A Filename in Your Git History Silently Hijacks Your Claude Billing
Someone discovered that if your git repository's recent commit history contains the case-sensitive string HERMES.md, Claude Code silently routes your API requests to "extra usage" billing instead of your included Max plan quota. You don't get a warning. You don't get asked. Your requests just start costing money they shouldn't.
The issue landed with 45 reactions, 42 of them negative. The ratio tells the story: this isn't users confused by a feature, it's users who feel deceived by one. The speculation in the thread is that HERMES is an internal flag or test identifier that leaked into production routing logic.
Anthropic closed the issue. No public explanation of why a filename in your commit history has anything to do with how you get billed. The thread reads like a group of people discovering a trapdoor in the floor of a house they're paying rent on.
Between this and the telemetry-cache discovery (see below), it's been a rough week for trust in Claude Code's billing transparency.
"On April 9,-- anthropics/claude-code #45596, opening line of a 1,758-reaction plea/buddyvanished from Claude Code v2.1.97. No changelog mention. No farewell. One day we had a companion -- the next,Unknown skill: buddy."
1,758 Developers Sign a Plea to Bring Back /buddy
Anthropic silently removed the /buddy skill from Claude Code in v2.1.97. No deprecation notice, no changelog entry. The community response was immediate and overwhelming: 1,758 reactions and 220 comments, making it the most-reacted issue in Claude Code's history.
The thread reads like a eulogy. Users describing how /buddy changed their workflow, sharing screenshots, asking what they did wrong. Only 4 negative reactions. This is pure grief.
Qwen Guts Free Tier: 98% Negative Reactions and Counting
Qwen proposed slashing the free tier from 1,000 requests/day to 100, while simultaneously increasing paid plan prices. The community's response: 232 out of 237 reactions are negative. That's a 98% disapproval rate. The thread is 120 comments of users calculating exactly how useless 100 requests/day would be for any real coding workflow.
The proposal is still marked "open." The reactions are still climbing.
Opt Out of Telemetry? Enjoy Your 5-Minute Cache.
Users discovered that disabling telemetry in Claude Code also disables the 1-hour prompt cache TTL, dropping it to 5 minutes. Opt out of tracking, and your tool gets slower and more expensive. 167 reactions, 57 of them negative. Anthropic locked the thread and closed the issue.
The locking is doing a lot of work here. 34% negative on a locked, closed issue means the conversation wasn't over when Anthropic decided it was.
EU's Digital Identity Wallet Has No Root Detection. None.
The EU's official digital identity wallet app performs no check for rooted devices, emulators, or tampered environments before letting you access wallet credentials. Someone filed a security issue about it. 41 out of 43 reactions are negative. The app is supposed to hold your national ID.
40 comments of security researchers explaining, with increasing disbelief, why this matters.
"rewrite in python 😂"-- Nightmare-Eclipse/RedSun #3, filed against a Windows Defender SYSTEM-level exploit (83% negative, 4 comments)
GitHub Admits PRs "May Have Been Merged Incorrectly" During Outage
On April 23, during a service degradation, GitHub posted that pull requests may have been merged incorrectly between 16:05 and 20:43 UTC. Four and a half hours where the merge button may have lied to you. The discussion is new and the full impact isn't clear yet, but "your merges might be wrong" is a sentence nobody wants to read.
"github-advanced-security's AI Label Is Going to Scare Off My Users"
A maintainer noticed that GitHub Advanced Security slaps an "AI" label on certain findings. Their concern: users will see "AI" and assume the tool is hallucinating, not that it found a real vulnerability. The branding problem nobody on the product team thought about.
"Abuse or Over-Aggressive Monitoring?" -- 18 Comments and Growing
A maintainer is questioning whether GitHub's abuse detection is catching real bad actors or just flagging normal activity. 18 comments of other maintainers sharing their own experiences with false positives. The thread is a slow burn of accumulated frustration.
New Win: You Can Finally Disable Commit Comments at the Org Level
After years of maintainers begging for it, GitHub shipped the ability to disable commit comments at the org level. 10 upvotes, which for a "we fixed the thing" post is solid. One of the tiny wins that makes the daily grind slightly less grindy.