- TypeScript 100%
936e6c8e8d
The README title now foregrounds Python porting context alongside the exposure-archive and OmX workflow framing. This keeps the headline closer to the current narrative direction while still matching the repository's actual contents: an exposed TypeScript snapshot with companion notes, not a completed Python codebase. Constraint: Title must not falsely claim the repository itself is already a Python port Rejected: Rename the project as if the Python rewrite were already present | repository contents remain the exposed TypeScript snapshot Confidence: high Scope-risk: narrow Reversibility: clean Directive: If later title changes emphasize Python again, keep the wording in the realm of context/notes unless the repository contents truly become a Python port Tested: git diff --check; Python README title validation Not-tested: External markdown rendering on GitHub or other hosting surfaces |
||
|---|---|---|
| assets/omx | ||
| src | ||
| 2026-03-09-is-legal-the-same-as-legitimate-ai-reimplementation-and-the-erosion-of-copyleft.md | ||
| README.md | ||
Claude Code Exposure Archive, Python Porting Context, and OmX Workflow Notes
This repository keeps a publicly exposed Claude Code source snapshot that became accessible on March 31, 2026 through a source map exposure in the npm distribution, together with companion essay/context notes and OmX-assisted documentation work.
Archive Context
This repository is maintained by a university student studying:
- software supply-chain exposure and build artifact leaks
- secure software engineering practices
- agentic developer tooling architecture
- defensive analysis of real-world CLI systems
This archive is intended to support:
- educational study
- security research practice
- architecture review
- discussion of packaging and release-process failures
Related research writing:
The essay is dated March 9, 2026, so it should be read as companion analysis that predates the March 31, 2026 source exposure documented below.
Why this archive exists (and what it is not)
I initially kept this repository as a source-exposure archive so I could study the harness, tool wiring, and agent workflow. After sitting with the legal and ethical questions more seriously—and after reading the essay linked above—I no longer wanted the README to treat raw legality as the only frame.
This branch therefore takes a smaller and more honest step: it keeps that essay in view as companion reading and makes the archive's research-only framing more explicit. This repository is still a mirrored TypeScript source snapshot for analysis; it is not a clean-room or Python rewrite.
Built with oh-my-codex
The README/essay archival work on this branch was AI-assisted and orchestrated with Yeachan Heo's oh-my-codex (OmX), a workflow layer built around Codex.
$teammode: used for coordinated parallel review of repo fit, wording risk, and final architecture consistency.$ralphmode: used for persistent execution, verification, and final architect sign-off before claiming completion.- Codex-driven workflow: this documentation/contextualization pass was completed with Codex under OmX orchestration.
OmX workflow screenshots
Ralph/team orchestration view while the README and essay context were being reviewed in terminal panes.
Split-pane review and verification flow during the final README wording pass.
It does not claim ownership of the original code, and it should not be interpreted as an official Anthropic repository.
How the Public Snapshot Became Accessible
Chaofan Shou (@Fried_rice) publicly noted that Claude Code source material was reachable through a .map file exposed in the npm package:
"Claude code source code has been leaked via a map file in their npm registry!"
The published source map referenced unobfuscated TypeScript sources hosted in Anthropic's R2 storage bucket, which made the src/ snapshot publicly downloadable.
Repository Scope
Claude Code is Anthropic's CLI for interacting with Claude from the terminal to perform software engineering tasks such as editing files, running commands, searching codebases, and coordinating workflows.
This repository contains a mirrored src/ snapshot for research and analysis.
- Public exposure identified on: 2026-03-31
- Language: TypeScript
- Runtime: Bun
- Terminal UI: React + Ink
- Scale: ~1,900 files, 512,000+ lines of code
Directory Structure
src/
├── main.tsx # Entrypoint orchestration (Commander.js-based CLI path)
├── commands.ts # Command registry
├── tools.ts # Tool registry
├── Tool.ts # Tool type definitions
├── QueryEngine.ts # LLM query engine
├── context.ts # System/user context collection
├── cost-tracker.ts # Token cost tracking
│
├── commands/ # Slash command implementations (~50)
├── tools/ # Agent tool implementations (~40)
├── components/ # Ink UI components (~140)
├── hooks/ # React hooks
├── services/ # External service integrations
├── screens/ # Full-screen UIs (Doctor, REPL, Resume)
├── types/ # TypeScript type definitions
├── utils/ # Utility functions
│
├── bridge/ # IDE and remote-control bridge
├── coordinator/ # Multi-agent coordinator
├── plugins/ # Plugin system
├── skills/ # Skill system
├── keybindings/ # Keybinding configuration
├── vim/ # Vim mode
├── voice/ # Voice input
├── remote/ # Remote sessions
├── server/ # Server mode
├── memdir/ # Persistent memory directory
├── tasks/ # Task management
├── state/ # State management
├── migrations/ # Config migrations
├── schemas/ # Config schemas (Zod)
├── entrypoints/ # Initialization logic
├── ink/ # Ink renderer wrapper
├── buddy/ # Companion sprite
├── native-ts/ # Native TypeScript utilities
├── outputStyles/ # Output styling
├── query/ # Query pipeline
└── upstreamproxy/ # Proxy configuration
Architecture Summary
1. Tool System (src/tools/)
Every tool Claude Code can invoke is implemented as a self-contained module. Each tool defines its input schema, permission model, and execution logic.
| Tool | Description |
|---|---|
BashTool |
Shell command execution |
FileReadTool |
File reading (images, PDFs, notebooks) |
FileWriteTool |
File creation / overwrite |
FileEditTool |
Partial file modification (string replacement) |
GlobTool |
File pattern matching search |
GrepTool |
ripgrep-based content search |
WebFetchTool |
Fetch URL content |
WebSearchTool |
Web search |
AgentTool |
Sub-agent spawning |
SkillTool |
Skill execution |
MCPTool |
MCP server tool invocation |
LSPTool |
Language Server Protocol integration |
NotebookEditTool |
Jupyter notebook editing |
TaskCreateTool / TaskUpdateTool |
Task creation and management |
SendMessageTool |
Inter-agent messaging |
TeamCreateTool / TeamDeleteTool |
Team agent management |
EnterPlanModeTool / ExitPlanModeTool |
Plan mode toggle |
EnterWorktreeTool / ExitWorktreeTool |
Git worktree isolation |
ToolSearchTool |
Deferred tool discovery |
CronCreateTool |
Scheduled trigger creation |
RemoteTriggerTool |
Remote trigger |
SleepTool |
Proactive mode wait |
SyntheticOutputTool |
Structured output generation |
2. Command System (src/commands/)
User-facing slash commands invoked with / prefix.
| Command | Description |
|---|---|
/commit |
Create a git commit |
/review |
Code review |
/compact |
Context compression |
/mcp |
MCP server management |
/config |
Settings management |
/doctor |
Environment diagnostics |
/login / /logout |
Authentication |
/memory |
Persistent memory management |
/skills |
Skill management |
/tasks |
Task management |
/vim |
Vim mode toggle |
/diff |
View changes |
/cost |
Check usage cost |
/theme |
Change theme |
/context |
Context visualization |
/pr_comments |
View PR comments |
/resume |
Restore previous session |
/share |
Share session |
/desktop |
Desktop app handoff |
/mobile |
Mobile app handoff |
3. Service Layer (src/services/)
| Service | Description |
|---|---|
api/ |
Anthropic API client, file API, bootstrap |
mcp/ |
Model Context Protocol server connection and management |
oauth/ |
OAuth 2.0 authentication flow |
lsp/ |
Language Server Protocol manager |
analytics/ |
GrowthBook-based feature flags and analytics |
plugins/ |
Plugin loader |
compact/ |
Conversation context compression |
policyLimits/ |
Organization policy limits |
remoteManagedSettings/ |
Remote managed settings |
extractMemories/ |
Automatic memory extraction |
tokenEstimation.ts |
Token count estimation |
teamMemorySync/ |
Team memory synchronization |
4. Bridge System (src/bridge/)
A bidirectional communication layer connecting IDE extensions (VS Code, JetBrains) with the Claude Code CLI.
bridgeMain.ts— Bridge main loopbridgeMessaging.ts— Message protocolbridgePermissionCallbacks.ts— Permission callbacksreplBridge.ts— REPL session bridgejwtUtils.ts— JWT-based authenticationsessionRunner.ts— Session execution management
5. Permission System (src/hooks/toolPermission/)
Checks permissions on every tool invocation. Either prompts the user for approval/denial or automatically resolves based on the configured permission mode (default, plan, bypassPermissions, auto, etc.).
6. Feature Flags
Dead code elimination via Bun's bun:bundle feature flags:
import { feature } from 'bun:bundle'
// Inactive code is completely stripped at build time
const voiceCommand = feature('VOICE_MODE')
? require('./commands/voice/index.js').default
: null
Notable flags: PROACTIVE, KAIROS, BRIDGE_MODE, DAEMON, VOICE_MODE, AGENT_TRIGGERS, MONITOR_TOOL
Key Files in Detail
QueryEngine.ts (~46K lines)
The core engine for LLM API calls. Handles streaming responses, tool-call loops, thinking mode, retry logic, and token counting.
Tool.ts (~29K lines)
Defines base types and interfaces for all tools — input schemas, permission models, and progress state types.
commands.ts (~25K lines)
Manages registration and execution of all slash commands. Uses conditional imports to load different command sets per environment.
main.tsx
Commander.js-based CLI parser and React/Ink renderer initialization. At startup, it overlaps MDM settings, keychain prefetch, and GrowthBook initialization for faster boot.
Tech Stack
| Category | Technology |
|---|---|
| Runtime | Bun |
| Language | TypeScript (strict) |
| Terminal UI | React + Ink |
| CLI Parsing | Commander.js (extra-typings) |
| Schema Validation | Zod v4 |
| Code Search | ripgrep |
| Protocols | MCP SDK, LSP |
| API | Anthropic SDK |
| Telemetry | OpenTelemetry + gRPC |
| Feature Flags | GrowthBook |
| Auth | OAuth 2.0, JWT, macOS Keychain |
Notable Design Patterns
Parallel Prefetch
Startup time is optimized by prefetching MDM settings, keychain reads, and API preconnect in parallel before heavy module evaluation begins.
// main.tsx — fired as side-effects before other imports
startMdmRawRead()
startKeychainPrefetch()
Lazy Loading
Heavy modules (OpenTelemetry, gRPC, analytics, and some feature-gated subsystems) are deferred via dynamic import() until actually needed.
Agent Swarms
Sub-agents are spawned via AgentTool, with coordinator/ handling multi-agent orchestration. TeamCreateTool enables team-level parallel work.
Skill System
Reusable workflows defined in skills/ are executed through SkillTool. Users can add custom skills.
Plugin Architecture
Built-in and third-party plugins are loaded through the plugins/ subsystem.
Research / Ownership Disclaimer
- This repository is an educational and defensive security research archive maintained by a university student.
- It exists to study source exposure, packaging failures, and the architecture of modern agentic CLI systems.
- The original Claude Code source remains the property of Anthropic.
- This repository is not affiliated with, endorsed by, or maintained by Anthropic.