[BUG] CC crashes with new release of Nodejs v25
Open 💬 14 comments Opened Oct 16, 2025 by arimxyer
Preflight Checklist
- [x] I have searched existing issues and this hasn't been reported yet
- [x] This is a single bug report (please file separate reports for different bugs)
- [x] I am using the latest version of Claude Code
What's Wrong?
Error reads: TypeError: Cannot read properties of undefined (reading 'prototype').
CC's dependency chain includes packages that rely on the deprecated SlowBuffer API, which has been removed (marked as "End-of-Life") in Node.js v25.0.0 per DEP0030.
Node.js Reference:
• Official Deprecation Doc: DEP0030
• Node.js v25.0.0 just released (October 15, 2025)
What Should Happen?
It should launch :)
Error Messages/Logs
Command input:
claude
exit_code: 1
Command output:
file:///C:/Users/[username]/scoop/persist/nodejs/bin/node_modules/@anthropic-ai/claude-code/cli.js:634
`),Q.code=Z.error.code,Q.errors=Z.error.errors;else Q.message=Z.error.message,Q.code=Z.error.code;else if(B&&B.status>=400)Q.message=Z,Q.status=B.status;return Q}}qm2.DefaultTransporter=KI1;KI1.USER_AGENT=`${Em2}/${PW6.version}`});var T21=U((VE0,Lm2)=>{/*! safe-buffer. MIT License. Feross Aboukhadijeh <https://feross.org/opensource> */var Yb1=H1("buffer"),$T=Yb1.Buffer;function Nm2(A,B){for(var Q in A)B[Q]=A[Q]}if($T.from&&$T.alloc&&$T.allocUnsafe&&$T.allocUnsafeSlow)Lm2.exports=Yb1;else Nm2(Yb1,VE0),VE0.Buffer=Cp;function Cp(A,B,Q){return $T(A,B,Q)}Cp.prototype=Object.create($T.prototype);Nm2($T,Cp);Cp.from=function(A,B,Q){if(typeof A==="number")throw TypeError("Argument must not be a number");return $T(A,B,Q)};Cp.alloc=function(A,B,Q){if(typeof A!=="number")throw TypeError("Argument must be a number");var Z=$T(A);if(B!==void 0)if(typeof Q==="string")Z.fill(B,Q);else Z.fill(B);else Z.fill(0);return Z};Cp.allocUnsafe=function(A){if(typeof A!=="number")throw TypeError("Argument must be a number");return $T(A)};Cp.allocUnsafeSlow=function(A){if(typeof A!=="number")throw TypeError("Argument must be a number");return Yb1.SlowBuffer(A)}});var Om2=U((_T3,Mm2)=>{function DE0(A){var B=(A/8|0)+(A%8===0?0:1);return B}var jW6={ES256:DE0(256),ES384:DE0(384),ES512:DE0(521)};function SW6(A){var B=jW6[A];if(B)return B;throw Error('Unknown algorithm "'+A+'"')}Mm2.exports=SW6});var KE0=U((xT3,ym2)=>{var Wb1=T21().Buffer,Tm2=Om2(),Jb1=128,Pm2=0,yW6=32,kW6=16,_W6=2,jm2=kW6|yW6|Pm2<<6,Ib1=_W6|Pm2<<6;function xW6(A){return A.replace(/=/g,"").replace(/\+/g,"-").replace(/\//g,"_")}function Sm2(A){if(Wb1.isBuffer(A))return A;else if(typeof A==="string")return Wb1.from(A,"base64");throw TypeError("ECDSA signature must be a Base64 string or a Buffer")}function vW6(A,B){A=Sm2(A);var Q=Tm2(B),Z=Q+1,G=A.length,Y=0;if(A[Y++]!==jm2)throw Error('Could not find expected "seq"');var W=A[Y++];if(W===(Jb1|1))W=A[Y++];if(G-Y<W)throw Error('"seq" specified length of "'+W+'", only "'+(G-Y)+'" remaining');if(A[Y++]!==Ib1)throw Error('Could not find expected "int" for "r"');var J=A[Y++];if(G-Y-2<J)throw Error('"r" specified length of "'+J+'", only "'+(G-Y-2)+'" available');if(Z<J)throw Error('"r" specified length of "'+J+'", max of "'+Z+'" is acceptable');var I=Y;if(Y+=J,A[Y++]!==Ib1)throw Error('Could not find expected "int" for "s"');var X=A[Y++];if(G-Y!==X)throw Error('"s" specified length of "'+X+'", expected "'+(G-Y)+'"');if(Z<X)throw Error('"s" specified length of "'+X+'", max of "'+Z+'" is acceptable');var F=Y;if(Y+=X,Y!==G)throw Error('Expected to consume entire buffer, but "'+(G-Y)+'" bytes remain');var V=Q-J,D=Q-X,K=Wb1.allocUnsafe(V+J+D+X);for(Y=0;Y<V;++Y)K[Y]=0;A.copy(K,Y,I+Math.max(-V,0),I+J),Y=Q;for(var H=Y;Y<H+D;++Y)K[Y]=0;return A.copy(K,Y,F+Math.max(-D,0),F+X),K=K.toString("base64"),K=xW6(K),K}function Rm2(A,B,Q){var Z=0;while(B+Z<Q&&A[B+Z]===0)++Z;var G=A[B+Z]>=Jb1;if(G)--Z;return Z}function bW6(A,B){A=Sm2(A);var Q=Tm2(B),Z=A.length;if(Z!==Q*2)throw TypeError('"'+B+'" signatures must be "'+Q*2+'" bytes, saw "'+Z+'"');var G=Rm2(A,0,Q),Y=Rm2(A,Q,A.length),W=Q-G,J=Q-Y,I=2+W+1+1+J,X=I<Jb1,F=Wb1.allocUnsafe((X?2:3)+I),V=0;if(F[V++]=jm2,X)F[V++]=I;else F[V++]=Jb1|1,F[V++]=I&255;if(F[V++]=Ib1,F[V++]=W,G<0)F[V++]=0,V+=A.copy(F,V,0,Q);else V+=A.copy(F,V,G,Q);if(F[V++]=Ib1,F[V++]=J,Y<0)F[V++]=0,A.copy(F,V,Q);else A.copy(F,V,Q+Y);return F}ym2.exports={derToJose:vW6,joseToDer:bW6}});var Eh=U(($h)=>{var NL=$h&&$h.__classPrivateFieldGet||function(A,B,Q,Z){if(Q==="a"&&!Z)throw TypeError("Private accessor was defined without a getter");if(typeof B==="function"?A!==B||!Z:!B.has(A))throw TypeError("Cannot read private member from an object whose class did not declare it");return Q==="m"?Z:Q==="a"?Z.call(A):Z?Z.value:B.get(A)},P21,Yk,HE0,zE0;Object.defineProperty($h,"__esModule",{value:!0});$h.LRUCache=void 0;$h.snakeToCamel=km2;$h.originalOrCamelOptions=fW6;function km2(A){return A.replace(/([_][^_])/g,(B)=>B.slice(1).toUpperCase())}function fW6(A){function B(Q){var Z;let G=A||{};return(Z=G[Q])!==null&&Z!==void 0?Z:G[km2(Q)]}return{get:B}}class _m2{constructor(A){P21.add(this),Yk.set(this,new Map),this.capacity=A.capacity,this.maxAge=A.maxAge}set(A,B){NL(this,P21,"m",HE0).call(this,A,B),NL(this,P21,"m",zE0).call(this)}get(A){let B=NL(this,Yk,"f").get(A);if(!B)return;return NL(this,P21,"m",HE0).call(this,A,B.value),NL(this,P21,"m",zE0).call(this),B.value}}$h.LRUCache=_m2;Yk=new WeakMap,P21=new WeakSet,HE0=function(B,Q){NL(this,Yk,"f").delete(B),NL(this,Yk,"f").set(B,{value:Q,lastAccessed:Date.now()})},zE0=function(){let B=this.maxAge?Date.now()-this.maxAge:0,Q=NL(this,Yk,"f").entries().next();while(!Q.done&&(NL(this,Yk,"f").size>this.capacity||Q.value[1].lastAccessed<B))NL(this,Yk,"f").delete(Q.value[0]),Q=NL(this,Yk,"f").entries().next()}});var ET=U((fm2)=>{Object.defineProperty(fm2,"__esModule",{value:!0});fm2.AuthClient=fm2.DEFAULT_EAGER_REFRESH_THRESHOLD_MILLIS=fm2.DEFAULT_UNIVERSE=void 0;var hW6=H1("events"),xm2=qL(),vm2=HI1(),gW6=Eh();fm2.DEFAULT_UNIVERSE="googleapis.com";fm2.DEFAULT_EAGER_REFRESH_THRESHOLD_MILLIS=300000;class bm2 extends hW6.EventEmitter{constructor(A={}){var B,Q,Z,G,Y;super();this.credentials={},this.eagerRefreshThresholdMillis=fm2.DEFAULT_EAGER_REFRESH_THRESHOLD_MILLIS,this.forceRefreshOnFailure=!1,this.universeDomain=fm2.DEFAULT_UNIVERSE;let W=(0,gW6.originalOrCamelOptions)(A);if(this.apiKey=A.apiKey,this.projectId=(B=W.get("project_id"))!==null&&B!==void 0?B:null,this.quotaProjectId=W.get("quota_project_id"),this.credentials=(Q=W.get("credentials"))!==null&&Q!==void 0?Q:{},this.universeDomain=(Z=W.get("universe_domain"))!==null&&Z!==void 0?Z:fm2.DEFAULT_UNIVERSE,this.transporter=(G=A.transporter)!==null&&G!==void 0?G:new vm2.DefaultTransporter,A.transporterOptions)this.transporter.defaults=A.transporterOptions;if(A.eagerRefreshThresholdMillis)this.eagerRefreshThresholdMillis=A.eagerRefreshThresholdMillis;this.forceRefreshOnFailure=(Y=A.forceRefreshOnFailure)!==null&&Y!==void 0?Y:!1}get gaxios(){if(this.transporter instanceof xm2.Gaxios)return this.transporter;else if(this.transporter instanceof vm2.DefaultTransporter)return this.transporter.instance;else if("instance"in this.transporter&&this.transporter.instance instanceof xm2.Gaxios)return this.transporter.instance;return null}setCredentials(A){this.credentials=A}addSharedMetadataHeaders(A){if(!A["x-goog-user-project"]&&this.quotaProjectId)A["x-goog-user-project"]=this.quotaProjectId;return A}static get RETRY_CONFIG(){return{retry:!0,retryConfig:{httpMethodsToRetry:["GET","PUT","POST","HEAD","OPTIONS","DELETE"]}}}}fm2.AuthClient=bm2});var UE0=U((mm2)=>{Object.defineProperty(mm2,"__esModule",{value:!0});mm2.LoginTicket=void 0;class um2{constructor(A,B){this.envelope=A,this.payload=B}getEnvelope(){return this.envelope}getPayload(){return this.payload}getUserId(){let A=this.getPayload();if(A&&A.sub)return A.sub;return null}getAttributes(){return{envelope:this.getEnvelope(),payload:this.getPayload()}}}mm2.LoginTicket=um2});var Up=U((lm2)=>{Object.defineProperty(lm2,"__esModule",{value:!0});lm2.OAuth2Client=lm2.ClientAuthentication=lm2.CertificateFormat=lm2.CodeChallengeMethod=void 0;var uW6=qL(),$E0=H1("querystring"),mW6=H1("stream"),dW6=KE0(),EE0=O21(),cW6=ET(),lW6=UE0(),cm2;(function(A){A.Plain="plain",A.S256="S256"})(cm2||(lm2.CodeChallengeMethod=cm2={}));var Wk;(function(A){A.PEM="PEM",A.JWK="JWK"})(Wk||(lm2.CertificateFormat=Wk={}));var zI1;(function(A){A.ClientSecretPost="ClientSecretPost",A.ClientSecretBasic="ClientSecretBasic",A.None="None"})(zI1||(lm2.ClientAuthentication=zI1={}));class TK extends cW6.AuthClient{constructor(A,B,Q){let Z=A&&typeof A==="object"?A:{clientId:A,clientSecret:B,redirectUri:Q};super(Z);this.certificateCache={},this.certificateExpiry=null,this.certificateCacheFormat=Wk.PEM,this.refreshTokenPromises=new Map,this._clientId=Z.clientId,this._clientSecret=Z.clientSecret,this.redirectUri=Z.redirectUri,this.endpoints={tokenInfoUrl:"https://oauth2.googleapis.com/tokeninfo",oauth2AuthBaseUrl:"https://accounts.google.com/o/oauth2/v2/auth",oauth2TokenUrl:"https://oauth2.googleapis.com/token",oauth2RevokeUrl:"https://oauth2.googleapis.com/revoke",oauth2FederatedSignonPemCertsUrl:"https://www.googleapis.com/oauth2/v1/certs",oauth2FederatedSignonJwkCertsUrl:"https://www.googleapis.com/oauth2/v3/certs",oauth2IapPublicKeyUrl:"https://www.gstatic.com/iap/verify/public_key",...Z.endpoints},this.clientAuthentication=Z.clientAuthentication||zI1.ClientSecretPost,this.issuers=Z.issuers||["accounts.google.com","https://accounts.google.com",this.universeDomain]}generateAuthUrl(A={}){if(A.code_challenge_method&&!A.code_challenge)throw Error("If a code_challenge_method is provided, code_challenge must be included.");if(A.response_type=A.response_type||"code",A.client_id=A.client_id||this._clientId,A.redirect_uri=A.redirect_uri||this.redirectUri,Array.isArray(A.scope))A.scope=A.scope.join(" ");return this.endpoints.oauth2AuthBaseUrl.toString()+"?"+$E0.stringify(A)}generateCodeVerifier(){throw Error("generateCodeVerifier is removed, please use generateCodeVerifierAsync instead.")}async generateCodeVerifierAsync(){let A=(0,EE0.createCrypto)(),Q=A.randomBytesBase64(96).replace(/\+/g,"~").replace(/=/g,"_").replace(/\//g,"-"),G=(await A.sha256DigestBase64(Q)).split("=")[0].replace(/\+/g,"-").replace(/\//g,"_");return{codeVerifier:Q,codeChallenge:G}}getToken(A,B){let Q=typeof A==="string"?{code:A}:A;if(B)this.getTokenAsync(Q).then((Z)=>B(null,Z.tokens,Z.res),(Z)=>B(Z,null,Z.response));else return this.getTokenAsync(Q)}async getTokenAsync(A){let B=this.endpoints.oauth2TokenUrl.toString(),Q={"Content-Type":"application/x-www-form-urlencoded"},Z={client_id:A.client_id||this._clientId,code_verifier:A.codeVerifier,code:A.code,grant_type:"authorization_code",redirect_uri:A.redirect_uri||this.redirectUri};if(this.clientAuthentication===zI1.ClientSecretBasic){let W=Buffer.from(`${this._clientId}:${this._clientSecret}`);Q.Authorization=`Basic ${W.toString("base64")}`}if(this.clientAuthentication===zI1.ClientSecretPost)Z.client_secret=this._clientSecret;let G=await this.transporter.request({...TK.RETRY_CONFIG,method:"POST",url:B,data:$E0.stringify(Z),headers:Q}),Y=G.data;if(G.data&&G.data.expires_in)Y.expiry_date=new Date().getTime()+G.data.expires_in*1000,delete Y.expires_in;return this.emit("tokens",Y),{tokens:Y,res:G}}async refreshToken(A){if(!A)return this.refreshTokenNoCache(A);if(this.refreshTokenPromises.has(A))return this.refreshTokenPromises.get(A);let B=this.refreshTokenNoCache(A).then((Q)=>{return this.refreshTokenPromises.delete(A),Q},(Q)=>{throw this.refreshTokenPromises.delete(A),Q});return this.refreshTokenPromises.set(A,B),B}async refreshTokenNoCache(A){var B;if(!A)throw Error("No refresh token is set.");let Q=this.endpoints.oauth2TokenUrl.toString(),Z={refresh_token:A,client_id:this._clientId,client_secret:this._clientSecret,grant_type:"refresh_token"},G;try{G=await this.transporter.request({...TK.RETRY_CONFIG,method:"POST",url:Q,data:$E0.stringify(Z),headers:{"Content-Type":"application/x-www-form-urlencoded"}})}catch(W){if(W instanceof uW6.GaxiosError&&W.message==="invalid_grant"&&((B=W.response)===null||B===void 0?void 0:B.data)&&/ReAuth/i.test(W.response.data.error_description))W.message=JSON.stringify(W.response.data);throw W}let Y=G.data;if(G.data&&G.data.expires_in)Y.expiry_date=new Date().getTime()+G.data.expires_in*1000,delete Y.expires_in;return this.emit("tokens",Y),{tokens:Y,res:G}}refreshAccessToken(A){if(A)this.refreshAccessTokenAsync().then((B)=>A(null,B.credentials,B.res),A);else return this.refreshAccessTokenAsync()}async refreshAccessTokenAsync(){let A=await this.refreshToken(this.credentials.refresh_token),B=A.tokens;return B.refresh_token=this.credentials.refresh_token,this.credentials=B,{credentials:this.credentials,res:A.res}}getAccessToken(A){if(A)this.getAccessTokenAsync().then((B)=>A(null,B.token,B.res),A);else return this.getAccessTokenAsync()}async getAccessTokenAsync(){if(!this.credentials.access_token||this.isTokenExpiring()){if(!this.credentials.refresh_token)if(this.refreshHandler){let Q=await this.processAndValidateRefreshHandler();if(Q===null||Q===void 0?void 0:Q.access_token)return this.setCredentials(Q),{token:this.credentials.access_token}}else throw Error("No refresh token or refresh handler callback is set.");let B=await this.refreshAccessTokenAsync();if(!B.credentials||B.credentials&&!B.credentials.access_token)throw Error("Could not refresh access token.");return{token:B.credentials.access_token,res:B.res}}else return{token:this.credentials.access_token}}async getRequestHeaders(A){return(await this.getRequestMetadataAsync(A)).headers}async getRequestMetadataAsync(A){let B=this.credentials;if(!B.access_token&&!B.refresh_token&&!this.apiKey&&!this.refreshHandler)throw Error("No access, refresh token, API key or refresh handler callback is set.");if(B.access_token&&!this.isTokenExpiring()){B.token_type=B.token_type||"Bearer";let W={Authorization:B.token_type+" "+B.access_token};return{headers:this.addSharedMetadataHeaders(W)}}if(this.refreshHandler){let W=await this.processAndValidateRefreshHandler();if(W===null||W===void 0?void 0:W.access_token){this.setCredentials(W);let J={Authorization:"Bearer "+this.credentials.access_token};return{headers:this.addSharedMetadataHeaders(J)}}}if(this.apiKey)return{headers:{"X-Goog-Api-Key":this.apiKey}};let Q=null,Z=null;try{Q=await this.refreshToken(B.refresh_token),Z=Q.tokens}catch(W){let J=W;if(J.response&&(J.response.status===403||J.response.status===404))J.message=`Could not refresh access token: ${J.message}`;throw J}let G=this.credentials;G.token_type=G.token_type||"Bearer",Z.refresh_token=G.refresh_token,this.credentials=Z;let Y={Authorization:G.token_type+" "+Z.access_token};return{headers:this.addSharedMetadataHeaders(Y),res:Q.res}}static getRevokeTokenUrl(A){return new TK().getRevokeTokenURL(A).toString()}getRevokeTokenURL(A){let B=new URL(this.endpoints.oauth2RevokeUrl);return B.searchParams.append("token",A),B}revokeToken(A,B){let Q={...TK.RETRY_CONFIG,url:this.getRevokeTokenURL(A).toString(),method:"POST"};if(B)this.transporter.request(Q).then((Z)=>B(null,Z),B);else return this.transporter.request(Q)}revokeCredentials(A){if(A)this.revokeCredentialsAsync().then((B)=>A(null,B),A);else return this.revokeCredentialsAsync()}async revokeCredentialsAsync(){let A=this.credentials.access_token;if(this.credentials={},A)return this.revokeToken(A);else throw Error("No access token to revoke.")}request(A,B){if(B)this.requestAsync(A).then((Q)=>B(null,Q),(Q)=>{return B(Q,Q.response)});else return this.requestAsync(A)}async requestAsync(A,B=!1){let Q;try{let Z=await this.getRequestMetadataAsync(A.url);if(A.headers=A.headers||{},Z.headers&&Z.headers["x-goog-user-project"])A.headers["x-goog-user-project"]=Z.headers["x-goog-user-project"];if(Z.headers&&Z.headers.Authorization)A.headers.Authorization=Z.headers.Authorization;if(this.apiKey)A.headers["X-Goog-Api-Key"]=this.apiKey;Q=await this.transporter.request(A)}catch(Z){let G=Z.response;if(G){let Y=G.status,W=this.credentials&&this.credentials.access_token&&this.credentials.refresh_token&&(!this.credentials.expiry_date||this.forceRefreshOnFailure),J=this.credentials&&this.credentials.access_token&&!this.credentials.refresh_token&&(!this.credentials.expiry_date||this.forceRefreshOnFailure)&&this.refreshHandler,I=G.config.data instanceof mW6.Readable,X=Y===401||Y===403;if(!B&&X&&!I&&W)return await this.refreshAccessTokenAsync(),this.requestAsync(A,!0);else if(!B&&X&&!I&&J){let F=await this.processAndValidateRefreshHandler();if(F===null||F===void 0?void 0:F.access_token)this.setCredentials(F);return this.requestAsync(A,!0)}}throw Z}return Q}verifyIdToken(A,B){if(B&&typeof B!=="function")throw Error("This method accepts an options object as the first parameter, which includes the idToken, audience, and maxExpiry.");if(B)this.verifyIdTokenAsync(A).then((Q)=>B(null,Q),B);else return this.verifyIdTokenAsync(A)}async verifyIdTokenAsync(A){if(!A.idToken)throw Error("The verifyIdToken method requires an ID Token");let B=await this.getFederatedSignonCertsAsync();return await this.verifySignedJwtWithCertsAsync(A.idToken,B.certs,A.audience,this.issuers,A.maxExpiry)}async getTokenInfo(A){let{data:B}=await this.transporter.request({...TK.RETRY_CONFIG,method:"POST",headers:{"Content-Type":"application/x-www-form-urlencoded",Authorization:`Bearer ${A}`},url:this.endpoints.tokenInfoUrl.toString()}),Q=Object.assign({expiry_date:new Date().getTime()+B.expires_in*1000,scopes:B.scope.split(" ")},B);return delete Q.expires_in,delete Q.scope,Q}getFederatedSignonCerts(A){if(A)this.getFederatedSignonCertsAsync().then((B)=>A(null,B.certs,B.res),A);else return this.getFederatedSignonCertsAsync()}async getFederatedSignonCertsAsync(){let A=new Date().getTime(),B=(0,EE0.hasBrowserCrypto)()?Wk.JWK:Wk.PEM;if(this.certificateExpiry&&A<this.certificateExpiry.getTime()&&this.certificateCacheFormat===B)return{certs:this.certificateCache,format:B};let Q,Z;switch(B){case Wk.PEM:Z=this.endpoints.oauth2FederatedSignonPemCertsUrl.toString();break;case Wk.JWK:Z=this.endpoints.oauth2FederatedSignonJwkCertsUrl.toString();break;default:throw Error(`Unsupported certificate format ${B}`)}try{Q=await this.transporter.request({...TK.RETRY_CONFIG,url:Z})}catch(I){if(I instanceof Error)I.message=`Failed to retrieve verification certificates: ${I.message}`;throw I}let G=Q?Q.headers["cache-control"]:void 0,Y=-1;if(G){let X=new RegExp("max-age=([0-9]*)").exec(G);if(X&&X.length===2)Y=Number(X[1])*1000}let W={};switch(B){case Wk.PEM:W=Q.data;break;case Wk.JWK:for(let I of Q.data.keys)W[I.kid]=I;break;default:throw Error(`Unsupported certificate format ${B}`)}let J=new Date;return this.certificateExpiry=Y===-1?null:new Date(J.getTime()+Y),this.certificateCache=W,this.certificateCacheFormat=B,{certs:W,format:B,res:Q}}getIapPublicKeys(A){if(A)this.getIapPublicKeysAsync().then((B)=>A(null,B.pubkeys,B.res),A);else return this.getIapPublicKeysAsync()}async getIapPublicKeysAsync(){let A,B=this.endpoints.oauth2IapPublicKeyUrl.toString();try{A=await this.transporter.request({...TK.RETRY_CONFIG,url:B})}catch(Q){if(Q instanceof Error)Q.message=`Failed to retrieve verification certificates: ${Q.message}`;throw Q}return{pubkeys:A.data,res:A}}verifySignedJwtWithCerts(){throw Error("verifySignedJwtWithCerts is removed, please use verifySignedJwtWithCertsAsync instead.")}async verifySignedJwtWithCertsAsync(A,B,Q,Z,G){let Y=(0,EE0.createCrypto)();if(!G)G=TK.DEFAULT_MAX_TOKEN_LIFETIME_SECS_;let W=A.split(".");if(W.length!==3)throw Error("Wrong number of segments in token: "+A);let J=W[0]+"."+W[1],I=W[2],X,F;try{X=JSON.parse(Y.decodeBase64StringUtf8(W[0]))}catch(N){if(N instanceof Error)N.message=`Can't parse token envelope: ${W[0]}': ${N.message}`;throw N}if(!X)throw Error("Can't parse token envelope: "+W[0]);try{F=JSON.parse(Y.decodeBase64StringUtf8(W[1]))}catch(N){if(N instanceof Error)N.message=`Can't parse token payload '${W[0]}`;throw N}if(!F)throw Error("Can't parse token payload: "+W[1]);if(!Object.prototype.hasOwnProperty.call(B,X.kid))throw Error("No pem found for envelope: "+JSON.stringify(X));let V=B[X.kid];if(X.alg==="ES256")I=dW6.joseToDer(I,"ES256").toString("base64");if(!await Y.verify(V,J,I))throw Error("Invalid token signature: "+A);if(!F.iat)throw Error("No issue time in token: "+JSON.stringify(F));if(!F.exp)throw Error("No expiration time in token: "+JSON.stringify(F));let K=Number(F.iat);if(isNaN(K))throw Error("iat field using invalid format");let H=Number(F.exp);if(isNaN(H))throw Error("exp field using invalid format");let z=new Date().getTime()/1000;if(H>=z+G)throw Error("Expiration time too far in future: "+JSON.stringify(F));let C=K-TK.CLOCK_SKEW_SECS_,E=H+TK.CLOCK_SKEW_SECS_;if(z<C)throw Error("Token used too early, "+z+" < "+C+": "+JSON.stringify(F));if(z>E)throw Error("Token used too late, "+z+" > "+E+": "+JSON.stringify(F));if(Z&&Z.indexOf(F.iss)<0)throw Error("Invalid issuer, expected one of ["+Z+"], but got "+F.iss);if(typeof Q<"u"&&Q!==null){let N=F.aud,L=!1;if(Q.constructor===Array)L=Q.indexOf(N)>-1;else L=N===Q;if(!L)throw Error("Wrong recipient, payload audience != requiredAudience")}return new lW6.LoginTicket(X,F)}async processAndValidateRefreshHandler(){if(this.refreshHandler){let A=await this.refreshHandler();if(!A.access_token)throw Error("No access token is returned by the refreshHandler callback.");return A}return}isTokenExpiring(){let A=this.credentials.expiry_date;return A?A<=new Date().getTime()+this.eagerRefreshThresholdMillis:!1}}lm2.OAuth2Client=TK;TK.GOOGLE_TOKEN_INFO_URL="https://oauth2.googleapis.com/tokeninfo";TK.CLOCK_SKEW_SECS_=300;TK.DEFAULT_MAX_TOKEN_LIFETIME_SECS_=86400});var qE0=U((am2)=>{Object.defineProperty(am2,"__esModule",{value:!0});am2.Compute=void 0;var aW6=qL(),im2=DI1(),sW6=Up();class nm2 extends sW6.OAuth2Client{constructor(A={}){super(A);this.credentials={expiry_date:1,refresh_token:"compute-placeholder"},this.serviceAccountEmail=A.serviceAccountEmail||"default",this.scopes=Array.isArray(A.scopes)?A.scopes:A.scopes?[A.scopes]:[]}async refreshTokenNoCache(A){let B=`service-accounts/${this.serviceAccountEmail}/token`,Q;try{let G={property:B};if(this.scopes.length>0)G.params={scopes:this.scopes.join(",")};Q=await im2.instance(G)}catch(G){if(G instanceof aW6.GaxiosError)G.message=`Could not refresh access token: ${G.message}`,this.wrapError(G);throw G}let Z=Q;if(Q&&Q.expires_in)Z.expiry_date=new Date().getTime()+Q.expires_in*1000,delete Z.expires_in;return this.emit("tokens",Z),{tokens:Z,res:null}}async fetchIdToken(A){let B=`service-accounts/${this.serviceAccountEmail}/identity?format=full&audience=${A}`,Q;try{let Z={property:B};Q=await im2.instance(Z)}catch(Z){if(Z instanceof Error)Z.message=`Could not fetch ID token: ${Z.message}`;throw Z}return Q}wrapError(A){let B=A.response;if(B&&B.status){if(A.status=B.status,B.status===403)A.message="A Forbidden error was returned while attempting to retrieve an access token for the Compute Engine built-in service account. This may be because the Compute Engine instance does not have the correct permission scopes specified: "+A.message;else if(B.status===404)A.message="A Not Found error was returned while attempting to retrieve an accesstoken for the Compute Engine built-in service account. This may be because the Compute Engine instance does not have any permission scopes specified: "+A.message}}}am2.Compute=nm2});var wE0=U((om2)=>{Object.defineProperty(om2,"__esModule",{value:!0});om2.IdTokenClient=void 0;var rW6=Up();class rm2 extends rW6.OAuth2Client{constructor(A){super(A);this.targetAudience=A.targetAudience,this.idTokenProvider=A.idTokenProvider}async getRequestMetadataAsync(A){if(!this.credentials.id_token||!this.credentials.expiry_date||this.isTokenExpiring()){let Q=await this.idTokenProvider.fetchIdToken(this.targetAudience);this.credentials={id_token:Q,expiry_date:this.getIdTokenExpiryDate(Q)}}return{headers:{Authorization:"Bearer "+this.credentials.id_token}}}getIdTokenExpiryDate(A){let B=A.split(".")[1];if(B)return JSON.parse(Buffer.from(B,"base64").toString("ascii")).exp*1000}}om2.IdTokenClient=rm2});var NE0=U((Ad2)=>{Object.defineProperty(Ad2,"__esModule",{value:!0});Ad2.GCPEnv=void 0;Ad2.clear=oW6;Ad2.getEnv=tW6;var em2=DI1(),Jk;(function(A){A.APP_ENGINE="APP_ENGINE",A.KUBERNETES_ENGINE="KUBERNETES_ENGINE",A.CLOUD_FUNCTIONS="CLOUD_FUNCTIONS",A.COMPUTE_ENGINE="COMPUTE_ENGINE",A.CLOUD_RUN="CLOUD_RUN",A.NONE="NONE"})(Jk||(Ad2.GCPEnv=Jk={}));var CI1;function oW6(){CI1=void 0}async function tW6(){if(CI1)return CI1;return CI1=eW6(),CI1}async function eW6(){let A=Jk.NONE;if(AJ6())A=Jk.APP_ENGINE;else if(BJ6())A=Jk.CLOUD_FUNCTIONS;else if(await GJ6())if(await ZJ6())A=Jk.KUBERNETES_ENGINE;else if(QJ6())A=Jk.CLOUD_RUN;else A=Jk.COMPUTE_ENGINE;else A=Jk.NONE;return A}function AJ6(){return!!(process.env.GAE_SERVICE||process.env.GAE_MODULE_NAME)}function BJ6(){return!!(process.env.FUNCTION_NAME||process.env.FUNCTION_TARGET)}function QJ6(){return!!process.env.K_CONFIGURATION}async function ZJ6(){try{return await em2.instance("attributes/cluster-name"),!0}catch(A){return!1}}async function GJ6(){return em2.isAvailable()}});var LE0=U((dT3,Qd2)=>{var Xb1=T21().Buffer,JJ6=H1("stream"),IJ6=H1("util");function Fb1(A){if(this.buffer=null,this.writable=!0,this.readable=!0,!A)return this.buffer=Xb1.alloc(0),this;if(typeof A.pipe==="function")return this.buffer=Xb1.alloc(0),A.pipe(this),this;if(A.length||typeof A==="object")return this.buffer=A,this.writable=!1,process.nextTick(function(){this.emit("end",A),this.readable=!1,this.emit("close")}.bind(this)),this;throw TypeError("Unexpected data type ("+typeof A+")")}IJ6.inherits(Fb1,JJ6);Fb1.prototype.write=function(B){this.buffer=Xb1.concat([this.buffer,Xb1.from(B)]),this.emit("data",B)};Fb1.prototype.end=function(B){if(B)this.write(B);this.emit("end",B),this.emit("close"),this.writable=!1,this.readable=!1};Qd2.exports=Fb1});var Gd2=U((cT3,Zd2)=>{var UI1=H1("buffer").Buffer,ME0=H1("buffer").SlowBuffer;Zd2.exports=Vb1;function Vb1(A,B){if(!UI1.isBuffer(A)||!UI1.isBuffer(B))return!1;if(A.length!==B.length)return!1;var Q=0;for(var Z=0;Z<A.length;Z++)Q|=A[Z]^B[Z];return Q===0}Vb1.install=function(){UI1.prototype.equal=ME0.prototype.equal=function(B){return Vb1(this,B)}};var XJ6=UI1.prototype.equal,FJ6=ME0.prototype.equal;Vb1.restore=function(){UI1.prototype.equal=XJ6,ME0.prototype.equal=FJ6}});var TE0=U((lT3,Kd2)=>{var VJ6=Gd2(),S21=T21().Buffer,qT=H1("crypto"),Wd2=KE0(),Yd2=H1("util"),DJ6=`"%s" is not a valid algorithm.
TypeError: Cannot read properties of undefined (reading 'prototype')
at file:///C:/Users/[username]/scoop/persist/nodejs/bin/node_modules/@anthropic-ai/claude-code/cli.js:634:25327
at file:///C:/Users/[username]/scoop/persist/nodejs/bin/node_modules/@anthropic-ai/claude-code/cli.js:8:402
at file:///C:/Users/[username]/scoop/persist/nodejs/bin/node_modules/@anthropic-ai/claude-code/cli.js:634:25447
at file:///C:/Users/[username]/scoop/persist/nodejs/bin/node_modules/@anthropic-ai/claude-code/cli.js:8:402
at file:///C:/Users/[username]/scoop/persist/nodejs/bin/node_modules/@anthropic-ai/claude-code/cli.js:636:3204
at file:///C:/Users/[username]/scoop/persist/nodejs/bin/node_modules/@anthropic-ai/claude-code/cli.js:8:402
at file:///C:/Users/[username]/scoop/persist/nodejs/bin/node_modules/@anthropic-ai/claude-code/cli.js:636:6226
at file:///C:/Users/[username]/scoop/persist/nodejs/bin/node_modules/@anthropic-ai/claude-code/cli.js:8:402
at file:///C:/Users/[username]/scoop/persist/nodejs/bin/node_modules/@anthropic-ai/claude-code/cli.js:636:7408
at file:///C:/Users/[username]/scoop/persist/nodejs/bin/node_modules/@anthropic-ai/claude-code/cli.js:8:402
Node.js v25.0.0
Steps to Reproduce
- update nodejs to v25.0.0 (@latest)
- go to a project you've been working on
- run the command claude
- boom (poof)
Claude Model
Not sure / Multiple models
Is this a regression?
No, this never worked
Last Working Version
_No response_
Claude Code Version
2.0.19
Platform
Anthropic API
Operating System
Windows
Terminal/Shell
Windows Terminal
Additional Information
NodeJS offers a fix - not sure if it's a drop-in replacement, I'd imagine not. (https://nodejs.org/api/deprecations.html#DEP0030).
This might also be a fix?
- Update transitive dependencies (particularly buffer-equal-constant-time in the JWT authentication chain) to use crypto.timingSafeEqual() instead of SlowBuffer.prototype.equal.
This issue has 14 comments on GitHub. Read the full discussion on GitHub ↗