AI Coding News

March 31, 2026

Key Signals

  • Anthropic's entire Claude Code source code leaked via an npm source map packaging error, exposing 512,000 lines of TypeScript. The leak revealed Claude Code's full internal architecture — a 40-tool plugin system, a 46,000-line query engine, multi-agent "swarm" orchestration, and an IDE bridge layer — giving competitors and security researchers an unprecedented look at the leading AI coding tool's internals. Upcoming features including a Tamagotchi-style companion pet system, a "KAIROS" always-on background agent, and a "COORDINATOR_MODE" for multi-agent workflows were also uncovered. Anthropic confirmed this was human error, not a security breach, but the code has already been forked over 50,000 times on GitHub. [1][2][3]

  • GitHub Copilot CLI v1.0.14 shipped a major release with 27 fixes and improvements, including parallel startup optimizations and V8 compile caching for significantly faster launch times. The release addresses BYOM reliability for Anthropic models, adds SDK support for session elicitation requests, and improves MCP server handling across Microsoft Entra ID, OAuth in ACP mode, and registry lookups. Memory safety was improved for the grep tool on large files, and the deprecated gemini-3-pro-preview model was removed. [8]

  • Cursor launched self-hosted cloud agents, letting enterprises run AI coding agents entirely within their own infrastructure. Source code, tool execution, and build artifacts never leave the company's environment, while Cursor continues to coordinate agent operations from its cloud. Notion and Brex are among early adopters, and the feature supports up to 10 workers per user and 50 per team. This addresses a critical barrier to enterprise adoption: the reluctance to route proprietary code through external services. [4]

  • Claude Code users are hitting usage limits up to 10–20x faster than expected, with Anthropic calling the issue its "top priority." A community member reverse-engineered Claude Code and identified two prompt cache bugs that may be silently inflating costs by breaking cache history and forcing full reprocessing of every prompt. The issue coincides with Anthropic's recent policy to reduce quotas during peak hours, and users report that a single prompt can now consume 10% of their session limit — up from the 0.5–1% they previously experienced. [5]

  • JetBrains Central launched as a governance and observability platform for AI coding agents, with JetBrains warning the industry is about to repeat the cloud ROI crisis. A JetBrains survey of 11,000 developers found that 90% already use AI at work and 66% of companies plan to adopt coding agents within 12 months, yet only 13% use AI across the full SDLC. The platform takes an open approach, allowing teams to bring any IDE, API keys, and external agents via the Agent Communication Protocol. [6]

  • OpenAI Codex v0.118.0 shipped with Windows sandbox proxy networking, ChatGPT device-code login, and dynamic bearer token refresh for custom model providers. The release improves sandbox security on Windows with OS-level egress rules, adds codex exec support for piping stdin alongside a prompt, and fixes Linux sandbox bwrap reliability. Multiple app-server TUI workflows that had regressed were also restored. [10]

AI Coding News

  • Anthropic accidentally leaked the full Claude Code CLI source code — 1,897 files totaling roughly 132,000 lines of unobfuscated TypeScript — through an npm source map file included in the v2.1.88 release. The architecture reveals a production-grade system far beyond an API wrapper: a plugin-like tool system with ~40 discrete, permission-gated tools; a 46,000-line query engine handling all LLM API calls, streaming, caching, and orchestration; and multi-agent orchestration where Claude can spawn "swarm" sub-agents with independent tool permissions. The codebase uses Bun as its JavaScript runtime, Ink for the CLI UI, and Zod v4 for pervasive schema validation. Technical deep-dives uncovered a hand-rolled Vim implementation more complete than most editor plugins, a "yoloClassifier" (1,495 lines) for auto-mode permission decisions, 2,600 lines of bash security paranoia covering everything from zsh =cmd expansion to heredoc injection, and whimsical touches like medieval-English documentation warnings and hex-encoded species names to avoid leaking internal model codenames. Anthropic stated: "No sensitive customer data or credentials were involved or exposed. This was a release packaging issue caused by human error." [1][2][3]

  • Claude Code users across Pro, Max, and Team plans are reporting that usage limits are being exhausted dramatically faster than normal, with some claiming a single prompt costs 10% of their session limit. Anthropic acknowledged the issue on Reddit, writing "We're aware people are hitting usage limits in Claude Code way faster than expected" and calling it "the top priority for the team." One community member identified two prompt cache bugs after reverse-engineering the binary, claiming they silently inflate costs by 10–20x by breaking cache history and forcing full reprocessing. Anthropic's Thariq Shihipar responded that they are "actively looking into this in particular, but not sure it's real yet." The issue follows Anthropic's recent decision to reduce quotas during peak hours and a two-week promotion doubling off-peak limits. Notably, Anthropic still does not publish exact usage allowances for any plan. [5]

  • JetBrains launched JetBrains Central, a governance and execution platform for AI agent workflows, with VP Oleg Koverznev arguing that enterprises are about to repeat the cloud ROI crisis with AI agents. JetBrains' AI Pulse survey of 11,000 developers found 90% already use AI at work and 66% of companies plan to adopt coding agents within 12 months, but only 13% report using AI across the full software development lifecycle. "Code generation is cheap and no longer a bottleneck. The real challenge is aligning outcomes with intent, along with managing the growing operational and economic complexity of agent-driven work," Koverznev wrote. The platform aggregates context from codebases, architecture, and delivery infrastructure to give agents system-level understanding, and integrates with Slack, Atlassian, and Linear. Organizations can plug in external agents — Claude, Codex, or Gemini CLI — via the Agent Communication Protocol without lock-in. Pricing is a fixed per-seat subscription for governance plus pay-as-you-go for agentic execution. [6]

  • Cursor now lets companies run its cloud coding agents inside their own infrastructure, reversing the model of bringing code to the agent. Self-hosted agents interact directly with internal services, dependencies, and network-restricted resources without exposing internal infrastructure externally — while Cursor's cloud still handles planning and coordination. The move addresses months of user requests and positions Cursor for regulated industries and enterprises with strict code-handling policies. Cursor says over two-thirds of the Fortune 500 use its platform, and the feature already has production adoption at Notion and Brex. Self-hosted agents currently support up to 10 workers per user and 50 per team, with larger deployments on request. The announcement comes amid intensifying competition and scrutiny over Cursor's Composer 2, which was built on Moonshot AI's Kimi K2.5 without initial disclosure. [4]

  • OpenAI closed a record $122 billion funding round at an $852 billion valuation, explicitly citing growing demand for Codex and enterprise AI as drivers. The round, led by Amazon, Nvidia, and SoftBank, is the largest ever for a private company and opens the door to retail investors for the first time as an IPO nears. The announcement specifically frames Codex — OpenAI's AI coding agent — alongside ChatGPT as a primary growth engine, signaling the company's deepening bet on developer tooling as a revenue pillar. [7]

  • Engineering patterns for AI-assisted development are maturing, with a shift toward specification-driven development and structured agent workflows. Paul Duvall's library of engineering patterns for AI-assisted development emphasizes grounding high-quality delivery in disciplined engineering practices. Related discussions from Paul Stack and Gergely Orosz highlight how teams are moving toward "remixing" — using AI to transform specifications into working code rather than generating from scratch — representing a broader industry recalibration on how AI coding tools fit into professional workflows. [15]

Feature Update

  • GitHub Copilot CLI v1.0.14 released with 27 improvements spanning BYOM, MCP servers, SDK, and performance. Images are now correctly sent to Anthropic models when using Bring Your Own Model. SDK session participants can respond to elicitation requests via a new handlePendingElicitation API, and the exit_plan_mode.requested event is now always emitted. MCP servers using Microsoft Entra ID authentication no longer show consent screens on every login, OAuth works in ACP mode, and registry lookups gain automatic retries with timeouts. Performance is significantly improved: CLI startup runs terminal detection, auth, and git operations in parallel, and V8 compile cache reduces parse and compile time on repeated invocations. The grep tool now handles large files without running out of memory, CPU usage during streaming is reduced via optimized spinner rendering, and support for gemini-3-pro-preview was removed. [8]

  • GitHub Copilot CLI v1.0.15-0 pre-release fixes two issues: MCP servers that are slow to connect no longer block the agent from starting, and pasting images from the Windows clipboard now works in WSL environments. [9]

  • OpenAI Codex v0.118.0 released with new sandbox, authentication, and CLI workflow features. Windows sandbox runs can now enforce proxy-only networking with OS-level egress rules instead of relying on environment variables alone. App-server clients gain ChatGPT sign-in via a device code flow for environments where browser callbacks are unreliable. codex exec now supports prompt-plus-stdin, allowing piped input alongside a separate prompt on the command line. Custom model providers can fetch and refresh short-lived bearer tokens dynamically. Bug fixes address project-local .codex file protection on first creation, Linux sandbox bwrap reliability on multi-entry PATHs, and several app-server TUI regressions including hook notifications, /copy, /resume, and the skills picker. [10]

  • OpenCode shipped three releases in a single day (v1.3.10, v1.3.11, v1.3.12), advancing subagent UX, provider support, and plugin safety. v1.3.10 keeps subagent tool calls clickable while pending and hardens storage migration reliability. v1.3.11 adds a dedicated system prompt for Kimi models, improves TUI terminal output passthrough, and pins explicit plugin versions during install while blocking package install scripts from running. v1.3.12 enables prompt caching and cache token tracking for Google Vertex Anthropic and fixes Azure provider options after the AI SDK v6 migration. [11][12][13]

  • Gemini CLI v0.36.0-preview.7 released, continuing the v0.36.0 preview series that introduces multi-registry architecture, subagent tool filtering, and native platform sandboxing. The v0.36.0 preview line includes major additions: subagent local execution and tool isolation, strict macOS sandboxing using Seatbelt allowlists, native Windows sandboxing, Git worktree support for isolated parallel sessions, admin-forced MCP server installations, an experimental memory manager agent replacing the save_memory tool, a model-driven parallel tool scheduler, and a refreshed Composer layout UX. [14]