This article only rehashes primary sources that have already been submitted to HN (including the original researcher’s). The story itself is almost a month old now, and this article reveals nothing new.
Please email us about cases like this rather than posting a comment. That way we'll see it sooner and can take action more promptly. I've put the original article's URL in the top text. Other commenters in the subthread seem to feel strongly that this article contains sufficient additional content to warrant being the main link.
But neither of the previous HN submissions reached the front page. The benefit of this article is that it got to the front page and so raised awareness.
Creating a new URL with effectively the same info but further removed from the primary source is not good HN etiquette.
Plus this is just content marketing for the ai security startup who posted it. Theyve added nothing, but get a link to their product on the front page ¯\_(ツ)_/¯
Unfortunately it's kind of random what makes it to the front page. If HN had a mechanism to ensure only primary sources make it, automatically replacing secondary sources that somehow rank highly, I'd be all for that, but we don't have that.
>Creating a new URL with effectively the same info but further removed from the primary source is not good HN etiquette.
I'm going to respectfully disagree with all the above and thank the submitter for this article. It is sufficiently different from the primary source and did add new information (meta commentary) that I like. The title is also catchier which may explain its rise to the front page. (Because more of us recognize "Github" than "Cline").
The original source is fine but it gets deep into the weeds of the various config files. That's all wonderful but that actually isn't what I need.
On the other hand, this thread's article is more meta commentary of generalized lessons, more "case study" or "executive briefing" style. That's the right level for me at the moment.
If I was a hacker trying to re-create this exploit -- or a coding a monitoring tool that tries to prevent these kinds of attacks, I would prefer the original article's very detailed info.
On the other hand, if I just want some highlights that raises my awareness of "AI tricking AI", this article that's a level removed from the original is better for that purpose. Sometimes, the derived article is better because it presents information in a different way for a different purpose/audience. A "second chance pool" doesn't help a lot of us because it still doesn't change the article to a shorter meta commentary type of article that we prefer.
The thread's article consolidated several sources into a digestible format and had the etiquette of citations that linked backed to the primary source urls.
> Plus this is just content marketing for the ai security startup who posted it. Theyve added nothing, but get a link to their product on the front page ¯\_(ツ)_/¯
This. I want to support original researchers websites and discussions linking to that rather than AI startup which tries to report the same which ends up on front page.
Today I realized that I inherently trust .ai domains less than other domains. It always feel like you have to mentally prepare your mind that the likelihood of being conned is higher.
You say this, and yet there are no real comments i.e. discussion in either of them? This must be the HN equivalent of Stack Overflow's infamous "closed as duplicate".
I love these questions bc they both can be answered with some slight heuristics, and they are quite surprising!
As of January 2026, there were > 13k npm packages w/ more than 1 Million monthly downloads [1]
Answering "how many total developers does that cover" is a lot harder (more expensive, rather, as I am not going to pay for the query on Google BigQuery to answer it, not after I spent $3k by accident last time doing similar exploration in the past)
I wont try to make a SWAG about how many devs have write access across those repos, but in the npm ecosystem alone I'm comfortable saying it is an order of magnitude more than 100.
Folks saying this offer is in bad faith or not generous enough dont seem to understand how low the bar is here for rewarding maintainers.
I maintain Express.js and Lodash, as well as a number of express direct deps (as a TC member of both Express and Lodash).
OSS has been my fulltime focus for over a year (aka Im unemployed). In 2025 I made $10 from open source, in the form of an amazon gift card for fixing a bug in another random open source project (I think they have VC money).
Call it skill issue on my part, sure valid. But having a form that says “give us your email and handle, we can easily verify your contributions, and in exchange you get $200/month of value and we ask nothing of you” is the most generous gift Ive seen.
Is it enough to fix the well known power dynamics of OSS? Of course not. Is it cheap PR for Anthropic? Yes, as is every other corporate OSS fund initiative. Im not going to give them a standing ovation and a key to the city bc they cleared the extremely low bar.
My point is that, regardless of motives, from this maintainer’s perspective this is a kind offer which is respectful of me and my time. If you fall into the camp that training on OSS is stealing, I can see why youd think that this is a slap in the face. I personally do not see it that way, as my work is a conduit for me to serve millions Ill never meet, and what they do with my labor is not a personal concern. I do what I do because the process itself has value to me.
I might sign up just to stay on top of a market change that I don’t have an employer paying me to learn.
But the two concerns I have are, what happens when someone uses it to make the projects I work on again but with one design change, and it this pulling up the ladder behind us? Will someone still be able to start a project five years from now and do what you’ve done? Or come into existing projects like I have?
> I might sign up just to stay on top of a market change that I don’t have an employer paying me to learn.
This is the thing I hate most about AI. It is a huge shift in power towards big companies that have the capital to throw at it. And towards those few mega corporations that control the tech.
It's a big shift away from hobbyists, tinkerers and people exploring ideas on their own time.
I don't know if there is one. There are models people can run on fairly expensive hardware at home, but will those be 'good enough' compared to the heavier duty resources that a big, well-funded corporation can deploy?
Like... while the open source models are improving, does that converge with the fancy models with tons of money behind them?
My understanding of the economics of it - so far - is that "more computing resources leads to better results" and capital wins that game.
I dont want to misrepresent, I am not the original author of any of these projects. I am not JDD of lodash (who is still involved and part of the TC) nor TJ Holowaychuk of express.
I dont know what the future will look like, but IMO open source is the intersection of code and community (aka the squishy bits) and for that reason I dont think AI will make it obselete, not now nor in the future.
I’m author of relatively popular open source project (4.8k stars, 100k+ downloads/months), lived on donations for five years. I use and am eternally grateful for the following oss plans:
- Unlimited browserstack. This would cost thousands of dollars
- Free netlify hosting. Server side analytics is still $9/m, but anyway
These plans have one thing in common: they are not limited in time. Open source cannot be built on an unstable foundation.
The six-month anthropic offer is just ridiculous. Bland PR move, I can’t express how miserable this plan is. It just not for us
I dunno, is a free trial really a gift? Especially if the thing they're trialing is built off the data you're giving them? To be fair it does have a pretty significant monetary value (which can't be transferred..), but personally it feels a little off
I currently pay them $200/month out of my own pocket for this already, so for me it is not a free trial but subsizing my usage.
Agreed that $200 USD would be preferable (credits dont pay rent). My comment is directed at the strong words others have left about this being in bad faith on the whole. Even if it is, then their bad faith efforts are better than most.
Opinions here will vary, I wanted to share mine <3
Over the past week I started a new project in C with GTK on Linux just for fun. I wanted to see how far it could take me. I didn't expect this at all.
One week later and I've built the task manager of my wet fever dreams in pure C. The architecture is something I never, ever would have had the time to do. It would have taken years.
I also straight up learned more about event buses, plugin architecture, and memory in the past week than I had the past 5 years.
Now I've got a DevOps tool that can capture stdout and stderr on a cron sub processes even when the cron is doing nothing with it. I can stream it somewhere at will.
To OPs point, whether you want to call it a gift kinda feels like splitting hairs. As is well established, most software companies have huge dependencies on OSS yet contribute very little so $1200 in free service is a pretty big step up over the fuck-all you'll get from most places.
The use of data for model training is a simple toggle, very easy to opt out of during the initial setup.
Also, the end product is open source anyway, so there is no case of IP being leaked into training data. What remains is that they can use, with your permission, the overall coding practices of a great programmer to fine-tune Claude's code and models. As in, how one approaches planning or troubleshooting. Is this a bad thing? Perhaps every maintainer should decide for themselves whether they want to contribute back or not.
It is a gift of six months of the service. And I don’t think being built using OSS matters here? For example, if AWS gave Linux maintainers free EC2 instances it wouldn’t feel off.
I think what you’re getting at involves more data that was scraped illegally. Like if Anthropic gave free Claude access to writers since it just lost a lawsuit related to copyrighted books, that would be kind of a slap in the face. But OSS software is not published with an expectation of payment.
I think I'm more getting at the spirit of open source/free software, which is of social reciprocity. I think it's kind of ugly to train on programmers work with the explicit goal of putting those programmers out of work. (And based on their comments, that does seem to be Anthropic's goal -- they're not of the "this will help you do your job better" camp)
Yep, I had the same reaction. It was like. "Huh? What? Actual acknowledgement of contributions? Cannot compute." They even made the requirements just low enough for me to qualify. We'll see if I actually get the deal though but this could be the most generous thing that ever happened to me in the open source sphere. I have a tendency to fall through every possible crack so this is an actual shock to me.
Don't get me wrong, I definitely see the cynical side that Claude may potentially benefit from learning my high quality coding practices as a result of this... This is clearly also a way to source high quality training data. Maintainers of open source projects with 5K+ stars are among the most competent engineers you can find and they're not biased towards unnecessary complexity as most corporate folks are. The reason is simple; if you code for free, there is no incentive to maximize billable hours; it's the opposite. This is a real gold-mine of quality coding data. AI companies should be fighting over us.
But still, I think this is nice in either case. These days, I appreciate people using even cold calculated logic as a motivation for doing the right thing. I'm tired of people being irrational and doing the wrong thing because the wrong thing sounds more marketable to investors.
I don't know of any good backbone service or library with 5K+ stars, only npm or python hyped bozos. There is certainly not any competence in github stars. Aren't any GNU libs maintained on GitHub? No, they are mostly not. Just very few.
Yeah well it's like money these days; having a $10 million net worth doesn't actually say much about a person; maybe it fell on their lap because they knew the right people or maybe they had to struggle to earn every cent. It's the same with GitHub stars.
Unfortunately, those who had it easy tend to get much more attention and are much more visible; attention is how they got there in the first place so of course there is not much merit behind their work. A lot of software tooling is a Potemkin village. It's over-hyped and developers/users are forced into it by their boss who happens to be an investor in the project founder's company.
It often seems like nobody from Millennial or Gen Z generations built any good popular software tool or library... It's like nothing innovative came out since the time of Linux, GNU and GIT... No competent software developers since John Carmack? It's not true of course, it's just that we are a heavily suppressed and manipulated generation. Firstly, we are demoralized, so there are less of us actually putting in the effort to build quality stuff, but even those who do, our work is often marginalized and covered up by algorithms. Often nipped in the bud.
We have to consider that Linus Torvalds didn't build Linux all by himself. Had the community not come together and made all these distros, today, nobody would even know what Linux is and Linus Torvalds would be a failed developer living in the shadow of Bill Gates and Steve Jobs.
I don't think it's a slap in the face. The slap in the face is devoting your life savings to giving away your work for free and then have it sold back to you. It's really smart what Anthropic is doing. They're encouraging the most influential developers to use their product. If you take the Anthropic money then you probably won't be able to join a class action lawsuit against them. That's fine by me since I'd rather get $200/month back from Anthropic than a $200 cheque in the mail from some lawyers who got rich claiming to represent FOSS developers. Microsoft used to let open source developers use LLMs for free via Copilot. However they took that privilege away a few months ago. I'm glad Anthropic is bringing it back. Even if I only use it for coding tests and experiments.
In fact, Anthropic should go further and let open source developers invest in them before their IPO. I've been trying to do that for a while but they haven't let me :'(
Slightly off-topic, but I wish more OSS projects and maintainers would advertise cryptocurrency donation addresses. It's probably the easiest way for end users to donate.
I have done that for years, and so far have received the equivalent of $25 (through three mBTC transactions) on my Bitcoin address, and maybe $90 through whatever the token is Brave uses (BAT?).
I still get random donations through an old PayPal email address that's listed on the same page as my bitcoin address, and that totals more like $100 (a year, not over the lifetime).
What's the best way for a teenager to get involved in one of the projects you maintain? I've been trying to help my kid find an entry point into the industry, and I'm one of those annoying folks who relies on open source but rarely contributes.
Assuming they've got reasonable programming skills. They can simply find an open-source project they are passionate about. Spend time understanding the overall structure. Then pick up an issue raised by the community and prepare a fix as a pull request.
The first PR is unlikely to be merged the next day; however, it sparks lots of productive discussions with the rest of the community, allowing your kid to build a mental model of the project's best practices and sensitivities.
The more he contributes, the more integral he becomes to the community. After gaining enough experience through small issues, they can even consider working on a new feature.
As a byproduct, a great addition to the CV if they are also looking to go commercial.
Has anyone who's signed up for this actually had a response? I'm curious to see whether any of these "AI" code analysers can produce anything more than AI slop, but after signing up for a few all I've had is AI crickets.
You can churn this stuff out in about an hour these days though, seriously. Thats part of the problem, the asymmetry of time to create vs time to review.
If I can write 8 9k line PRs everyday and open them against open source projects, even closing them let alone engaging with them in good faith is an incredible time drain vs the time investment to create them.
We are seeing a lot more drive by PRs in well known open source projects lately. Here is how I responded to a 1k line PR most recently before closing and locking. For context, it was (IMO) a well intentioned PR. It purported to implement a grab bag of perf improvements, caching of various code paths, and a clustering feature
Edit: left out that the user got flamed by non contributors for their apparently AI generated PR and description (rude), in defense of which they did say they were using several AI tools to drive the work.
:
We have a performance working group which is the venue for discussing perf based work. Some of your ideas have come up in that venue, please go make issues there to discuss your ideas
my 2 cents on AI output: these tools are very useful, please wield them in such a way that it respects the time of the human who will be reading your output. This is the longest PR description I have ever read and it does not sound like a human wrote it, nor does it sound like a PR description. The PR also does multiple unrelated things in a single 1k line changeset, which is a nonstarter without prior discussion.
I don't doubt your intention is pure, ty for wanting to contribute.
There are norms in open source which are hard to learn from the outside, idk how to fix that, but your efforts here deviate far enough from them in what I assume is naivety that it looks like spam.
Daniel Stenberg of curl gave a talk about some of what theyve been experiencing, mostly on the security beg bounty side. A bit hyperbolic, and his opinion is clear from the title, but I think a lot of maintainers feel similarly.
The author has run into the same problem that anyone who wants to do analysis on the NPM registry runs into, there's just no good first party API for this stuff anymore.
It seems this was their first time going down this rabbit hole, so for them and anyone else, I'd urge you to use the deps.dev Google BigQuery dataset [0] for this kind of analysis. It does indeed include NPM and would have made the author's work trivial.
Drop in a lint rule to fail on skipped tests. Ive added these at a previous job after finding that tests skipped during dev sometimes slipped through review and got merged.
The 30th anniversary post has an overview of events in the game’s history (content updates, community, server upgrades) that was very interesting. Congrats on the beefy 486/100 server with 64M of RAM upgrade in ‘94!
The researcher who first reported the vuln has their writeup at https://adnanthekhan.com/posts/clinejection/
Previous HN discussions of the orginal source: https://news.ycombinator.com/item?id=47064933
https://news.ycombinator.com/item?id=47072982
reply