Where wildlife photographers deliberately set up a shot to be triggered automatically (e.g. by a bird flying through the focus) they do hold the copyright.
https://www.copyright.gov/ai/
AI generated code has no copyright. And if it DID somehow have copyright, it wouldn't be yours. It would belong to the code it was "trained" on. The code it algorithmically copied. You're trying to have your cake, and eat it too. You could maybe claim your prompts are copyrighted, but that's not what leaked. The AI generated code leaked.
> the Copyright Office concludes that existing legal doctrines are adequate and appropriate to resolve questions of copyrightability. Copyright law has long adapted to new technology and can enable case-by- case determinations as to whether AI-generated outputs reflect sufficient human contribution to warrant copyright protection. As described above, in many circumstances these outputs will be copyrightable in whole or in part—where AI is used as a tool, and where a human has been able to determine the expressive elements they contain. Prompts alone, however, at this stage are unlikely to satisfy those requirements.
So the TL;DR basically implies pure slop within the current guidelines outlined in conclusions is NOT copyrightable. However collaboration with an AI copyrightability is determined on a case by case basis. I will preface this all with the standard IANAL, I could be wrong etc, but with the concluding language using "unlikely" copyrightable for slop it sounds less cut and dry than you imply.
You have no idea how bad this leak is for Anthropic because with the copyright office, you have a DUTY TO DISCLOSE any AI generated work, and it is fully RETROACTIVE. And what is part of this leak? undercover.ts. https://archive.is/S1bKY Where Claude is specifically instructed to HIDE DISCLOSURE of AI generated work.
That's grounds for the copyright office and courts to reject ANY copyright they MIGHT have had a right to. It is one of the WORST things they could have done with regard to copyright.
https://www.finnegan.com/en/insights/articles/when-registeri...
I'm interpreting your most recent reply to me as an implication that I'm taking the conclusions you yourself linked out of context. I'm trying to give the benefit of the doubt here, but the 3 linked PDF documents aren't "a mountain of evidence" supporting your argument. Maybe I missed something in one of those documents (very possible), but the conclusions are not how you imply.
Whether or not a specific git commit message correctly sites Claude usage or not may further muddy the waters more than IP lawyers are comfortable with at this time (and therefore add inherent risk to current and future copyright claims of said works), but those waters were far from crystal clear in the first place.
Again, IANAL, but from my limited layman perspective it does not appear the copyright office plans to, at this moment in time, concisely reject AI collaborated works from copyright.
Your most recent link (Finnegan) is from an IP lawyer consortium that says it's better to include attribution and disclosure of AI to avoid current and future claim rejections. Sounds like basic cover-your-ass lawyer speak, but I could be wrong.
Full disclosure: I primarily use AI (or rather agentic teams) as N sets of new eyeballs on the current problem at hand, to help debug or bounce ideas off of, so I don't really have much skin in this particular game involving direct code contributions spit out by LLMs. Those that have any risk aversion, should probably proceed with caution. I just find the upending of copyright (and many other) norms by GenAI morbidly fascinating.
I was not aware of that. WHo has that duty and when do they have it?
The copyright office still holds that human authorship is a core tenet of copyrightability, however, whether or not a submission meets the "de minimis" amount of AI-generated material to uphold a copyright claim is still being decided and refined by the courts and at the moment the distinction appears to fall on whether the AI was used "as a tool" or as "an author itself", with the former covered in certain cases and the latter not.
The registration process makes it clear that failure to disclose submissions in large contribution authored by contractor or ai can result in a rejection of copyright claim now or retroactive on discovery.
https://news.ycombinator.com/item?id=47594044
That comment is spot on. Claude adding a co-author to a commit is documentation to put a clear line between code you wrote and code claude generated which does not qualify for copyright protection.
The damning thing about this leak is the inclusion of undercover.ts. That means Anthropic has now been caught red handed distributing a tool designed to circumvent copyright law.
It becomes legally challenging with regards to ownership if I ever use work equipment for a personal project. If it later takes off they could very well try to claim ownership in its entirety simply because I ran a test once (yes, there's a while silicon valley season for it).
I don't know if they'd win, but Anthropic absolutely would be able to claim the creation of that code was done on their hardware. Obviously we aren't employees of theirs, though we are customers that very likely never read what we agreed to in a signup flow.
Anthropic's user agreement does not have a similar agreement.
I don't know of ant precedent where the code was literally generated on someone else's system. Its an open question whether that implies any legal right to the work and I could pretty easily see a court accepting the case.
The pet you get is generated based off your account UUID, but the algorithm is right there in the source, and it's deterministic, so you can check ahead of time. Threw together a little app to help, not to brag but I got a legendary ghost https://claudebuddychecker.netlify.app/
(I didn't think to include a UUID checker though - nice touch)
Interesting!
Plot twist: Chinese competitors end up developing real, useful versions of Claude's fake tools.
Again, I don’t care about them.
every delay to AGI results in deaths that AGI could have prevented. we are talking millions of deaths for, say, just a year's delay.
Not saying we shouldn't be careful with AGI. But the glib tone of "who cares if these companies die?" is where one needs to consider the consequences of AGI not happening or being delayed.
Pitch me on this utopian outlook, because nothing about any of the Frontier companies points away from dystopia to me
- you are assuming that AGI is just around the corner and that scaling up language models is the path to get there
- you can make this argument about basically anything (nuclear power, tuberculosis medication, free healthcare). I’d say the burden of proof is on you to back up your extraordinary claim with extraordinary evidence.
Uhm, that's not what Hollywood told me. I trust the screenwriters of "Terminator" more than I trust your anonymous forum comment.
Sure, that's what AGI would be used for /s
In other news, we are not even close to AGI and even with the current experimental technology, frontier AI model companies are already fighting to help departments of war, which actually results in the most deaths. What makes you think AGI would be used for not leading to the same millions of deaths?
Everyone else is just gaming engagement metrics and benchmarks.
(I know you know this, since you submitted it! but others might want to know)
thank you so much for having built and shared this
It did not have a copy of the leaked code...
Anthropic thinking 1) they can unring this bell, and 2) removing forks from people who have contributed (well, what little you can contribute to their repo), is ridiculous.
---
DMCA: https://github.com/github/dmca/blob/master/2026/03/2026-03-3...
GitHub's note at the top says: "Note: Because the reported network that contained the allegedly infringing content was larger than one hundred (100) repositories, and the submitter alleged that all or most of the forks were infringing to the same extent as the parent repository, GitHub processed the takedown notice against the entire network of 8.1K repositories, inclusive of the parent repository."
They constantly love to talk about Claude Code being "100%" being vibe coded...and the US legal system is leaning towards that not being copyrightable.
It could still be a trade secret, but that doesn't fall under a DMCA take down.
The whole thing is a legal mess. How do you know the LLM did not reproduce existing code? There is an ongoing legal battle in German between GEMA and OpenAI because ChatGPT reproduced parts of existing song lyrics. A court in Munich has found that this violates German copyright law.
A copyright over code means that ONLY you can use that code, and nobody else; otherwise, you can sue them. For example, if you are an arist, you want to protect your IP this way.
Yes, AI generated code is not copyrightable but so is most code in general. It is very hard to truly get a copyright for a piece of code. But just because you don't have copyright to something doesn't mean it's not your property.
For example, you can buy several movies on DVD and those DVDs will still be your property even though you don't have copyright and if someone does steal those DVDs, it will be considered theft of your property. Similarly, just because the code is AI-generated/not copyrightable, doesn't mean others can just steal it.
Think about it - so many codebases are not legally protected as copyrighted material but are absolutely protected by IP laws and enforced by the companies that own them.
> but so is most code in general.
That's definitely not true. All the code I write has my copyright, unless I waive that right to some other entity. If there was no copyright, there would no licensing. How else could you license your code, if you were not the copyright holder?
Have you never seen "Copyright (c) <Authors> 2025" in source code files?
The very fact that your code has your copyright is also the reason for things like CLAs.
> For example, you can buy several movies on DVD and those DVDs will still be your property even though you don't have copyright
That's because artistic works are distributed under a license. Just like software. Licenses have terms under which circumstances a work can be used, modified and (re)distributed. In the case of DVDs, you are generally not allowed to make your own copies and then sell them. In the case of software, that's why you have the various software licenses (proprietory or open-source).
> Similarly, just because the code is AI-generated/not copyrightable, doesn't mean others can just steal it.
You can't set licensing terms for something that is not copyrightable.
Huh? Normal property law is plainly not applicable to a non-rival good like information (unlike for instance a physical DVD: if someone takes a DVD from me, I don’t have it anymore). “Intellectual property” is, but it is not so much a legal regime as confusing shorthand for a number of distinct ones:
- Trademark law, which applies to markings on copies rather than copies themselves;
- Trade secret law, which stops applying when the information escapes into the wild through the secret-holder’s own actions;
- Patent law, which definitionally only applies to public knowledge as an incentive to not keep it secret instead;
- Publicity rights, which only apply to depictions or discussions of natural persons;
- Moral rights, which are mostly about being recognized as the author and even in their strongest incarnations do not restrict unmodified copies;
- Database right, which isn’t applicable as we’re not talking about a compendium of things, and anyway does not exist in the US and most other places outside the EU;
- Copyright, which you’ve conceded is not applicable here.
There’s no “intellectual property” distinct from these things, and none of them are relevant.
If your code was generated by you and you store it in your system and have property rights over it, you can enforce legal actions even without holding a copyright over the code.
In general, it is kind of weird to want to copyright code. How do you patent a for-loop for example
If you author something, you have the sole copyright. In fact, in Germany you can't even waive your copyright away. However, you can grant licenses for the use of your work.
The difference between copyright and licenses is crucial! By licensing your work, you do not waive your copyright. You still remain the owner. If you publish your code under the GPL and you are the sole author, you can always relicense your code or issue commercial licenses under different terms.
> In general, it is kind of weird to want to copyright code. How do you patent a for-loop for example
There is a fundamental difference between copyright and patents! Patents require a novel technical contribution and they must be granted by a patent office.
https://patents.google.com/patent/US9583163B2/en
> How do you patent a for-loop for example
Anthropic really needs to embrace it
It also somehow messed up my alacritty config when I first used it. Who knows what other ~/.config files it modifies without warning.
I mostly mentioned it because it is pre-installed on some (linux) systems. Though of course if you're trying to obfuscate the sourcecode you need to bundle an interpreter with the code anyway.
But it has historically been used for big programs, and there are well established methods for bundling python programs into executables.
False.
Technically, neither does JavaScript.
Me. My .config is git-versioned :)
Or am I missing sarcasm?
Also, honestly, given the speed constraints of large models, it makes almost no difference what language an agent is written in. The small performance differences between programming languages do not even begin to matter compared with network latency, let alone the speed at which a large model streams tokens.
Also you needed a leak to know that CC, that is out for 1 year, is in TS?
I don't know why they acquired Bun. Surely not because there's no other means to write command line programs.
> Also you needed a leak to know that CC, that is out for 1 year, is in TS?
What, are you shaming people for not being aware what (obfuscated) code some 1 year old software is written in?
No shit they have secrets. I have secrets too. That doesn't make it ok for me to deceive you in any way.
How would you feel if I deceived you and my excuse was "oh I was just trying some new secret technique of mine"?
How did we get to this point where we let enormously powerful companies get away with more than individuals?
"Write commit messages as a human developer would — describe only what the code change does."
Writing and reading paragraphs of design discussion in a commit message is not something that seems common.
And of course tickets can be private, so even if the data survived migration, you may not have access to it (principle of least privilege and all that).
What you're describing here is a design. The most important parts of a design are the decisions and their reasoning.
e.g. "we decided on tool/library pattern X over tool/library/pattern Y because Z" – that is a design, usually discussed outside (and before) a commit message.
You discuss these decisions with others, document the discussion and decision, and then you have a design and can start writing code.
Let me ask you this: suppose you have a task that needs to be done eventually, and you want to write down some ideas for it, but don't want to start coding right now. Where do you put those ideas? How do you link them to that specific task?
Random example:
Provide a new syscall which has the only purpose to yield the CPU after the kernel granted a time slice extension.
sched_yield() is not suitable for that because it unconditionally schedules, but the end of the time slice extension is not required to schedule when the task was already preempted. This also allows to have a strict check for termination to catch user space invoking random syscalls including sched_yield() from a time slice extension region.
From 99d2592023e5d0a31f5f5a83c694df48239a1e6c
In your example, for example, where was the issue tracked before the code was written? The format you linked makes it difficult to get the history of the issue.
Let me ask you this: suppose you have a task that needs to be done eventually, and you want to write down some ideas for it, but don't want to start coding right now. Where do you put those ideas? How do you link them to that specific task?
Email is the review process, and commits contain enough information that git blame can get you a reasoning - it doesn't require you checking the email archive. Rather than a dead ticket that no longer exists.
I can also supply you a list of companies that make use of git's builtin features if you like. But thats probably not relevant to discussing management techniques.
https://cgit.freebsd.org/src/commit/?id=407b1e4980189252fade...
You can find more example there
https://cgit.freebsd.org/src/log/?showmsg=1
VS Code has a setting that promises to change the prompt it uses to generate commit messages, but it mostly ignores my instructions, even very literal ones like “don’t use the words ‘enhance’ or ‘improve’”. And oddly having it set can sometimes result in Cyrillic characters showing up at the end of the message.
Ultimately I stopped using it, because editing the messages cost me more time than it saved.
/rant
[edit] Never mind, find in page fail on my end.
> Commit f9205ab3 by dkenyser on 2026-3-31 at 16:05:
> Fixed the foobar bug by adding a baz flag - dkenyser
Because it already identified you in the commit description. The reason to add a signature to the message is that someone (or something) that isn't you is using your account, which seems like a bad idea.
- "Fix bug found while testing with Claude Capybara"
- "1-shotted by claude-opus-4-6"
- "Generated with Claude Code"
- "Co-Authored-By: Claude Opus 4.6 <…>"
This makes sense to me about their intent by "UNDERCOVER"
https://code.claude.com/docs/en/settings#attribution-setting...
On that note, this article is also pretty obviously AI-generated and it's unfortunate the author didn't clean it up.
Edit: Everyone is responding "comments are good" and I can't tell if any of you actually read TFA or not
> “BQ 2026-03-10: 1,279 sessions had 50+ consecutive failures (up to 3,272) in a single session, wasting ~250K API calls/day globally.”
This is just revealing operational details the agent doesn't need to know to set `MAX_CONSECUTIVE_AUTOCOMPACT_FAILURES = 3`
Why? Agents may or may not read docs. It may or may not use skills or tools. It will always read comments "in the line of sight" of the task.
You get free long term agent memory with zero infrastructure.
Only being half ironic with this. I generally find that people somehow magically manage to understand how to be materially helpful when the subject is a helpless LLM. Instead of pointing it to a random KB page, they give it context. They then shorten that context. They then interleave context as comments. They provide relevant details. They go out of their way to collect relevant details. Things they somehow don't do for their actual colleagues.
This only gets worse when the LLM captures all that information better than certain human colleagues somehow, rewarding the additional effort.
suddenly everyone cares about data hygiene. But it’s not like this shouldn’t have always been a priority
There's a good reason why we didn't though: because we didn't see any obvious value in it. So it felt like a waste of time. Now it feels like time well spent.
"Self-descriptive code doesn't need comments!" always gets an eye-roll from me
Or how would you name methods and variables to explain why some payment reconciliation process skips matching for transactions under 0.50 EUR and just auto-approves them, because the external payment processor rounds differently than the internal ledger at sub-euro amounts, creating mismatches that were flooding the finance team's exception queue in 2013, explained more under Jira issue ZXSV-12456 and more details are known by j.doe@myorg.com. The threshold was chosen after analyzing six months of false positives, when it's any higher someone being undercharged doesn't get caught. I don't think autoApproveThreshold = 0.50 or anything like that would get the full context across, even if the rules themselves are all code.
I think surely you can have both! Code should explain itself as often as possible, but when you hit a wall due to some counter-intuitive workarounds being needed, or some business rules or external considerations that you need to keep track of, then comments also make sense. Better than just putting everything in a Jira issue somewhere, given that it often won't be read by you or others and almost certainly will not be read by any AI agents (unless you have an MCP or something, but probably uncommon), or spending hours trying to get the code to explain something it will never explain well. I've had people ask me about things that are covered in the README.md instead of reading it.
Then the question becomes how often we look in the version control history for the files that we want to touch.
Which of these is more likely:
A) someone digging into the full history of autoApproveThreshold and finding out that they need to contact j.doe@myorg.com or reference ZXSV-12456
B) or them just messing the implementation with changes due to not reviewing the history of every file they touch
If someone is doing a refactor of 20 files, they probably won't review the histories of all of those, especially if the implementation is spread around a bunch of years, doubly so if there are a bunch of "fixes" commit messages in the middle, merge commits and so on. I've seen people missing out on details that are in the commit log many, many times, to the point where I pretty much always reach for comments. Same goes for various AI tools and agents.
Furthermore, if you want to publish a bit of code somewhere (e.g. Teams/Slack channel, or a blog), you'd need to go out of your way to pull in the relevant history as well and then awkwardly copy it in as well, since you won't always be giving other people a Git repo to play around with.
It's not that I don't see your point, it's just that from where I stand with those assumptions a lot of people are using version control as a tool wrong and this approach neither works now, nor will work well for them in the future.
It's more or less the same issue as with docs in some Wiki site or even a separate Markdown file (which is better than nothing, definitely closer than a Wiki, especially if the audience is someone who wants an overview of a particular part of the codebase, or some instructions for processes that don't just concern a few files; but it's still far removed from where any actual code changes would be made, also a downside of ADRs sometimes).
Gonna try and use that throughout my life. Thanks!
This is a good goal. You should strive to make the code explain itself. To write code that does not need comments.
You will fail to reach that goal most of the time.
And when you fail to reach that goal, write the dang comments explaining why the code is the way that it is.
Alternately, you can say the same about informative variable names or informative function names. "If I change the function then the name is no longer accurate". You don't say that because function names and variable names are short and clear and are close to the problem at hand. Do the same with comments.
Which is why the copilot hyper-verbosity is harmful. Comments need to be terse so your eyes don't filter them out as noise.
I'm gonna note down my reasons for doing things and other information I deem useful, and if some other dipshit 5 years from now when I've moved on comes along and starts changing everything up without keeping the comments up to date that's their problem not mine. There was never anything wrong with my comments, the only thing that's wrong is the dipshit messing things up.
Doesn't matter what I do, the dipshit is going to mess everything up anyway. Those outdated comments will be the least of their worries.
The “dipshit” doesn’t mess everything up for fun. They don’t understand the comments written by the previous “dipshit” and thus are unable to update the comments.
Here's what I think. I think you guys heard the "self-documenting code" BS and ate it up, and now you're grasping at straws to defend your cargo cult position, inventing these "problems" to justify it.
If you're looking at some code and there's a comment saying something that doesn't make sense to you, maybe that's a clue that you're missing a puzzle piece and should take a step back maybe talk to some people to make sure you're not messing things up? Maybe, for a non-dipshit, that comment they don't understand could actually be helpful if they put some effort into it?
Also just to be clear I don't think this is a likely occurrence unless someone doesn't know squat about the codebase at all - my comments generally assume very little knowledge. That's their whole purpose - to inform someone (possibly me) coming there without the necessary background knowledge.
It just isn't feasible to include the why of everything in the code itself. And it sure as hell is better to include some info as comments than none at all. Otherwise a bug will often be indistinguishable from a feature.
And I don't think dipshits mess things up for fun. I think they just suck. They're lazy and stupid, as most developers are. If I'm there I can use reviews etc to help them suck less, if I'm not they're free to wreck my codebase with reckless abandon and nothing I do will make any difference. I cannot safeguard my codebase against that so there's no point in trying and the fact that this is your argument should make you stop and reconsider your position because it's far fetched as fuck.
IME unfortunately that's not actually the case. It very much is your problem, as the architect of the original system, unless you can get yourself transferred to a department far, far away. I've never managed that except by leaving the company.
To be clear, I don't believe it should be this way, but sadly unless you work in an uncommonly well run company it usually is.
And if anyone has a problem with comments existing it's trivial to find/replace them out of existence. Literally a one minute job, if you actually think the codebase would be better without them.
This is such a humongous non-issue it's crazy man.
Agent is not going to know to look for a file to update unless instructed. Now your file is out of sync. Code comments keeping everything line of sight makes it easy and foolproof.
You don’t have to rely on humans doing it. The agent’s entire existence is built around doing this one mundane task that is annoying but super useful.
Yes, lets blow another 5-10k a project/month on tokens to keep the comments up to date. The fact ai still cannot consistently refactor without leaving dead code around even after a self review does not give me confidence in comments…
Comments in code are often a code smell. This is an industry standard for a reason and isnt because of staleness. If u are writing a comment, it means the code is bad or there is irreducible complexity. It is about good design. Comments everywhere are almost always a flag.
Note, language conventions are not the same.
That's revealing waaaay more than the agent needs to know.
Seems to me like everyone's just grasping at straws to nitpick every insignificant little thing.
Its also annoying to have to go through this stack
code -> blame -> commit message -> jira ticket -> issue in sales force...
Or the even better "fixes bug NNNNN" where the bug tracking system referenced no longer exists.
Digging through other systems (if they exist) to find the nugget in an artifact is a problem for humans too.
Comments are ultimately so you can understand stuff without having to read all the code. LLMs are great when you force them to read all code, and comments only serve to confuse. I'd say the opposite been true in my experience, if you're not forcing LLMs to not have any comments at all (and it can actually skip those, looking at you Gemini), you're doing agent coding wrong.
I think a big question is whether one wants your agent to know the reason for all the reasons for guidelines you issue or whether you want the agent to just follow the guidelines you issue. Especially, giving an agent the argument for your orders might make the agent think that can question and so not follow those arguments.
They didn't expect to leak their source code.
It's hardly a trade secret, what value is this to a competitor?
I suspect that's the logical endpoint of trying to provide everything as context to an agent. Why use a separate markdown file and have to waste extra tokens explaining what part of the codebase something applies to when you can just put it right there in the code itself?
Unfortunately in many bundlers making a mistake like this is as easy as an agent deleting “process.env[‘ENV’] === ‘debug’” which they’ll gladly do if you point them at a production or staging environment and ask them to debug the stripped/compiled/minified code.
I think I still disagree with the parent comment premise that "they probably thought minifying was enough", since it sounds likely they were doing all of those other steps. The issue seems like insufficient auditing of the build process (especially if agents were involved, which seems likely for Anthropic) rather than not doing all of the usual JS build stuff.
I'd discovered, perhaps mid-2025, that Cursor was noticeably better at fixing bugs if I started cursing at it. Better yet, after a while it would seem to break and start cursing itself ("Oh yes, I see the f*** problem now" and so on). Hilarity ensued.
What a world, where cursing at your machines can make them get their act together.
The frustration regex is funny but honestly the right call. Running an LLM call just to detect "wtf" would be ridiculous.
KAIROS is what actually caught my attention. An always-on background agent that acts without prompting is a completely different thing from what Claude Code is today. The 15 second blocking budget tells me they actually thought through what it feels like to have something running in the background while you work, which is usually the part nobody gets right.
Hooks is an official documented feature for quite a long time now https://code.claude.com/docs/en/hooks
Tangentially, I wonder if the world trade federation or the Washington tennis foundation have any projects on GitHub :)
I love that it only supports English. AI bubble in a nutshell.
I’d argue that in this case, it isn’t. Exhibit 1 (from the earlier thread): https://github.com/anthropics/claude-code/issues/22284. The user reports that this caused their account to be banned: https://news.ycombinator.com/item?id=47588970
Maybe it would be okay as a first filtering step, before doing actual sentiment analysis on the matches. That would at least eliminate obvious false positives (but of course still do nothing about false negatives).
So much for langchain and langraph!! I mean if Anthropic themselves arent using it and using a prompt then what’s the big deal about langchain
Langgraph is for multi-agent orchestration as state graphs. This isn't useful for Claude Code as there is no multi-agent chaining. It uses a single coordinator agent that spawns subagents on demand. Basically too dynamic to constrain to state graphs.
What's the value add over doing it with just Python code? I mean you can represent any logic in terms of graphs and states..
Other than that I’m not too sure.
" ...accidentally shipping your source map to npm is the kind of mistake that sounds impossible until you remember that a significant portion of the codebase was probably written by the AI you are shipping.”
- Claude Chat: built like it's 1995, put business logic in the button click() handler. Switch to something else in in the UI and a long running process hard stops. Very Visual Basic shovelware.
- Claude Cowork: same but now we're smarter, if you change the current convo we don't stop the underlying long-running process. 21st century FTW!
- Claude Code: like chat, but in the CLI
- Claude Dispatch: an actual mobile client app, not the whole thing bundled together.
- Daemon mode: proper long-running background process, still unreleased.
In the span of basically a week, they accidentally leaked Mythos, and then now the entire codebase of CC. All while many people are complaining about their usage limits being consumed quickly.
Individually, each issue is manageable (Because its exciting looking through leaked code). But together, it starts to feel like a pattern.
At some point, I think the question becomes whether people are still comfortable trusting tools like this with their codebases, not just whether any single incident was a mistake.
The only thing I found interesting about this leak is just how much of a rats nest the code base is. Like it actually feels vibe coded without a shred of intelligent architecture behind it.
Regardless, you can't beat the subscription and model access despite the state of the code base, so I still use Claude Code daily and love it.
Two months later it was CVE after CVE.
Power(money) lies with NVDA and people who can best harness this power.
Interesting based on the other news that is out.
And actually just looking this up, it appears claude-code itself was just added to that whitelist : D
https://github.com/oven-sh/bun/commit/5c59842f78880a8b5d9c2e...
The mechanism is a build pipeline issue. Bun generates source maps by default, and someone didn't exclude the .map file from the npm publish. There's an open Bun issue (oven-sh/bun#28001) about this exact behavior. One missing line in .npmignore or the package.json files field. Same category of error as the Axios compromise earlier this week — npm packaging configuration is becoming a recurring single point of failure across the ecosystem.
The contents are more interesting from a security architecture perspective. The anti-distillation system (injecting fake tool definitions to poison training data scraped from API traffic) is a defensive measure that only works when its existence is secret. Now that it's public, anyone training on Claude Code API traffic knows to filter for it. The strategic value evaporated the moment the .map file hit the CDN.
The undercover mode discussion is being framed as deception, but the actual security question is narrower: should AI-authored contributions to public repositories carry attribution? That's an AI identity disclosure question that the industry hasn't settled. The code shows Anthropic made a specific product decision — strip AI attribution in public commits from employee accounts. Whether that's reasonable depends on whether you think AI authorship is material information for code reviewers.
The frustration regex is the least interesting finding technically but the most revealing culturally. A company with frontier-level NLP capability chose a regex over an inference call for sentiment detection. The engineering reason is obvious (latency and cost), but it tells you something about where even AI companies draw the line on using their own models.
Are you referencing the use of Claude subscription authentication (oauth) from non-Claude Code clients?
That’s already possible, nothing prevents you from doing it.
They are detecting it on their backend by profiling your API calls, not by guarding with some secret crypto stuff.
At least that’s how things worked last week xD
https://alex000kim.com/posts/2026-03-31-claude-code-source-l...
Ah, it seems that Bun itself signs the code. I don't understand how this can't be spoofed.
They are most likely using these as post-fact indicators and have automation they kicks in after a threshold is reached.
Now that the indicators have leaked, they will most likely be rotated.
They can't really do that. Now they have no way to distinguish "this is a user of a non updated Claude code" from "this is a user of a Claude code proxy".
https://fortune.com/2026/01/29/100-percent-of-code-at-anthro...
> Right now for most products at Anthropic it's effectively 100% just Claude writing
- Mike Krieger, chief product officer of Anthropic
Not only that, wouldn't allow other CLIs to be used either.
I don’t get it. What does this mean? I can use Claude code now without anyone knowing it is Claude code.
it's written to _actively_ avoid any signs of AI generated code when "in a PUBLIC/OPEN-SOURCE repository".
Also, it's not about you. Undercover mode only activates for Anthropic employees (it's gated on USER_TYPE === 'ant', which is a build-time flag baked into internal builds).
I'm still inclined to think people might be overreacting to that bit since it seems to be for anthropic-only to prevent leaking internal info.
But I did read the prompt and it did say hide the fact that you are AI.
But, I also get Anthropic's side that when they're contributing they don't want their internals leaked. If it had been left at that, that's fine, but having it pretend like it's not AI at all rubs me a little bit the wrong way. Why try to hide it?
But none of the other agents advertise that the commit was done by an agent. Like Codex. Your panic should apply equally to already existing agents like Codex no?
Being written by a LLM is a signal that the submission is of low effort and therefore probably low quality, which then puts the onus on the people reviewing and reading the submission instead of the original generator of the submission. Hence I would classify it as spam.
Open source communities also have rules against LLM generated contributions, for various moral, ethical, or legal reasons.
At this point I would consider any employee of an AI provider to be tainted.
> It's basically
> Anthropic doesn't just ask
> The fix? `MAX_CONSECUTIVE_AUTOCOMPACT_FAILURES = 3`
> Not a push-button bypass, but
The irony in saying "this is what I found" when an AI found it, not you.
> This was one of the first things people noticed in the HN thread.
> The obvious concern, raised repeatedly in the HN thread
> This was the most-discussed finding in the HN thread.
> Several people in the HN thread flagged this
> Some in the HN thread downplayed the leak
when the original HN post is already at the top of the front page...why do we need a separate blogpost that just summarizes the comments?
Or, more simply: Because folks wanted it enough to upvote it.
Plus there's demand for skilled TS software devs that don't ship your company's roadmap using a js.map
20,000 agents and none of them caught it...
/\b(wtf|wth|ffs|omfg|shit(ty|tiest)?|dumbass|horrible|awful| piss(ed|ing)? off|piece of (shit|crap|junk)|what the (fuck|hell)| fucking? (broken|useless|terrible|awful|horrible)|fuck you| screw (this|you)|so frustrating|this sucks|damn it)\b/
Personally, I'm generally polite even towards AI and even when frustrated. I simply point out the its mistakes instead of using emotional words.
How much approximate savings would this actually be?
AGI is definitely around the corner. Or not.
They would either need to lie about consuming the tokens at one point to use in another so the token counting was precise.
But that does not make sense because if someone counted the tokens by capturing the session it would certainly not match what was charged.
Unless they would charge for the fake tools anyway so you never know they were there
Prompts are not hard constraints—they can be interpreted, deprioritized, or reasoned around, especially as models become more capable.
From what’s visible, there’s no clear evidence of structural governance like voting systems, hard thresholds, or mandatory human escalation. That means control appears to be policy (prompts), not enforcement (code).
This raises the core issue: If governance is “prompts all the way down,” it’s not true governance—it’s guidance.
And as model capability increases, that kind of governance doesn’t get stronger—it becomes easier to bypass without structural constraints.
Has anyone actually implemented structural governance for agent swarms — voting logic, hard thresholds, REQUIRES_HUMAN as architecture not instruction?
>Is it ironic? Sure. Is it also probably faster and cheaper than running an LLM inference just to figure out if a user is swearing at the tool? Also yes. Sometimes a regex is the right tool.
I'm reading an LLM written write up on an LLM tool that just summarizes HN comments.
I'm so tired man, what the hell are we doing here.
And so now the copy cats can ofc claim this is totally not a copy at all, it's actually Opus. No license violation, no siree!
It's fucking hilarious is what it is, it's just too much.
Does this mean `huggingface.co/Jackrong/Qwen3.5-27B-Claude-4.6-Opus-Reasoning-Distilled` is unusable? Had anyone seen fake tool calls working with this model?
:-D
Edit: it gets sent to Anthropic via telemetry and it ends up on the fuck chart!
https://old.reddit.com/r/ClaudeCode/comments/1s99wz4/boris_t...
To err is human. AI is trained on human content. Hence, to err is AI. The day it stops making mistakes will be the beginning of the end. That would mean the existence of a consciousness that has no weakness. Great if it’s on your side. Terrible otherwise.
Granted, there's a small counterargument for mythos which is that it's probably going to be API-only not subscription
Genius level AI marketing
They don't want you using your subscription outside of Claude Code. Only API key usage is allowed.
Google also doubled down on this and OpenAI are the only ones who explicitly allow you to do it.
> change the code!!!! The previous comment was NOT ABOUT THE DESCRIPTION!!!!!!! Add to the {implementation}!!!!! This IS controlled BY CODE. *YOU* _MUST_ CHANGE THE CODE!!!!!!!!!!!
The more code gets generated by AI, won’t that mean taking source code from a company becomes legal? Isn’t it true that works created with generative AI can’t be copyrighted?
I wonder if large companies have throught of this risk. Once a company’s product source code reaches a certain percentage of AI generation it no longer has copyright. Any employee with access can just take it and sell it to someone else, legally, right?
The recent rulings on copyright though also need to be further tested, different judges may have different ideas on what "significant human contribution" looks like. The only thing we know for certain is that the prompt doesn't count.
My guess is that instead of enforcing via copyright, companies will use contracts & trade secret laws. Source code and algorithms counts as a trade secret, so in your example copyright doesn't even matter, the employee would be liable for stealing trade secrets.
AI generated code slowly stripping the ability of a project to enforce copyright protections though is a much bigger risk for free software.
Of course with lease intent is a very important concept. I doubt anyone is getting away with what I described.
It’s just interesting stuff to potentially rethink.
...what we did at Snap was just wait for 8-24 hours before acting on a signal, so as not to provide an oracle to attackers. Much harder to figure out what you did that caused the system to eventually block your account if it doesn't happen in real-time.
(Snap's binary attestation is at least a decade ahead of this, fwiw)
Sans the ability to JIT, I don't see non-hardware-assisted binary attestation for Snap and others lasting very long in a post-LLM world.
You've got a business, and you sent me junk mail, but you made it look like some official government thing to get me to open it? I'm done, just because you lied on the envelope. I don't care how badly I need your service. There's a dozen other places that can provide it; I'll pick one of them rather than you, because you've shown yourself to be dishonest right out of the gate.
Same thing with an AI (or a business that creates an AI). You're willing to lie about who you are (or have your tool do so)? What else are you willing to lie to me about? I don't have time in my life for that. I'm out right here.
Similarly, would you consider it to be dishonest if my human colleague reviewed and made changes to my code, but I didn’t explicitly credit them?
Additionally, this raises another big issue. A few years ago, a couple guys used software (what you could argue was a primitive AI) to generated around 70 billion unique pieces of music which amounts to essentially every piece of copyrightable music using standard music scales.
Is the fact that they used software to develop this copyrighted material relevant? If not, then their copyright should certainly be legal and every new song should pay them royalties.
It seems that using a computer to generate results MUST be added as an additional bit of analysis when it comes to infringement cases and fair use if not a more fundamental acknowledgement that computer-generated content falls under a different category (I'd imagine the real argument would be over how much of the input was human vs how much was the system).
Of course, this all sets aside the training of AI using copyrighted works. As it turns out, AI can regurgitate verbatim large sections of copyrighted works (up to 80% according to this study[0]) showing that they are in point of fact outright infringing on those copyrights. Do we blow up current AI to maintain the illusion of copyright or blow up current copyright law to preserve AI?
[0] https://arxiv.org/pdf/2603.20957
To begin to answer your questions, I would suggest you study the Copyright Office's report (which is also not law, but their guidance for laypeople as written by their staff lawyers) at https://www.copyright.gov/ai/Copyright-and-Artificial-Intell...
Even if the code is line-for-line identical, the difference is in how much trust I am willing to give the code. If I have to work in the neighborhood of that code, I need to know what degree of skepticism I should be viewing it with.
ISTM the most efficient and objective solution is to invest in AI more on both sides of the fence.
(Yes, I put "AI-only" and "knowledgeable" in there as weasel words. But I think that with them, it is not currently a very controversial case.)
Do you not think it is an overreaction to panic like this if I can do exactly what the undercover mode does by simply asking Claude?
1. They are loved, and for good reasons, Sonnet 4 was groundbreaking but Opus 4.6 was for many a turning point in realizing Agentic SDLC real potential. People moved from Cursor to Claude Code in droves, they loved the CLI approach (me too), and the LOVED the subsidized $200 max pro plan (what's not to love, pay $200 instead of $5000 to Cursor...) They are the underdog, the true alternative to "evil" OpenAI or "don't be evil" Google, really standing up against mass surveillance or use of AI for autonomous killing machines. They are standing for the little guy, they are the "what OpenAI should have been" (plus they have better models...) They are the Apple of the AI era.
2. They are too loved, so loved that it protects them from legitimate criticism. They make GitHub's status page look good, and they make comcast customer service look like Amazon's. (At least Comcast has customer service), They are "If Dario shoots a customer in the middle of 5th avenue it won't hurt their sales one bit" level of liked. The fact they have the best models (for now) might be their achilles heel, because it hides other issues that might be in the blindspot. And as soon as a better model comes out from a competitor (and it could happen... if you recall OpenAI were the undisputed kinds with GPT 4o for a bit) these will become much more obvious.
3. This can hurt them in the long run. Eventually you can't sustain a business where you have not even 2 9s of SLA, can't handle customer support or sales (either with humans or worse for them - if they can't handle this with AI how do they expect to sell their own dream where AI does everything?). I'm sure they'll figure it out, they have huge growth and these are growth pains, but at some point, if they don't catch up with demand, the demand won't stay there forever the moment OpenAI/Google/someone else release a better model.
4. They inadvertently made all of the cybersecurity sector a potential enemy. Yes, all of them use Anthropic models, and probably many of them use Claude Code, but they know they might be paying the bills of their biggest competitor. Their shares drop whenever Anthropic even hints of a new model. Investors cut their valuations because they worry Anthropic will eat them for breakfast. I don't know about you, but if you ask me, having the people who live and breath security indirectly threatened by you, is not the best thing in the world, especially when your source code is out in the open for them to poke holes in...
5. the SaaS pocalypse - many of Claude Code's customers are... SaaS companies, that the same AI is "going to kill", again, if there was another provider that showed a bit more care about the entire businesses it's going to devour, if they also had even marginally better models... would the brand loyalty stay?
Side note: I'm an Claude Enterprise customer, I can't get a human to respond to anything, even using the special "enterprise support" methods, and I'm not the only one, I know people who can't get a sales person, not to mention support, to buy 150 + seats (Anthropic's answer was - release self serve enterprise onboarding, which by the way is "pay us $20 which does not include usage, usage is at market prices, same as getting an API key", you pay for convenience and governance, p.s. you can't cancel enterprise, it's 20 seats min, for 1 year, in advance, so make sure you really need it, the team plan is great for most cases but it lacks the $200 plan, only the $100 5x plan).