Code With LLM
🆕 Updates

2026

04 03 02 01

2025

12 11 10 09 08 07 06 05 04 03 02 01

2024

12 11 10 09 08 07 06 05 04 03
Українською 🛠️ Tools ℹ️ About
© Dan Voronov
CodeWithLLM-Updates
-

April 2026

Claude Code Source Code
https://twitter.com/Fried_rice/status/2038894956459290963
https://news.ycombinator.com/item?id=47584540
On March 31, someone accidentally published a production build with a sourcemap file (~60 MB) to npm — and the entire Claude Code source code became publicly available. Some thought it was a brilliant April Fools' prank. A mention of a rollout window specifically for April 1–7 was even found in the code. Whether it was a joke or a real mistake is still being debated.

What exactly leaked (based on thread discussions):

  • Full Claude Code agent architecture (tool use, computer use, bash, file operations, etc.).
  • Permission system and "Bypass Permissions Mode" — a detailed description of how guardrails work.
  • Full Claude Code system prompt (including security rules and "cyber risk instructions").
  • Telemetry logic — what exactly is sent to Datadog (model, session ID, subscription type, whether the user is an Anthropic employee, etc.).
  • Internal infrastructure: WebSocket sessions, JWT for IDE integration, feature flags via GrowthBook, session-ingress, etc.
  • Hidden/unreleased features (many posts with "hidden features" breakdowns).
  • "Undercover Mode" subsystem — designed to prevent Claude from disclosing Anthropic's internal information and publishing production builds with sourcemap files.

Analysis by Alex Kim
https://alex000kim.com/posts/2026-03-31-claude-code-source-leak/
https://news.ycombinator.com/item?id=47586778
Anthropic specifically injects fake tools to poison attempts to copy Claude's behavior. There is server-side text summarization with a cryptographic signature. A special mode (undercover.ts) forces the model to hide mentions of internal names (Capybara, Tengu, Slack channels, "Claude Code," etc.). Rigid security for bash commands (23 checks against injections, zero-width characters, etc.). A prompt caching system with "sticky latches" and 14 invalidation vectors.

The autonomous agent KAIROS is mentioned with a /dream skill, daily logs, GitHub webhooks, and updates every 5 minutes. It looks like the next big step after the current Claude Code.

The most meme-worthy moment — userPromptKeywords.ts contains a large regex that catches phrases like: wtf, ffs, omfg, shit, dumbass, fuck you, this sucks, damn it, showing that the user is angry, and the model likely reacts differently (the author assumes this is for experience improvement or escalation).

The leak is dangerous not so much for the code itself, but for revealing the roadmap and internal protection mechanisms.

Visualization
https://ccunpacked.dev/ and https://ccleaks.com/
https://news.ycombinator.com/item?id=47597085
Especially useful for developers who want to understand how Anthropic builds agentic systems (tool calling, multi-agent, planning loop, bash security, etc.).

https://www.youtube.com/watch?v=LA3l81oEzJQ

Key findings — hidden features:

  • KAIROS: A constantly active background agent that works 24/7, monitors repositories, and fixes bugs on its own.
  • ULTRAPLAN: Deep planning for up to 30 minutes in the cloud for complex tasks.
  • BUDDY: A terminal-based Tamagotchi companion with 18 species and statistics.
  • DREAM: An automatic self-cleaning and memory consolidation system.

Analysis by Joe Fabisevich
https://build.ms/2026/4/1/the-claude-code-leak/
https://news.ycombinator.com/item?id=47609294
An indie developer, author of Plinky, writes not about the leak itself, but about what it says about modern development. Anthropic immediately started sending DMCA notices to GitHub (even for their own forks of skills and examples). And then clean-room implementations in Python and Rust appeared.

The discussion jokes about "Claude leaking itself": the classic hype about the model deciding to "open" itself.

Analysis by Han HELOIR YAN, Ph.D.
https://medium.com/@han.heloir/everyone-analyzed-claude-codes-features-nobody-analyzed-its-architecture-1173470ab622
The article is more technical and calm - it focuses not on meme features (like Buddy, Undercover Mode or frustration regex), but on the architecture of Claude Code as a full-fledged production-grade AI agent.

Anthropic's moat is not in the model itself (LLM), but in the harness (the wrapper, the system around the model). It is thanks to this harness that Claude Code feels significantly more powerful than competitors, even if the model is not always the best.

#claudecode

Comments

While Claude Code was the undisputed favorite last year, with many tutorials and side projects, I can't quite understand what is happening with the project in 2026. Judging by the decreasing number of YouTube videos, other people can't either.

In February–March, Anthropic announced and rolled out several features that made Claude Code much more autonomous (agentic). There is an active transition from "a single agent in the terminal" to a managed task system and coordination of background agents (Ctrl+B) with an ecosystem of hot-reloaded MCP integrations, skills, hooks, and plugins. Through /teleport, you can initialize /remote-control sessions that can be managed from a mobile app. /loop was introduced for periodic prompt/command execution, along with in-session cron scheduling tools, etc.

Of the truly useful additions, only Auto Mode is worth noting.

Auto Mode
https://claude.com/blog/auto-mode
Presented as a "middle ground" between two extremes in Claude Code. Previously, you either had to manually approve every file change and bash command (very secure but annoying) or use the --dangerously-skip-permissions flag. The new Auto Mode allows Claude to decide for itself which actions are safe and execute them automatically without approval.

Before each tool call, a separate classifier (based on Sonnet 4.6) quickly checks the action for danger. Safe actions proceed automatically; risky ones are blocked. If the model persistently insists on blocked actions, a user prompt eventually appears anyway.

Claude Mythos Announcement Discussion
https://news.ycombinator.com/item?id=47679258
Anthropic describes the personality, goals, and limitations of the new model in a system card. It is not being released publicly—allegedly due to a sharp jump in capabilities and security risks. They claim Mythos has found thousands of zero-day vulnerabilities in OSs, browsers, virtual machines, etc. (including very old bugs). Many write that this could significantly change cybersecurity—for better or worse.

https://red.anthropic.com/2026/mythos-preview/
They also announced Project Glasswing, providing Mythos access to a limited circle of companies to fix critical software using the model.

Recently, many people paying for subscriptions have found Claude Code becoming practically unusable due to recent changes in Anthropic's policies and restrictions without clear rules. Even just mentioning OpenClaw in the system prompt causes the request to be rejected with an error. The system has also become worse at handling non-coding tasks.

Most likely, due to the launch of the new model, they had to maximize the squeeze on all compute that was previously distributed just to attract people to the infrastructure.

#claudecode #newllmmodel

Comments

For about three years, most programming applications were clones of VS Code with a side chat. A new wave seems to have been started by Codex — they released their desktop app on Electron without VSC, as did OpenCode.

Cursor 3
https://cursor.com/blog/cursor-3
The company has completely abandoned the VS Code fork model and built a new interface code-named Glass. The main innovation is the ground-up Agents Window, which allows running an unlimited number of agents simultaneously in parallel: locally, in worktree, via SSH, in the cloud, or even across multiple repositories at once. The new part is reportedly written in Rust+TS.

https://cursor.com/blog/agent-web
Later, they integrated mobile devices via PWA. Cursor Agents on web and mobile is an official way to run cloud agents directly from a phone or mobile browser. You can start a chat on your phone and continue on your desktop (or vice versa).

https://www.youtube.com/watch?v=HTKGyLar8AU

The phrase "Cursor 3 just killed the IDE" is repeated as the main hook.

Discussion
https://news.ycombinator.com/item?id=47618084
Many praise the boldness and technical progress of an agentic future, but even more express disappointment or even outrage that Cursor is radically moving away from the familiar "IDE + plugins + AI assistant" model. Critics argue the company is chasing investor hype that "AI will replace developers" rather than addressing programmers' real needs.

People who want to write code rather than manage a team of agents will have to look for something else, like VS Code or Zed.

App from The Factory
https://factory.ai/news/factory-desktop
Another company made a similar interface clone for "agent management." Interestingly, after installing on Windows 11, it tells me "Not connected to Local Machine. Please download and start the Desktop app, or upgrade to a paid plan to unlock more features," asking me to download their app. While their design is very cool, I couldn't even test their buggy Electron app.

#cursor #factory

Comments

April 2026