ANTHROPIC ACCIDENTALLY SHIPPED 512,000 LINES OF INTERNAL CODE — AND BURIED INSIDE WAS A MODEL THAT DOES NOT OFFICIALLY EXIST
On March 31, 2026, a developer noticed something that was not supposed to be there. Version 2.1.88 of the @anthropic-ai/claude-code npm package shipped with a 59.8 megabyte source map containing 512,000 lines of unobfuscated TypeScript source code from inside Anthropic’s codebase. A Bun bundler configuration mistake exposed what amounts to a chunk of the company’s internal roadmap. Security researcher Chaofan Shou flagged it publicly within hours of release.
Inside the leaked code, buried in a security filter list, were three model name strings that had never appeared in any Anthropic announcement: sonnet-4-8, opus-4-7, and mythos. Two of those three have since become real products. Opus 4.7 shipped exactly as leaked on April 16. Mythos is the restricted cybersecurity model now being extended to ENISA and critical infrastructure operators under Project Glasswing. That leaves Sonnet 4.8, a model with zero announcements, zero API IDs, and zero benchmarks from Anthropic as of this week. It carries enormous credibility purely from the two-for-two track record of the leak it emerged from.
Developer communities are treating a mid-June release as a high-confidence expectation. The question is not whether it ships but what it costs. If Sonnet 4.8 arrives at Haiku-tier pricing, roughly $1 per million tokens, it resets the economics of production agentic workloads overnight and makes the entire enterprise pricing conversation between Anthropic, OpenAI, and the Chinese model providers look completely different. Builders are planning around it quietly. Anyone who waited on GPT-5.6 pricing before making architecture decisions now has a second variable to factor in.
Keywords: Claude Sonnet 4.8 leak, Anthropic npm leak, Claude model roadmap, Anthropic upcoming models