They forgot the single most important (bad) choice. Claude Code chooses npm. All the time. For everything. I noted the Claude Code lead dev has a full line in AGENTS.md/CLAUDE.md - "Use bun." Yes. Please. Please, use bun. I beg you.
They forgot the single most important (bad) choice. Claude Code chooses npm. All the time. For everything. I noted the Claude Code lead dev has a full line in AGENTS.md/CLAUDE.md - "Use bun." Yes. Please. Please, use bun. I beg you.
Yup don't expect up-to-date practices and always come with the expectations that your security will be flawed.
gemini 3 deepthink + 5.3 xxhigh code audits catch a lot. Materially better than six months ago on the security side.
Also, yes. Still something that needs expert oversight.
This is at the top of my ~/.claude/CLAUDE.md. Always use bun for web projects, uv for python.