Claude Code mcp

All MCP Bug Fixes

• Fixed a command injection vulnerability in the POSIX which fallback used by LSP binary detection.(v2.1.101)
• Fixed a memory leak where long sessions retained dozens of historical copies of the message list in the virtual scroller.(v2.1.101)
• Fixed resume/continue losing conversation context on large sessions when the loader anchored on a dead-end branch.(v2.1.101)
• Fixed resume chain recovery bridging into an unrelated subagent conversation when a subagent message landed near a main-chain write gap.(v2.1.101)
• Fixed a crash on resume when a persisted Edit\/Write tool result was missing its file_path.(v2.1.101)
• Fixed a hardcoded 5-minute request timeout that aborted slow backends regardless of API_TIMEOUT_MS.(v2.1.101)
• Fixed permissions.deny rules not overriding a PreToolUse hook's permissionDecision: "ask", preventing hooks from downgrading denies to prompts.(v2.1.101)
• Fixed setting sources without user causing background cleanup to ignore cleanupPeriodDays and delete history older than 30 days.(v2.1.101)
• Fixed Bedrock SigV4 authentication failing with 403 when Authorization headers were set via environment variables or helpers.(v2.1.101)
• Fixed claude -w <name> failing with "already exists" after stale worktree cleanup from a previous session.(v2.1.101)
• Fixed subagents not inheriting MCP tools from dynamically-injected servers.(v2.1.101)
• Fixed sub-agents running in isolated worktrees being denied Read\/Edit access to files inside their own worktree.(v2.1.101)
• Fixed sandboxed Bash commands failing with mktemp: No such file or directory after a fresh boot.(v2.1.101)
• Fixed claude mcp serve tool calls failing with "Tool execution failed" in MCP clients that validate outputSchema.(v2.1.101)
• Fixed RemoteTrigger tool's run action sending an empty body and being rejected by the server.(v2.1.101)
• Fixed several resume picker issues including narrow default view, unreachable preview on Windows Terminal, incorrect cwd, missing session-not-found errors, and terminal title not being set.(v2.1.101)
• Fixed Grep tool ENOENT when the embedded ripgrep binary path becomes stale; now falls back to system rg and self-heals.(v2.1.101)
• Fixed \/btw writing a copy of the entire conversation to disk on every use.(v2.1.101)
• Fixed \/context Free space and Messages breakdown disagreeing with the header percentage.(v2.1.101)
• Fixed several plugin issues including slash commands resolving incorrectly, \/plugin update failing with ENAMETOOLONG, Discover showing installed plugins, directory-source plugins loading stale cache, and skills not honoring context and agent frontmatter.(v2.1.101)
• Fixed the \/mcp menu offering OAuth-specific actions for servers configured with headersHelper; Reconnect is now offered instead.(v2.1.101)
• Fixed ctrl+], ctrl+\, and ctrl+^ keybindings not firing in terminals that send raw C0 control bytes.(v2.1.101)
• Fixed \/login OAuth URL rendering with padding that prevented clean mouse selection.(v2.1.101)
• Fixed rendering issues including flicker in non-fullscreen mode, scrollback wiping, and mouse-scroll escape sequences leaking into the prompt.(v2.1.101)
• Fixed crash when settings.json env values are numbers instead of strings.(v2.1.101)
• Fixed in-app settings writes not refreshing the in-memory snapshot, preventing removed directories from being revoked mid-session.(v2.1.101)
• Fixed custom keybindings not loading on Bedrock, Vertex, and other third-party providers.(v2.1.101)
• Fixed claude --continue -p not correctly continuing sessions created by -p or the SDK.(v2.1.101)
• Fixed several Remote Control issues including worktrees removed on session crash, connection failures not persisting, spurious Disconnected indicator in brief mode, and \/remote-control failing over SSH when only Organization UUID is set.(v2.1.101)
• Fixed \/insights sometimes omitting the report file link from its response.(v2.1.101)
• Fixed the file attachment below the chat input not clearing when the last editor tab is closed in VSCode.(v2.1.101)
• Fixed a Bash tool permission bypass where an escaped flag could be auto-allowed as read-only, potentially leading to arbitrary code execution.(v2.1.98)
• Fixed compound Bash commands bypassing forced permission prompts for safety checks and explicit ask rules in auto and bypass-permissions modes.(v2.1.98)
• Fixed read-only commands with environment variable prefixes not prompting unless the variable is known-safe (e.g., `LANG`, `TZ`).(v2.1.98)
• Fixed redirects to `/dev/tcp/...` or `/dev/udp/...` not prompting instead of auto-allowing.(v2.1.98)
• Fixed stalled streaming responses timing out instead of falling back to non-streaming mode.(v2.1.98)
• Fixed 429 retries burning all attempts too quickly by ensuring exponential backoff applies as a minimum.(v2.1.98)
• Fixed MCP OAuth `oauth.authServerMetadataUrl` configuration override not being honored on token refresh after restart.(v2.1.98)
• Fixed capital letters being dropped to lowercase in xterm and VS Code integrated terminals when the kitty keyboard protocol is active.(v2.1.98)
• Fixed macOS text replacements deleting the trigger word instead of inserting the substitution.(v2.1.98)
• Fixed `--dangerously-skip-permissions` being silently downgraded to accept-edits mode after approving a write to a protected path via Bash.(v2.1.98)
• Fixed managed-settings allow rules remaining active after an admin removed them until process restart.(v2.1.98)
• Fixed `permissions.additionalDirectories` changes not applying mid-session; removed directories now lose access immediately.(v2.1.98)
• Fixed removing a directory from `additionalDirectories` revoking access to the same directory passed via `--add-dir`.(v2.1.98)
• Fixed `Bash(cmd:*)` and `Bash(git commit *)` wildcard permission rules failing to match commands with extra spaces or tabs.(v2.1.98)
• Fixed `Bash(...)` deny rules being downgraded to a prompt for piped commands that mix `cd` with other segments.(v2.1.98)
• Fixed false Bash permission prompts for commands like `cut -d /` and filenames containing `%`.(v2.1.98)
• Fixed permission rules with names matching JavaScript prototype properties (e.g., `toString`) causing `settings.json` to be silently ignored.(v2.1.98)
• Fixed agent team members not inheriting the leader's permission mode when using `--dangerously-skip-permissions`.(v2.1.98)
• Fixed a crash in fullscreen mode when hovering over MCP tool results.(v2.1.98)
• Fixed copying wrapped URLs in fullscreen mode inserting spaces at line breaks.(v2.1.98)
• Fixed file-edit diffs disappearing from the UI on `--resume` when the edited file was larger than 10KB.(v2.1.98)
• Fixed several `/resume` picker issues including uneditable resumes, search state wiping, and transient status text.(v2.1.98)
• Fixed `/export` not honoring absolute paths and `~`, and silently rewriting user-supplied extensions to `.txt`.(v2.1.98)
• Fixed `/effort max` being denied for unknown or future model IDs.(v2.1.98)
• Fixed slash command picker breaking when a plugin's frontmatter `name` is a YAML boolean keyword.(v2.1.98)
• Fixed rate-limit upsell text being hidden after message remounts.(v2.1.98)
• Fixed MCP tools with `_meta["anthropic/maxResultSizeChars"]` not bypassing the token-based persist layer.(v2.1.98)
• Fixed voice mode leaking space characters into input when re-holding the push-to-talk key during transcript processing.(v2.1.98)
• Fixed `DISABLE_AUTOUPDATER` not fully suppressing the npm registry version check and symlink modification.(v2.1.98)
• Fixed a memory leak where Remote Control permission handler entries were retained for the entire session.(v2.1.98)
• Fixed background subagents that fail with an error not reporting partial progress to the parent agent.(v2.1.98)
• Fixed prompt-type Stop/SubagentStop hooks failing on long sessions.(v2.1.98)
• Fixed feedback survey rendering when dismissed.(v2.1.98)
• Fixed Bash `grep -f FILE` / `rg -f FILE` not prompting when reading a pattern file outside the working directory.(v2.1.98)
• Fixed stale subagent worktree cleanup removing worktrees that contain untracked files.(v2.1.98)
• Fixed `sandbox.network.allowMachLookup` not taking effect on macOS.(v2.1.98)
• Fixed `CLAUDE_CODE_MAX_CONTEXT_TOKENS` not honoring `DISABLE_COMPACT` when set.(v2.1.98)
• Fixed VSCode reporting a false-positive "requires git-bash" error on Windows when the path is correctly configured.(v2.1.98)
• Fixed --dangerously-skip-permissions being silently downgraded to accept-edits mode after approving a write to a protected path(v2.1.97)
• Fixed and hardened Bash tool permissions, tightening checks around env-var prefixes and network redirects, and reducing false prompts on common commands(v2.1.97)
• Fixed permission rules with names matching JavaScript prototype properties (e.g. toString) causing settings.json to be silently ignored(v2.1.97)
• Fixed managed-settings allow rules remaining active after an admin removed them until process restart(v2.1.97)
• Fixed permissions.additionalDirectories changes in settings not applying mid-session(v2.1.97)
• Fixed removing a directory from settings.permissions.additionalDirectories revoking access to the same directory passed via --add-dir(v2.1.97)
• Fixed MCP HTTP/SSE connections accumulating ~50 MB/hr of unreleased buffers when servers reconnect(v2.1.97)
• Fixed MCP OAuth oauth.authServerMetadataUrl not being honored on token refresh after restart, fixing ADFS and similar IdPs(v2.1.97)
• Fixed 429 retries burning all attempts in ~13 seconds when the server returns a small Retry-After — exponential backoff now applies as a minimum(v2.1.97)
• Fixed rate-limit upgrade options disappearing after context compaction(v2.1.97)
• Fixed several /resume picker issues: --resume <name> opening uneditable, Ctrl+A reload wiping search, empty list swallowing navigation, task-status text replacing conversation summary, and cross-project staleness(v2.1.97)
• Fixed file-edit diffs disappearing on --resume when the edited file was larger than 10KB(v2.1.97)
• Fixed --resume cache misses and lost mid-turn input from attachment messages not being saved to the transcript(v2.1.97)
• Fixed messages typed while Claude is working not being persisted to the transcript(v2.1.97)
• Fixed prompt-type Stop/SubagentStop hooks failing on long sessions, and hook evaluator API errors displaying "JSON validation failed" instead of the actual message(v2.1.97)
• Fixed subagents with worktree isolation or cwd: override leaking their working directory back to the parent session's Bash tool(v2.1.97)
• Fixed compaction writing duplicate multi-MB subagent transcript files on prompt-too-long retries(v2.1.97)
• Fixed claude plugin update reporting "already at the latest version" for git-based marketplace plugins when the remote had newer commits(v2.1.97)
• Fixed slash command picker breaking when a plugin's frontmatter name is a YAML boolean keyword(v2.1.97)
• Fixed copying wrapped URLs in NO_FLICKER mode inserting spaces at line breaks(v2.1.97)
• Fixed scroll rendering artifacts in NO_FLICKER mode when running inside zellij(v2.1.97)
• Fixed a crash in NO_FLICKER mode when hovering over MCP tool results(v2.1.97)
• Fixed a NO_FLICKER mode memory leak where API retries left stale streaming state(v2.1.97)
• Fixed slow mouse-wheel scrolling in NO_FLICKER mode on Windows Terminal(v2.1.97)
• Fixed custom status line not displaying in NO_FLICKER mode on terminals shorter than 24 rows(v2.1.97)
• Fixed Shift+Enter and Alt/Cmd+arrow shortcuts not working in Warp with NO_FLICKER mode(v2.1.97)
• Fixed Korean/Japanese/Unicode text becoming garbled when copied in no-flicker mode on Windows(v2.1.97)
• Fixed Bedrock SigV4 authentication failing when AWS_BEARER_TOKEN_BEDROCK or ANTHROPIC_BEDROCK_BASE_URL are set to empty strings (as GitHub Actions does for unset inputs)(v2.1.97)
• Fixed agents appearing stuck after a 429 rate-limit response with a long Retry-After header; the error now surfaces immediately.(v2.1.94)
• Fixed Console login on macOS silently failing when the login keychain is locked or out of sync; the error is now surfaced and `claude doctor` diagnoses the fix.(v2.1.94)
• Fixed plugin skill hooks defined in YAML frontmatter being silently ignored.(v2.1.94)
• Fixed plugin hooks failing with "No such file or directory" when `CLAUDE_PLUGIN_ROOT` was not set.(v2.1.94)
• Fixed `${CLAUDE_PLUGIN_ROOT}` resolving incorrectly for local-marketplace plugins on startup.(v2.1.94)
• Fixed scrollback showing repeated diffs and blank pages in long-running sessions.(v2.1.94)
• Fixed multiline user prompts in the transcript indenting wrapped lines incorrectly under the caret.(v2.1.94)
• Fixed Shift+Space inserting the literal word "space" instead of a space character in search inputs.(v2.1.94)
• Fixed hyperlinks opening two browser tabs when clicked inside tmux running in an xterm.js-based terminal.(v2.1.94)
• Fixed an alt-screen rendering bug that could leave compounding ghost lines during scrolling.(v2.1.94)
• Fixed the `FORCE_HYPERLINK` environment variable being ignored when set via `settings.json` `env`.(v2.1.94)
• Fixed native terminal cursor not tracking the selected tab in dialogs.(v2.1.94)
• Fixed Bedrock invocation of Sonnet 3.5 v2 by correctly using the `us.` inference profile ID.(v2.1.94)
• Fixed SDK/print mode not preserving the partial assistant response in conversation history when interrupted mid-stream.(v2.1.94)
• Fixed CJK and other multibyte text being corrupted with U+FFFD in stream-json input/output when chunk boundaries split a UTF-8 sequence.(v2.1.94)
• Fixed VSCode dropdown menus selecting the wrong item when the mouse was over the list while typing or using arrow keys.(v2.1.94)
• Fixed subagent spawning permanently failing with "Could not determine pane count" after tmux windows were killed or renumbered during a long-running session.(v2.1.92)
• Fixed prompt-type Stop hooks incorrectly failing when the small fast model returns ok:false, restoring preventContinuation:true semantics for non-Stop prompt-type hooks.(v2.1.92)
• Fixed tool input validation failures when streaming emits array/object fields as JSON-encoded strings.(v2.1.92)
• Fixed an API 400 error that could occur when extended thinking produced a whitespace-only text block alongside real content.(v2.1.92)
• Fixed accidental feedback survey submissions caused by auto-pilot keypresses and consecutive-prompt digit collisions.(v2.1.92)
• Fixed misleading "esc to interrupt" hint appearing alongside "esc to clear" when text selection exists in fullscreen mode during processing.(v2.1.92)
• Fixed Homebrew install update prompts to use the correct release channel (claude-code → stable, claude-code@latest → latest).(v2.1.92)
• Fixed ctrl+e jumping to the end of the next line when already at the end of the line in multiline prompts.(v2.1.92)
• Fixed an issue where the same message could appear at two positions when scrolling up in fullscreen mode (for terminals supporting DEC 2026).(v2.1.92)
• Fixed idle-return "/clear to save X tokens" hint showing cumulative session tokens instead of the current context size.(v2.1.92)
• Fixed plugin MCP servers getting stuck "connecting" on session start when they duplicate an unauthenticated claude.ai connector.(v2.1.92)
• Restored unix-socket blocking for sandboxed commands by ensuring the apply-seccomp helper ships in both npm and native builds for the Linux sandbox.(v2.1.92)
• Fixed transcript chain breaks occurring with `--resume` that previously caused silent failures in async transcript writes, leading to lost conversation history.(v2.1.91)
• Fixed `cmd+delete` functionality not deleting text to the start of the line across iTerm2, kitty, WezTerm, Ghostty, and Windows Terminal.(v2.1.91)
• Fixed plan mode in remote sessions losing track of the plan file after a container restart, which previously caused permission prompts on plan edits and an empty plan-approval modal.(v2.1.91)
• Fixed JSON schema validation errors when setting `permissions.defaultMode: "auto"` in settings.json.(v2.1.91)
• Fixed an issue where Windows version cleanup was incorrectly protecting the rollback copy of the active version.(v2.1.91)
• Fixed an infinite loop where the rate-limit options dialog would repeatedly auto-open after hitting the usage limit, preventing session crashes(v2.1.90)
• Fixed regression where `--resume` caused a full prompt-cache miss on the first request for users with deferred tools, MCP servers, or custom agents(v2.1.90)
• Fixed Edit/Write operations failing with "File content has changed" when a PostToolUse format-on-save hook rewrites the file between consecutive edits(v2.1.90)
• Fixed PreToolUse hooks emitting JSON to stdout and exiting with code 2 not correctly blocking the tool call(v2.1.90)
• Fixed collapsed search/read summary badge appearing multiple times in fullscreen scrollback when a CLAUDE.md file auto-loads during a tool call(v2.1.90)
• Fixed auto mode not respecting explicit user boundaries (e.g., "don't push", "wait for X before Y")(v2.1.90)
• Fixed UI crash that occurred when malformed tool input reached the permission dialog(v2.1.90)
• Hardened PowerShell tool permission checks, fixing trailing & background job bypass, -ErrorAction Break debugger hang, archive-extraction TOCTOU, and parse-fail fallback deny-rule degradation(v2.1.90)
• Fixed Edit(//path/**) and Read(//path/**) allow rules to correctly check the resolved symlink target instead of just the requested path.(v2.1.89)
• Fixed voice push-to-talk activation issues with modifier-combo bindings and resolved WebSocket upgrade rejections in voice mode on Windows.(v2.1.89)
• Fixed Edit/Write tools incorrectly doubling CRLF and stripping Markdown hard line breaks (two trailing spaces) on Windows.(v2.1.89)
• Fixed StructuredOutput schema cache bug that caused approximately 50% failure rate when using multiple schemas.(v2.1.89)
• Fixed memory leak where large JSON inputs were retained as LRU cache keys during long-running sessions.(v2.1.89)
• Fixed crash occurring when removing a message from very large session files (over 50MB).(v2.1.89)
• Fixed LSP server zombie state after a crash; the server now restarts on the next request instead of failing until the session restarts.(v2.1.89)
• Fixed prompt history entries containing CJK or emoji being silently dropped when they fell on a 4KB boundary in ~/.claude/history.jsonl.(v2.1.89)
• Fixed /stats undercounting tokens by excluding subagent usage and losing historical data beyond 30 days when the stats cache format changed.(v2.1.89)
• Fixed -p --resume hangs when deferred tool input exceeds 64KB or lacks a deferred marker, and fixed -p --continue not resuming deferred tools.(v2.1.89)
• Fixed claude-cli:// deep links failing to open on macOS.(v2.1.89)
• Fixed MCP tool errors truncating to only the first content block when the server returned multi-element error content.(v2.1.89)
• Fixed skill reminders and other system context being dropped when sending messages with images via the SDK.(v2.1.89)
• Fixed PreToolUse/PostToolUse hooks receiving file_path as a relative path instead of the documented absolute path for Write/Edit/Read tools.(v2.1.89)
• Fixed autocompact thrash loop by detecting when context refills immediately after compacting three times and stopping with an actionable error.(v2.1.89)
• Fixed prompt cache misses in long sessions caused by tool schema bytes changing mid-session.(v2.1.89)
• Fixed nested CLAUDE.md files being re-injected dozens of times in long sessions that read many files.(v2.1.89)
• Fixed --resume crash when the transcript contained a tool result from an older CLI version or an interrupted write.(v2.1.89)
• Fixed misleading "Rate limit reached" message when the API returned an entitlement error; now shows the actual error.(v2.1.89)
• Fixed hooks if condition filtering not matching compound commands (e.g., ls && git push) or commands with env-var prefixes.(v2.1.89)
• Fixed collapsed search/read group badges duplicating in terminal scrollback during heavy parallel tool use.(v2.1.89)
• Fixed notification invalidates not clearing the currently-displayed notification immediately.(v2.1.89)
• Fixed prompt briefly disappearing after submit when background messages arrived during processing.(v2.1.89)
• Fixed truncation of Devanagari and other combining-mark text in assistant output.(v2.1.89)
• Fixed rendering artifacts on main-screen terminals after layout shifts.(v2.1.89)
• Fixed voice mode failing to request microphone permission on macOS Apple Silicon.(v2.1.89)
• Fixed Shift+Enter submitting instead of inserting a newline on Windows Terminal Preview 1.25.(v2.1.89)
• Fixed periodic UI jitter during streaming in iTerm2 when running inside tmux.(v2.1.89)
• Fixed PowerShell tool incorrectly reporting failures when commands like git push wrote progress to stderr on Windows PowerShell 5.1.(v2.1.89)
• Fixed potential out-of-memory crash when the Edit tool was used on very large files (>1 GiB).(v2.1.89)
• Fixed prompt cache misses in long sessions caused by tool schema bytes changing mid-session(v2.1.88)
• Fixed nested CLAUDE.md files being re-injected dozens of times in long sessions that read many files(v2.1.88)
• Fixed Edit/Write tools doubling CRLF on Windows and stripping Markdown hard line breaks (two trailing spaces)(v2.1.88)
• Fixed `StructuredOutput` schema cache bug causing ~50% failure rate in workflows with multiple schemas(v2.1.88)
• Fixed memory leak where large JSON inputs were retained as LRU cache keys in long-running sessions(v2.1.88)
• Fixed a potential out-of-memory crash when the Edit tool was used on very large files (>1 GiB)(v2.1.88)
• Fixed a crash when removing a message from very large session files (over 50MB)(v2.1.88)
• Fixed `--resume` crash when transcript contains a tool result from an older CLI version or interrupted write(v2.1.88)
• Fixed misleading "Rate limit reached" message when the API returned an entitlement error; now shows the actual error with actionable hints(v2.1.88)
• Fixed LSP server zombie state after crash; server now restarts on next request instead of failing until session restart(v2.1.88)
• Fixed hooks `if` condition filtering not matching compound commands (`ls && git push`) or commands with env-var prefixes (`FOO=bar git push`)(v2.1.88)
• Fixed prompt history entries containing CJK or emoji being silently dropped when they fall on a 4KB boundary in `~/.claude/history.jsonl`(v2.1.88)
• Fixed `/stats` losing historical data beyond 30 days when the stats cache format changes(v2.1.88)
• Fixed `/stats` undercounting tokens by excluding subagent/fork usage(v2.1.88)
• Fixed scrollback disappearing when scrolling up in long sessions(v2.1.88)
• Fixed collapsed search/read group badges duplicating in terminal scrollback during heavy parallel tool use(v2.1.88)
• Fixed notification `invalidates` not clearing the currently-displayed notification immediately(v2.1.88)
• Fixed prompt briefly disappearing after submit when background messages arrived during processing(v2.1.88)
• Fixed long `/btw` responses being clipped with no way to scroll; responses now render in a scrollable viewport(v2.1.88)
• Fixed Devanagari and other combining-mark text being truncated in assistant output(v2.1.88)
• Fixed rendering artifacts on main-screen terminals after layout shifts(v2.1.88)
• Fixed voice mode failing to request microphone permission on macOS Apple Silicon(v2.1.88)
• Fixed voice push-to-talk not activating for some modifier-combo bindings(v2.1.88)
• Fixed voice mode on Windows failing with "WebSocket upgrade rejected with HTTP 101"(v2.1.88)
• Fixed Shift+Enter submitting instead of inserting a newline on Windows Terminal Preview 1.25(v2.1.88)
• Fixed periodic UI jitter during streaming in iTerm2 when running inside tmux(v2.1.88)
• Fixed PowerShell tool incorrectly reporting failures when commands like `git push` wrote progress to stderr on Windows PowerShell 5.1(v2.1.88)
• Fixed SDK error result messages (`error_during_execution`, `error_max_turns`) to correctly set `is_error: true` with descriptive messages(v2.1.88)
• Fixed task notifications being lost when backgrounding a session with Ctrl+B(v2.1.88)
• Fixed PreToolUse/PostToolUse hooks not providing `file_path` as an absolute path for Write/Edit/Read tools(v2.1.88)
• Fixed --resume failing with "tool_use ids were found without tool_result blocks" on sessions created before v2.1.85.(v2.1.86)
• Fixed Write/Edit/Read failing on files outside the project root (e.g., ~/.claude/CLAUDE.md) when conditional skills or rules are configured.(v2.1.86)
• Fixed unnecessary config disk writes on every skill invocation that could cause performance issues and config corruption on Windows.(v2.1.86)
• Fixed potential out-of-memory crash when using /feedback on very long sessions with large transcript files.(v2.1.86)
• Fixed --bare mode dropping MCP tools in interactive sessions and silently discarding messages enqueued mid-turn.(v2.1.86)
• Fixed the c shortcut copying only ~20 characters of the OAuth login URL instead of the full URL.(v2.1.86)
• Fixed masked input (e.g., OAuth code paste) leaking the start of the token when wrapping across multiple lines on narrow terminals.(v2.1.86)
• Fixed official marketplace plugin scripts failing with "Permission denied" on macOS/Linux since v2.1.83.(v2.1.86)
• Fixed statusline showing another session's model when running multiple Claude Code instances and using /model in one of them.(v2.1.86)
• Fixed scroll not following new messages after wheel scroll or click-to-select at the bottom of a long conversation.(v2.1.86)
• Fixed /plugin uninstall dialog: pressing n now correctly uninstalls the plugin while preserving its data directory.(v2.1.86)
• Fixed a regression where pressing Enter after clicking could leave the transcript blank until the response arrived.(v2.1.86)
• Fixed ultrathink hint lingering after deleting the keyword.(v2.1.86)
• Fixed memory growth in long sessions from markdown/highlight render caches retaining full content strings.(v2.1.86)
• Fixed VSCode extension incorrectly showing "Not responding" during long-running operations.(v2.1.86)
• Fixed VSCode extension defaulting Max plan users to Sonnet after the OAuth token refreshes (8 hours after login).(v2.1.86)
• Fixed `/compact` failing with "context exceeded" when the conversation history is too large for the compact request itself.(v2.1.85)
• Fixed `/plugin enable` and `/plugin disable` failing when a plugin's install location differs from its declaration in settings.(v2.1.85)
• Fixed `--worktree` exiting with an error in non-git repositories before the `WorktreeCreate` hook could execute.(v2.1.85)
• Fixed `deniedMcpServers` setting failing to block claude.ai MCP servers.(v2.1.85)
• Fixed `switch_display` in the computer-use tool returning "not available in this session" on multi-monitor setups.(v2.1.85)
• Fixed crash when OpenTelemetry log, metric, or trace exporters are set to `none`.(v2.1.85)
• Fixed diff syntax highlighting not working in non-native builds.(v2.1.85)
• Fixed MCP step-up authorization failing when a refresh token exists; servers requesting elevated scopes now correctly trigger re-authorization.(v2.1.85)
• Fixed memory leak in remote sessions when a streaming response is interrupted.(v2.1.85)
• Fixed persistent ECONNRESET errors during edge connection churn by using a fresh TCP connection on retry.(v2.1.85)
• Fixed prompts getting stuck in the queue after certain slash commands, preventing retrieval with the up-arrow key.(v2.1.85)
• Fixed Python Agent SDK: `type:'sdk'` MCP servers passed via `--mcp-config` not being retained during startup.(v2.1.85)
• Fixed raw key sequences appearing in the prompt when running over SSH or in the VS Code integrated terminal.(v2.1.85)
• Fixed Remote Control session status remaining stuck on "Requires Action" after a permission is resolved.(v2.1.85)
• Fixed shift+enter and meta+enter being intercepted by typeahead suggestions instead of inserting newlines.(v2.1.85)
• Fixed stale content bleeding through when scrolling up during streaming.(v2.1.85)
• Fixed terminal remaining in enhanced keyboard mode after exit in supported terminals (Ghostty, Kitty, WezTerm), ensuring Ctrl+C and Ctrl+D work correctly.(v2.1.85)
• Fixed voice push-to-talk: holding the voice key no longer leaks characters into the text input, and transcripts now insert at the correct position.(v2.1.84)
• Fixed up/down arrow keys being unresponsive when a footer item is focused.(v2.1.84)
• Fixed `Ctrl+U` (kill-to-line-start) being a no-op at line boundaries in multiline input, so repeated `Ctrl+U` now clears across lines.(v2.1.84)
• Fixed null-unbinding a default chord binding (e.g. `"ctrl+x ctrl+k": null`) still entering chord-wait mode instead of freeing the prefix key.(v2.1.84)
• Fixed mouse events inserting literal "mouse" text into transcript search input.(v2.1.84)
• Fixed workflow subagents failing with API 400 when the outer session uses `--json-schema` and the subagent also specifies a schema.(v2.1.84)
• Fixed missing background color behind certain emoji in user message bubbles on some terminals.(v2.1.84)
• Fixed the "allow Claude to edit its own settings for this session" permission option not sticking for users with `Edit(.claude)` allow rules.(v2.1.84)
• Fixed a hang when generating attachment snippets for large edited files.(v2.1.84)
• Fixed MCP tool/resource cache leak on server reconnect.(v2.1.84)
• Fixed a startup performance issue where partial clone repositories (Scalar/GVFS) triggered mass blob downloads.(v2.1.84)
• Fixed native terminal cursor not tracking the text input caret, so IME composition (CJK input) now renders inline and screen readers can follow the input position.(v2.1.84)
• Fixed spurious "Not logged in" errors on macOS caused by transient keychain read failures.(v2.1.84)
• Fixed cold-start race where core tools could be deferred without their bypass active, causing Edit/Write to fail with InputValidationError on typed parameters.(v2.1.84)
• Fixed mouse tracking escape sequences leaking to the shell prompt after exiting the application.(v2.1.83)
• Resolved an issue causing Claude Code to hang on exit specifically on macOS.(v2.1.83)
• Fixed the screen flashing blank after being idle for a few seconds.(v2.1.83)
• Fixed a hang that occurred when diffing very large files with few common lines; diffs now time out gracefully after 5 seconds.(v2.1.83)
• Fixed a 1–8 second UI freeze on startup when voice input was enabled, caused by eager loading of the native audio module.(v2.1.83)
• Fixed a startup regression where Claude Code would wait approximately 3 seconds for the claude.ai MCP config fetch before proceeding.(v2.1.83)
• Fixed the `--mcp-config` CLI flag bypassing enforcement of `allowedMcpServers`/`deniedMcpServers` managed policies.(v2.1.83)
• Fixed claude.ai MCP connectors (Slack, Gmail, etc.) not being available when using single-turn `--print` mode.(v2.1.83)
• Fixed the `caffeinate` process not terminating correctly upon Claude Code exit, which prevented Mac systems from sleeping.(v2.1.83)
• Fixed bash mode not activating correctly when tab-accepting command suggestions prefixed with !.(v2.1.83)
• Fixed stale slash command selection showing the wrong highlighted command after navigating suggestions.(v2.1.83)
• Fixed the /config menu incorrectly showing both the search cursor and list selection simultaneously.(v2.1.83)
• Fixed background subagents becoming invisible after context compaction, preventing duplicate agents from spawning.(v2.1.83)
• Fixed background agent tasks getting stuck in a "running" state when git or API calls hung during cleanup.(v2.1.83)
• Fixed the --channels flag incorrectly showing "Channels are not currently available" on the first launch after an upgrade.(v2.1.83)
• Fixed uninstalled plugin hooks continuing to fire until the next session started.(v2.1.83)
• Fixed queued commands flickering during streaming responses.(v2.1.83)
• Fixed slash commands being sent to the model as plain text when submitted while a message was already processing.(v2.1.83)
• Fixed scrollback jumping to the top when collapsed read/search groups finished loading after scrolling offscreen.(v2.1.83)
• Fixed scrollback jumping to the top when the model started or stopped thinking.(v2.1.83)
• Fixed loss of SDK session history upon resume caused by hook progress/attachment messages forking the parentUuid chain.(v2.1.83)
• Fixed copy-on-select functionality failing when the mouse button was released outside the terminal window.(v2.1.83)
• Fixed ghost characters appearing in height-constrained lists when items overflowed their bounds.(v2.1.83)
• Fixed `Ctrl+B` interfering with readline backward-char functionality at an idle prompt; it now only fires when a foreground task can be backgrounded.(v2.1.83)
• Fixed tool result files never being cleaned up, ignoring the `cleanupPeriodDays` setting.(v2.1.83)
• Fixed the space key being swallowed for up to 3 seconds after releasing voice hold-to-talk.(v2.1.83)
• Fixed ALSA library errors corrupting the terminal UI when using voice mode on Linux systems lacking audio hardware (e.g., Docker, headless, WSL1).(v2.1.83)
• Fixed voice mode SoX detection issues on Termux/Android where spawning `which` is kernel-restricted.(v2.1.83)
• Fixed Remote Control sessions incorrectly showing as Idle in the web session list while actively running.(v2.1.83)
• Fixed footer navigation selecting an invisible Remote Control pill when in config-driven mode.(v2.1.83)
• Fixed a memory leak in remote sessions where tool use IDs accumulated indefinitely.(v2.1.83)
• [VSCode] Fixed session history not loading correctly when reopening a session via URL or after restarting the editor.(v2.1.83)
• Fixed multiple concurrent Claude Code sessions requiring repeated re-authentication when one session refreshed its OAuth token.(v2.1.81)
• Fixed voice mode silently swallowing retry failures and showing a misleading "check your network" message instead of the actual error.(v2.1.81)
• Fixed voice mode audio not recovering when the server silently drops the WebSocket connection.(v2.1.81)
• Fixed structured-outputs beta header causing 400 errors on proxy gateways by ensuring CLAUDE_CODE_DISABLE_EXPERIMENTAL_BETAS correctly suppresses it.(v2.1.81)
• Fixed --channels bypass issue for Team/Enterprise organizations lacking other managed settings.(v2.1.81)
• Fixed a crash occurring specifically on Node.js 18 environments.(v2.1.81)
• Fixed unnecessary permission prompts appearing for Bash commands containing dashes within strings.(v2.1.81)
• Fixed plugin hooks blocking prompt submission when the plugin directory was deleted during an active session.(v2.1.81)
• Fixed a race condition where background agent task output could hang indefinitely if the task completed between polling intervals.(v2.1.81)
• Fixed resuming a session in a worktree now correctly switches the user back to that worktree.(v2.1.81)
• Fixed /btw command not including pasted text when used during an active response.(v2.1.81)
• Fixed a race condition where fast Cmd+Tab followed by paste could fail due to clipboard copy timing under tmux.(v2.1.81)
• Fixed terminal tab title not updating correctly with an auto-generated session description.(v2.1.81)
• Fixed invisible hook attachments inflating the message count when viewing transcripts.(v2.1.81)
• Fixed Remote Control sessions showing a generic title instead of deriving the title from the first prompt.(v2.1.81)
• Fixed /rename command not reliably syncing the title for Remote Control sessions.(v2.1.81)
• Fixed Remote Control /exit command not reliably archiving the session.(v2.1.81)
• Fixed Windows PATH inheritance issue for the Bash tool when using Git Bash within VSCode (a regression from v2.1.78).(v2.1.81)
• Fixed `--resume` dropping parallel tool results, ensuring all tool_use/tool_result pairs are restored instead of showing placeholders(v2.1.80)
• Fixed voice mode WebSocket failures caused by Cloudflare bot detection on non-browser TLS fingerprints(v2.1.80)
• Fixed 400 errors when using fine-grained tool streaming through API proxies, Bedrock, or Vertex(v2.1.80)
• Fixed `/remote-control` appearing for gateway and third-party provider deployments where it is non-functional(v2.1.80)
• Fixed `/sandbox` tab switching not responding to Tab or arrow keys(v2.1.80)
• Fixed managed settings (like `enabledPlugins`, `permissions.defaultMode`, policy-set env vars) not being applied at startup when `remote-settings.json` was cached(v2.1.80)
• Fixed `git log HEAD` failing with "ambiguous argument" inside sandboxed Bash on Linux, and stub files polluting `git status` in the working directory(v2.1.78)
• Fixed `cc log` and `--resume` silently truncating conversation history on large sessions (>5 MB) that used subagents(v2.1.78)
• Fixed infinite loop when API errors triggered stop hooks that re-fed blocking errors to the model(v2.1.78)
• Fixed `deny: ["mcp__servername"]` permission rules not removing MCP server tools before sending to the model, allowing it to see and attempt blocked tools(v2.1.78)
• Fixed `sandbox.filesystem.allowWrite` not working with absolute paths (previously required `//` prefix)(v2.1.78)
• Fixed `/sandbox` Dependencies tab showing Linux prerequisites on macOS instead of macOS-specific info(v2.1.78)
• Fixed silent sandbox disable when `sandbox.enabled: true` is set but dependencies are missing; now shows a visible startup warning(v2.1.78)
• Fixed `.git`, `.claude`, and other protected directories being writable without a prompt in `bypassPermissions` mode(v2.1.78)
• Fixed ctrl+u in normal mode scrolling instead of readline kill-line (ctrl+u/ctrl+d half-page scroll moved to transcript mode only)(v2.1.78)
• Fixed voice mode modifier-combo push-to-talk keybindings (e.g. ctrl+k) requiring a hold instead of activating immediately(v2.1.78)
• Fixed voice mode not working on WSL2 with WSLg (Windows 11); WSL1/Win10 users now get a clear error(v2.1.78)
• Fixed `--worktree` flag not loading skills and hooks from the worktree directory(v2.1.78)
• Fixed `CLAUDE_CODE_DISABLE_GIT_INSTRUCTIONS` and `includeGitInstructions` setting not suppressing the git status section in the system prompt(v2.1.78)
• Fixed Bash tool not finding Homebrew and other PATH-dependent binaries when VS Code is launched from Dock/Spotlight(v2.1.78)
• Fixed washed-out Claude orange color in VS Code/Cursor/code-server terminals that don't advertise truecolor support(v2.1.78)
• Fixed `ANTHROPIC_BETAS` environment variable being silently ignored when using Haiku models(v2.1.78)
• Fixed queued prompts being concatenated without a newline separator(v2.1.78)
• Fixed a brief flash of the login screen when opening the sidebar while already authenticated in VSCode(v2.1.78)
• Fixed "API Error: Rate limit reached" when selecting Opus in VSCode; model dropdown no longer offers 1M context variant to subscribers whose plan tier is unknown(v2.1.78)
• Fixed the "Always Allow" setting for compound bash commands (e.g., cd src && npm test) incorrectly saving a single rule for the full string instead of per-subcommand, which caused dead rules and repeated prompts.(v2.1.77)
• Fixed the auto-updater accumulating tens of gigabytes of memory by starting overlapping binary downloads when the slash-command overlay repeatedly opened and closed.(v2.1.77)
• Fixed the --resume command silently truncating recent conversation history due to a race condition between memory-extraction writes and the main transcript.(v2.1.77)
• Fixed PreToolUse hooks returning "allow" bypassing deny permission rules, including enterprise managed settings.(v2.1.77)
• Fixed the Write tool silently converting line endings when overwriting CRLF files or creating files in CRLF directories.(v2.1.77)
• Fixed memory growth in long-running sessions caused by progress messages surviving compaction.(v2.1.77)
• Fixed cost and token usage not being tracked when the API falls back to non-streaming mode.(v2.1.77)
• Fixed CLAUDE_CODE_DISABLE_EXPERIMENTAL_BETAS not stripping beta tool-schema fields, which caused proxy gateways to reject requests.(v2.1.77)
• Fixed the Bash tool reporting errors for successful commands when the system temp directory path contains spaces.(v2.1.77)
• Fixed paste operation being lost when typing immediately after pasting.(v2.1.77)
• Fixed Ctrl+D in the /feedback text input deleting forward instead of exiting the session on the second press.(v2.1.77)
• Fixed an API error occurring when dragging a 0-byte image file into the prompt.(v2.1.77)
• Fixed Claude Desktop sessions incorrectly using the terminal CLI's configured API key instead of OAuth.(v2.1.77)
• Fixed git-subdir plugins located at different subdirectories of the same monorepo commit colliding in the plugin cache.(v2.1.77)
• Fixed ordered list numbers not rendering correctly in the terminal UI.(v2.1.77)
• Fixed a race condition where stale-worktree cleanup could delete an agent worktree that was just resumed from a previous crash.(v2.1.77)
• Fixed input deadlock occurring when opening /mcp or similar dialogs while the agent is running.(v2.1.77)
• Fixed Backspace and Delete keys not functioning in vim NORMAL mode.(v2.1.77)
• Fixed the status line not updating when vim mode is toggled on or off.(v2.1.77)
• Fixed hyperlinks opening twice on Cmd+click in VS Code, Cursor, and other xterm.js-based terminals.(v2.1.77)
• Fixed background colors rendering as terminal-default inside tmux when using the default configuration.(v2.1.77)
• Fixed iTerm2 session crash when selecting text inside tmux over SSH.(v2.1.77)
• Fixed clipboard copy silently failing in tmux sessions; the copy toast now correctly indicates whether to paste with ⌘V or tmux prefix+].(v2.1.77)
• Fixed ←/→ keys accidentally switching tabs in settings, permissions, and sandbox dialogs while navigating lists.(v2.1.77)
• Fixed IDE integration not auto-connecting when Claude Code is launched inside tmux or screen.(v2.1.77)
• Fixed CJK characters visually bleeding into adjacent UI elements when clipped at the right edge.(v2.1.77)
• Fixed teammate panes not closing when the leader exits.(v2.1.77)
• Fixed iTerm2 auto mode not correctly detecting iTerm2 for native split-pane teammates.(v2.1.77)
• Fixed the Agent tool incorrectly accepting a resume parameter; users must now use SendMessage({to: agentId}) to continue a previously spawned agent.(v2.1.77)
• Fixed deferred tools losing their input schemas after conversation compaction, which caused array and number parameters to be rejected with type errors(v2.1.76)
• Fixed slash commands incorrectly showing "Unknown skill"(v2.1.76)
• Fixed plan mode incorrectly asking for re-approval after the plan was already accepted(v2.1.76)
• Fixed voice mode swallowing keypresses while a permission dialog or plan editor was open(v2.1.76)
• Fixed `/voice` command not working on Windows when installed via npm(v2.1.76)
• Fixed spurious "Context limit reached" error when invoking a skill with `model:` frontmatter on a 1M-context session(v2.1.76)
• Fixed "adaptive thinking is not supported on this model" error when using non-standard model strings(v2.1.76)
• Fixed `Bash(cmd:*)` permission rules not matching when a quoted argument contains #(v2.1.76)
• Fixed "don't ask again" in the Bash permission dialog showing the full raw command for pipes and compound commands(v2.1.76)
• Fixed auto-compaction retrying indefinitely after consecutive failures by implementing a circuit breaker that stops after 3 attempts(v2.1.76)
• Fixed MCP reconnect spinner persisting after successful reconnection(v2.1.76)
• Fixed LSP plugins not registering servers when the LSP Manager initialized before marketplaces were reconciled(v2.1.76)
• Fixed clipboard copying in tmux over SSH by attempting both direct terminal write and tmux clipboard integration(v2.1.76)
• Fixed `/export` showing only the filename instead of the full file path in the success message(v2.1.76)
• Fixed transcript not auto-scrolling to new messages after selecting text(v2.1.76)
• Fixed Escape key not working to exit the login method selection screen(v2.1.76)
• Fixed several Remote Control issues, including sessions silently dying when the server reaps an idle environment, rapid messages being queued one-at-a-time instead of batched, and stale work items causing redelivery after JWT refresh(v2.1.76)
• Fixed bridge sessions failing to recover after extended WebSocket disconnects(v2.1.76)
• Fixed slash commands not being found when typing the exact name of a soft-hidden command(v2.1.76)
• [VSCode] Fixed gitignore patterns containing commas silently excluding entire filetypes from the @-mention file picker(v2.1.76)
• Fixed memory leak where streaming API response buffers were not released when the generator was terminated early, causing unbounded RSS growth on the Node.js/npm code path(v2.1.74)
• Fixed managed policy ask rules being bypassed by user allow rules or skill allowed-tools(v2.1.74)
• Fixed full model IDs (e.g., claude-opus-4-5) being silently ignored in agent frontmatter model: field and --agents JSON config; agents now accept the same model values as --model(v2.1.74)
• Fixed MCP OAuth authentication hanging when the callback port is already in use(v2.1.74)
• Fixed MCP OAuth refresh never prompting for re-auth after the refresh token expires for OAuth servers that return errors with HTTP 200 (e.g. Slack)(v2.1.74)
• Fixed voice mode silently failing on the macOS native binary for users whose terminal had never been granted microphone permission; the binary now includes the audio-input entitlement so macOS prompts correctly(v2.1.74)
• Fixed SessionEnd hooks being killed after 1.5 s on exit regardless of hook.timeout; this is now configurable via CLAUDE_CODE_SESSIONEND_HOOKS_TIMEOUT_MS(v2.1.74)
• Fixed /plugin install failing inside the REPL for marketplace plugins with local sources(v2.1.74)
• Fixed marketplace update not syncing git submodules; plugin sources in submodules no longer break after update(v2.1.74)
• Fixed unknown slash commands with arguments silently dropping input; the command now shows your input as a warning(v2.1.74)
• Fixed Hebrew, Arabic, and other RTL text not rendering correctly in Windows Terminal, conhost, and VS Code integrated terminal(v2.1.74)
• Fixed LSP servers not working on Windows due to malformed file URIs(v2.1.74)
• [VSCode] Fixed delete button not working for Untitled sessions(v2.1.74)
• Fixed freezes and 100% CPU loops triggered by permission prompts for complex bash commands(v2.1.73)
• Fixed a deadlock that could freeze Claude Code when many skill files changed at once (e.g. during `git pull` in a repo with a large `.claude/skills/` directory)(v2.1.73)
• Fixed Bash tool output being lost when running multiple Claude Code sessions in the same project directory(v2.1.73)
• Fixed subagents with `model: opus`/`sonnet`/`haiku` being silently downgraded to older model versions on Bedrock, Vertex, and Microsoft Foundry(v2.1.73)
• Fixed background bash processes spawned by subagents not being cleaned up when the agent exits(v2.1.73)
• Fixed `/resume` showing the current session in the picker(v2.1.73)
• Fixed `/ide` crashing with `onInstall is not defined` when auto-installing the extension(v2.1.73)
• Fixed `/loop` not being available on Bedrock/Vertex/Foundry and when telemetry was disabled(v2.1.73)
• Fixed SessionStart hooks firing twice when resuming a session via `--resume` or `--continue`(v2.1.73)
• Fixed JSON-output hooks injecting no-op system-reminder messages into the model's context on every turn(v2.1.73)
• Fixed voice mode session corruption when a slow connection overlaps a new recording(v2.1.73)
• Fixed Linux sandbox failing to start with "ripgrep (rg) not found" on native builds(v2.1.73)
• Fixed Linux native modules not loading on Amazon Linux 2 and other glibc 2.26 systems(v2.1.73)
• Fixed "media_type: Field required" API error when receiving images via Remote Control(v2.1.73)
• Fixed `/heapdump` failing on Windows with `EEXIST` error when the Desktop folder already exists(v2.1.73)
• VSCode: Fixed HTTP 400 errors for users behind proxies or on Bedrock/Vertex with Claude 4.5 models(v2.1.73)
• Fixed slow exits when background tasks or hooks were slow to respond.(v2.1.72)
• Fixed agent task progress stuck on "Initializing…".(v2.1.72)
• Fixed skill hooks firing twice per event when a hooks-enabled skill is invoked by the model.(v2.1.72)
• Fixed several voice mode issues: occasional input lag, false "No speech detected" errors after releasing push-to-talk, and stale transcripts re-filling the prompt after submission.(v2.1.72)
• Fixed `--continue` not resuming from the most recent point after `--compact`.(v2.1.72)
• Fixed bash security parsing edge cases.(v2.1.72)
• Fixed several plugin issues: installation failing on Windows with `EEXIST` error in OneDrive folders, marketplace blocking user-scope installs when a project-scope install exists, `CLAUDE_CODE_PLUGIN_CACHE_DIR` creating literal `~` directories, and `plugin.json` with marketplace-only fields failing to load.(v2.1.72)
• Fixed feedback survey appearing too frequently in long sessions.(v2.1.72)
• Fixed `--effort` CLI flag being reset by unrelated settings writes on startup.(v2.1.72)
• Fixed backgrounded Ctrl+B queries losing their transcript or corrupting the new conversation after `/clear`.(v2.1.72)
• Fixed `/clear` killing background agent/bash tasks — only foreground tasks are now cleared.(v2.1.72)
• Fixed worktree isolation issues: Task tool resume not restoring cwd, and background task notifications missing `worktreePath` and `worktreeBranch`.(v2.1.72)
• Fixed `/model` not displaying results when run while Claude is working.(v2.1.72)
• Fixed digit keys selecting menu options instead of typing in plan mode permission prompt's text input.(v2.1.72)
• Fixed sandbox permission issues: certain file write operations incorrectly allowed without prompting, and output redirections to allowlisted directories (like `/tmp/claude/`) prompting unnecessarily.(v2.1.72)
• Fixed prompt cache invalidation in SDK `query()` calls, reducing input token costs up to 12x.(v2.1.72)
• Fixed Escape key becoming unresponsive after cancelling a query.(v2.1.72)
• Fixed double Ctrl+C not exiting when background agents or tasks are running.(v2.1.72)
• Fixed team agents to inherit the leader's model.(v2.1.72)
• Fixed "Always Allow" saving permission rules that never match again.(v2.1.72)
• Fixed several hooks issues: `transcript_path` pointing to the wrong directory for resumed/forked sessions, agent `prompt` being silently deleted from settings.json on every settings write, PostToolUse block reason displaying twice, async hooks not receiving stdin with bash `read -r`, and validation error message showing an example that fails validation.(v2.1.72)
• Fixed session crashes in Desktop/SDK when Read returned files containing U+2028/U+2029 characters.(v2.1.72)
• Fixed terminal title being cleared on exit even when `CLAUDE_CODE_DISABLE_TERMINAL_TITLE` was set.(v2.1.72)
• Fixed several permission rule matching issues: wildcard rules not matching commands with heredocs, embedded newlines, or no arguments; `sandbox.excludedCommands` failing with env var prefixes; "always allow" suggesting overly broad prefixes for nested CLI tools; and deny rules not applying to all command forms.(v2.1.72)
• Fixed oversized and truncated images from Bash data-URL output.(v2.1.72)
• Fixed a crash when resuming sessions that contained Bedrock API errors.(v2.1.72)
• Fixed intermittent "expected boolean, received string" validation errors on Edit, Bash, and Grep tool inputs.(v2.1.72)
• Fixed multi-line session titles when forking from a conversation whose first message contained newlines.(v2.1.72)
• Fixed queued messages not showing attached images, and images being lost when pressing ↑ to edit a queued message.(v2.1.72)
• Fixed parallel tool calls where a failed Read/WebFetch/Glob would cancel its siblings — only Bash errors now cascade.(v2.1.72)
• VSCode: Fixed scroll speed in integrated terminals not matching native terminals.(v2.1.72)
• VSCode: Fixed Shift+Enter submitting input instead of inserting a newline for users with older keybindings.(v2.1.72)
• Fixed stdin freeze in long-running sessions where keystrokes stop being processed but the process stays alive(v2.1.71)
• Fixed a 5–8 second startup freeze for users with voice mode enabled, caused by CoreAudio initialization blocking the main thread after system wake(v2.1.71)
• Fixed startup UI freeze when many claude.ai proxy connectors refresh an expired OAuth token simultaneously(v2.1.71)
• Fixed forked conversations (/fork) sharing the same plan file, which caused plan edits in one fork to overwrite the other(v2.1.71)
• Fixed the Read tool putting oversized images into context when image processing failed, breaking subsequent turns in long image-heavy sessions(v2.1.71)
• Fixed false-positive permission prompts for compound bash commands containing heredoc commit messages(v2.1.71)
• Fixed plugin installations being lost when running multiple Claude Code instances(v2.1.71)
• Fixed claude.ai connectors failing to reconnect after OAuth token refresh(v2.1.71)
• Fixed claude.ai MCP connector startup notifications appearing for every org-configured connector instead of only previously connected ones(v2.1.71)
• Fixed background agent completion notifications missing the output file path, which made it difficult for parent agents to recover agent results after context compaction(v2.1.71)
• Fixed duplicate output in Bash tool error messages when commands exit with non-zero status(v2.1.71)
• Fixed Chrome extension auto-detection getting permanently stuck on "not installed" after running on a machine without local Chrome(v2.1.71)
• Fixed /plugin marketplace update failing with merge conflicts when the marketplace is pinned to a branch/tag ref(v2.1.71)
• Fixed /plugin marketplace add owner/repo@ref incorrectly parsing @ — previously only # worked as a ref separator(v2.1.71)
• Fixed duplicate entries in /permissions Workspace tab when the same directory is added with and without a trailing slash(v2.1.71)
• Fixed --print hanging forever when team agents are configured — the exit loop no longer waits on long-lived in_process_teammate tasks(v2.1.71)
• Fixed "❯ Tool loaded." appearing in the REPL after every ToolSearch call(v2.1.71)
• Fixed prompting for cd <cwd> && git ... on Windows when the model uses a mingw-style path(v2.1.71)
• Fixed API 400 errors when using ANTHROPIC_BASE_URL with a third-party gateway, ensuring tool search correctly detects proxy endpoints and disables tool_reference blocks(v2.1.70)
• Fixed API Error: 400 This model does not support the effort parameter when using custom Bedrock inference profiles or non-standard model identifiers(v2.1.70)
• Fixed empty model responses immediately after ToolSearch caused by server rendering tool schemas with system-prompt-style tags at the prompt tail(v2.1.70)
• Fixed prompt-cache bust occurring when an MCP server with instructions connects after the first turn(v2.1.70)
• Fixed Enter key inserting a newline instead of submitting when typing over a slow SSH connection(v2.1.70)
• Fixed clipboard corrupting non-ASCII text (CJK, emoji) on Windows/WSL by switching to PowerShell Set-Clipboard(v2.1.70)
• Fixed extra VS Code windows opening at startup on Windows when running from the VS Code integrated terminal(v2.1.70)
• Fixed voice mode failing on Windows native binary with "native audio module could not be loaded"(v2.1.70)
• Fixed push-to-talk not activating on session start when voiceEnabled: true was set in settings(v2.1.70)
• Fixed markdown links containing #NNN references incorrectly pointing to the current repository instead of the linked URL(v2.1.70)
• Fixed repeated "Model updated to Opus 4.6" notification when a project's .claude/settings.json had a legacy Opus model string pinned(v2.1.70)
• Fixed plugins showing as inaccurately installed in /plugin(v2.1.70)
• Fixed plugins showing "not found in marketplace" errors on fresh startup by auto-refreshing after marketplace installation(v2.1.70)
• Fixed /security-review command failing with unknown option merge-base on older git versions(v2.1.70)
• Fixed /color command lacking a way to reset to default; /color default, /color gray, /color reset, and /color none now restore the default color(v2.1.70)
• Fixed a performance regression in the AskUserQuestion preview dialog that re-ran markdown rendering on every keystroke in the notes input(v2.1.70)
• Fixed feature flags read during early startup never refreshing their disk cache, causing stale values to persist across sessions(v2.1.70)
• Fixed permissions.defaultMode settings values other than acceptEdits or plan being applied in Claude Code Remote environments (they are now ignored)(v2.1.70)
• Fixed skill listing being re-injected on every --resume, saving approximately 600 tokens per resume(v2.1.70)
• Fixed teleport marker not rendering in VS Code teleported sessions(v2.1.70)
• Fixed a race condition related to MCP OAuth token refreshing when multiple Claude Code instances were running at the same time.(v2.1.59)
• Fixed shell commands that failed to show a clear error message when the working directory had been deleted.(v2.1.59)
• Fixed a security issue where `statusLine` and `fileSuggestion` hook commands could execute without workspace trust acceptance in interactive mode.(v2.1.51)
• Fixed a security issue where HTTP hooks could interpolate arbitrary environment variables from header values; env var interpolation now requires an explicit `allowedEnvVars` list.(v2.1.51)
• Fixed a bug where duplicate `control_response` messages (e.g. from WebSocket reconnects) could cause API 400 errors by pushing duplicate assistant messages into the conversation.(v2.1.51)
• Fixed slash command autocomplete crashing when a plugin's SKILL.md description is a YAML array or other non-string type(v2.1.51)
• Fixed an issue where resumed sessions could be invisible when the working directory contained symlinks due to inconsistent path resolution during startup.(v2.1.50)
• Fixed session data loss upon SSH disconnect by ensuring session data is flushed before hooks and analytics during graceful shutdown.(v2.1.50)
• Fixed native modules failing to load on Linux systems using glibc older than 2.30 (e.g., RHEL 8).(v2.1.50)
• Fixed a memory leak in agent teams where completed teammate tasks were not being garbage collected from session state.(v2.1.50)
• Fixed `CLAUDE_CODE_SIMPLE` mode to correctly strip down skills, session memory, custom agents, and CLAUDE.md token counting.(v2.1.50)
• Fixed the `/mcp reconnect` command from freezing the CLI when provided with a non-existent server name.(v2.1.50)
• Fixed a memory leak where completed task state objects were not being removed from AppState.(v2.1.50)
• Fixed an issue where MCP tools were not discovered when tool search was enabled and a prompt was provided as a launch argument.(v2.1.50)
• Fixed unbounded memory growth in long sessions by capping file history snapshots.(v2.1.50)
• Fixed a memory leak where LSP diagnostic data was not cleaned up after delivery.(v2.1.50)
• Fixed a memory leak where completed task output was not being freed from memory.(v2.1.50)
• Fixed a prompt suggestion cache regression that resulted in lower cache hit rates.(v2.1.50)
• Fixed a memory leak where TaskOutput retained recent lines after cleanup.(v2.1.50)
• Fixed a memory leak in CircularBuffer where cleared items were retained in the backing array.(v2.1.50)
• Fixed a memory leak in shell command execution where ChildProcess and AbortController references were retained after cleanup.(v2.1.50)
• Fixed Ctrl+C and ESC being silently ignored when background agents are running; pressing twice within 3 seconds now kills all background agents.(v2.1.49)
• Fixed prompt suggestion cache regression that was reducing cache hit rates.(v2.1.49)
• Fixed `plugin enable` and `plugin disable` to auto-detect the correct scope when `--scope` is omitted, instead of defaulting to user scope.(v2.1.49)
• Fixed verbose mode not updating the thinking block display when toggled via `/config` by ensuring memo comparators correctly detect verbose changes.(v2.1.49)
• Fixed unbounded WASM memory growth during long sessions by periodically resetting the tree-sitter parser.(v2.1.49)
• Fixed potential rendering issues caused by stale yoga layout references.(v2.1.49)
• Fixed unbounded memory growth during long-running sessions caused by Yoga WASM linear memory never shrinking.(v2.1.49)
• Fixed `disableAllHooks` setting to respect managed settings hierarchy, preventing non-managed settings from disabling policy-set managed hooks.(v2.1.49)
• Fixed the `--resume` session picker showing raw XML tags for sessions starting with commands like `/clear`; it now correctly falls through to the session ID fallback.(v2.1.49)
• Fixed FileWriteTool line counting to preserve intentional trailing blank lines instead of stripping them.(v2.1.47)
• Fixed Windows terminal rendering bugs where line counts showed incorrect values (always 1) due to `os.EOL` (`\r\n`) in display code.(v2.1.47)
• Fixed bold and colored text in markdown output shifting to the wrong characters on Windows due to `\r\n` line endings.(v2.1.47)
• Fixed compaction failing when conversations contain many PDF documents by stripping document blocks alongside images before sending to the compaction API.(v2.1.47)
• Fixed bash tool output being silently discarded on Windows when using MSYS2 or Cygwin shells.(v2.1.47)
• Fixed the bash permission classifier from incorrectly granting permissions based on hallucinated descriptions.(v2.1.47)
• Fixed user-defined agents only loading one file on NFS/FUSE filesystems that report zero inodes.(v2.1.47)
• Fixed plugin agent skills silently failing to load when referenced by bare name instead of fully-qualified plugin name.(v2.1.47)
• Fixed CWD tracking temp files never being cleaned up on Windows, preventing indefinite accumulation.(v2.1.47)
• Fixed API 400 errors ("thinking blocks cannot be modified") in sessions with concurrent agents caused by interleaved streaming content blocks.(v2.1.47)
• Fixed a single file write/edit error from aborting all other parallel file write/edit operations; independent mutations now complete on failure.(v2.1.47)
• Fixed custom session titles set via `/rename` being lost after resuming a conversation.(v2.1.47)
• Fixed collapsed read/search hint text overflowing on narrow terminals by truncating from the start.(v2.1.47)
• Fixed bash commands using backslash-newline continuation lines (`\` followed by newline) producing spurious empty arguments.(v2.1.47)
• Fixed built-in slash commands being hidden from the autocomplete dropdown when many user skills are installed.(v2.1.47)
• Fixed MCP servers not appearing in the MCP Management Dialog after deferred loading.(v2.1.47)
• Fixed session name persisting in status bar after `/clear` command.(v2.1.47)
• Fixed crash when a skill's `name` or `description` in SKILL.md frontmatter is a bare number, by coercing the value to a string.(v2.1.47)
• Fixed `/resume` silently dropping sessions when the first message exceeds 16KB or uses array-format content.(v2.1.47)
• Fixed `claude doctor` misclassifying mise and asdf-managed installations as native installs.(v2.1.47)
• Fixed zsh heredoc failing with "read-only file system" error in sandboxed commands.(v2.1.47)
• Fixed agent progress indicator showing inflated tool use count.(v2.1.47)
• Fixed image pasting not working on WSL2 systems where Windows copies images as BMP format.(v2.1.47)
• Fixed background agent results returning raw transcript data instead of the agent's final answer.(v2.1.47)
• Fixed Warp terminal incorrectly prompting for Shift+Enter setup when it supports it natively.(v2.1.47)
• Fixed CJK wide characters causing misaligned timestamps and layout elements in the TUI.(v2.1.47)
• Fixed custom agent `model` field in `.claude/agents/*.md` being ignored when spawning team teammates.(v2.1.47)
• Fixed plan mode being lost after context compaction, causing the model to switch from planning to implementation mode.(v2.1.47)
• Fixed `alwaysThinkingEnabled: true` in settings.json not enabling thinking mode on Bedrock and Vertex providers.(v2.1.47)
• Fixed `tool_decision` OTel telemetry event not being emitted in headless/SDK mode.(v2.1.47)
• Fixed session name being lost after context compaction; renamed sessions now preserve their custom title through compaction.(v2.1.47)
• Fixed `/resume <session-id>` failing to find sessions whose first message exceeds 16KB.(v2.1.47)
• Fixed "Always allow" on multiline bash commands creating invalid permission patterns that corrupt settings.(v2.1.47)
• Fixed React crash (error #31) when a skill's `argument-hint` in SKILL.md frontmatter uses YAML sequence syntax, by coercing the value to a string.(v2.1.47)
• Fixed crash when using `/fork` on sessions that used web search by gracefully handling null entries in search results.(v2.1.47)
• Fixed read-only git commands triggering FSEvents file watcher loops on macOS by adding --no-optional-locks flag.(v2.1.47)
• Fixed custom agents and skills not being discovered when running from a git worktree; project-level agent/skill directories are now included.(v2.1.47)
• Fixed non-interactive subcommands like `claude doctor` and `claude plugin validate` being blocked inside nested Claude sessions.(v2.1.47)
• Windows: Fixed the same CLAUDE.md file being loaded twice when drive letter casing differs between paths.(v2.1.47)
• Fixed inline code spans in markdown being incorrectly parsed as bash commands.(v2.1.47)
• Fixed teammate spinners not respecting custom spinnerVerbs from settings.(v2.1.47)
• Fixed shell commands permanently failing after a command deletes its own working directory.(v2.1.47)
• Fixed hooks (PreToolUse, PostToolUse) silently failing.(v2.1.47)
• Fixed Agent Teams teammates failing on Bedrock, Vertex, and Foundry by correctly propagating API provider environment variables to tmux-spawned processes.(v2.1.45)
• Resolved sandbox "operation not permitted" errors on macOS when writing temporary files by ensuring the correct per-user temp directory is used.(v2.1.45)
• Fixed a crash in the Task tool (backgrounded agents) caused by a `ReferenceError` upon task completion.(v2.1.45)
• Fixed autocomplete suggestions not being accepted via the Enter key when images have been pasted into the input field.(v2.1.45)
• Fixed skills invoked by subagents incorrectly appearing in the main session context after compaction.(v2.1.45)
• Fixed the accumulation of excessive `.claude.json.backup` files during every startup.(v2.1.45)
• Fixed plugin-provided commands, agents, and hooks not being available immediately after installation without requiring a full restart.(v2.1.45)
• Fixed VS Code terminal scroll-to-top regression introduced in 2.1.37(v2.1.38)
• Fixed Tab key queueing slash commands instead of autocompleting(v2.1.38)
• Fixed bash permission matching for commands using environment variable wrappers(v2.1.38)
• Fixed text between tool uses disappearing when not using streaming(v2.1.38)
• Fixed duplicate sessions when resuming in VS Code extension(v2.1.38)
• Fixed incorrect relative paths shown by @ file completion when running the tool from a subdirectory(v2.1.32)
• Fixed Bash tool throwing "Bad substitution" errors when heredocs contained JavaScript template literals like `${index + 1}`, preventing tool execution(v2.1.32)
• Fixed Thai/Lao spacing vowels (สระ า, ำ) not rendering correctly in the input field(v2.1.32)
• Fixed VSCode issue where slash commands were incorrectly executed when pressing Enter with preceding text in the input field(v2.1.32)
• Fixed phantom "(no content)" text blocks appearing in API conversation history, which reduced token waste and potential model confusion.(v2.1.30)
• Fixed prompt cache not correctly invalidating when tool descriptions or input schemas changed (it previously only invalidated when tool names changed).(v2.1.30)
• Fixed 400 errors that could occur after running `/login` when the conversation contained thinking blocks.(v2.1.30)
• Fixed a hang that occurred when resuming sessions with corrupted transcript files containing `parentUuid` cycles.(v2.1.30)
• Fixed rate limit message showing an incorrect "/upgrade" suggestion for Max 20x users when extra-usage is unavailable.(v2.1.30)
• Fixed permission dialogs stealing focus while the user was actively typing.(v2.1.30)
• Fixed subagents being unable to access SDK-provided MCP tools because they were not synced to the shared application state.(v2.1.30)
• Fixed a regression where Windows users with a `.bashrc` file could not run bash commands.(v2.1.30)
• Fixed duplicate sessions appearing in the VSCode session list when starting a new conversation.(v2.1.30)
• Fixed session compaction issues that could cause resume to load full history instead of the compact summary(v2.1.20)
• Fixed agents sometimes ignoring user messages sent while actively working on a task(v2.1.20)
• Fixed wide character (emoji, CJK) rendering artifacts where trailing columns were not cleared when replaced by narrower characters(v2.1.20)
• Fixed JSON parsing errors when MCP tool responses contain special Unicode characters(v2.1.20)
• Fixed up/down arrow keys in multi-line and wrapped text input to prioritize cursor movement over history navigation(v2.1.20)
• Fixed draft prompt being lost when pressing UP arrow to navigate command history(v2.1.20)
• Fixed ghost text flickering when typing slash commands mid-input(v2.1.20)
• Fixed marketplace source removal not properly deleting settings(v2.1.20)
• Fixed duplicate output in some commands like `/context`(v2.1.20)
• Fixed task list sometimes showing outside the main conversation view(v2.1.20)
• Fixed syntax highlighting for diffs occurring within multiline constructs like Python docstrings(v2.1.20)
• Fixed crashes when cancelling tool use(v2.1.20)
• Fixed the "Context left until auto-compact" warning that failed to disappear after executing the `/compact` command.(v2.1.15)
• Fixed the MCP stdio server timeout issue that prevented the child process from being killed, which previously caused UI freezes.(v2.1.15)
• Fixed excessive MCP connection requests when using HTTP/SSE transports.(v2.1.11)
• Fixed API errors related to orphan tool_result blocks occurring during long sessions with parallel tool calls.(v2.1.9)
• Fixed MCP server reconnection hanging when the cached connection promise fails to resolve.(v2.1.9)
• Fixed Ctrl+Z suspend functionality not working in terminals utilizing the Kitty keyboard protocol (including Ghostty, iTerm2, kitty, and WezTerm).(v2.1.9)
• Fixed a security vulnerability where wildcard permission rules could incorrectly match compound commands containing shell operators.(v2.1.7)
• Fixed false "file modified" errors occurring on Windows due to cloud sync tools or antivirus scanners touching file timestamps without content changes.(v2.1.7)
• Fixed orphaned `tool_result` errors when sibling tools failed during streaming execution.(v2.1.7)
• Fixed context window blocking limit calculation to use the effective context window (reserving space for max output tokens) instead of the full context window.(v2.1.7)
• Fixed a visual glitch where the spinner briefly flashed when running local slash commands like `/model` or `/theme`.(v2.1.7)
• Fixed terminal title animation jitter by utilizing fixed-width braille characters.(v2.1.7)
• Fixed plugins with git submodules not being fully initialized upon installation.(v2.1.7)
• Fixed bash commands failing on Windows when temporary directory paths contained characters like `t` or `n` that were misinterpreted as escape sequences.(v2.1.7)
• [VSCode] Fixed an issue where the `claudeProcessWrapper` setting was incorrectly passing the wrapper path instead of the Claude binary path.(v2.1.7)
• Fixed permission bypass via shell line continuation that could allow blocked commands to execute.(v2.1.6)
• Fixed false "File has been unexpectedly modified" errors when file watchers touch files without changing content.(v2.1.6)
• Fixed text styling (bold, colors) getting progressively misaligned in multi-line responses.(v2.1.6)
• Fixed the feedback panel closing unexpectedly when typing 'n' in the description field.(v2.1.6)
• Fixed rate limit warning appearing at low usage after weekly reset (now requires 70% usage).(v2.1.6)
• Fixed rate limit options menu incorrectly auto-opening when resuming a previous session.(v2.1.6)
• Fixed numpad keys outputting escape sequences instead of characters in Kitty keyboard protocol terminals.(v2.1.6)
• Fixed Option+Return not inserting newlines in Kitty keyboard protocol terminals.(v2.1.6)
• Fixed corrupted config backup files accumulating in the home directory (now only one backup is created per config file).(v2.1.6)
• Fixed mcp list and mcp get commands leaving orphaned MCP server processes.(v2.1.6)
• Fixed visual artifacts in ink2 mode when nodes become hidden via display:none.(v2.1.6)
• [VSCode] Fixed usage indicator not updating after manual compact.(v2.1.6)
• Fixed plan files persisting across `/clear` commands, ensuring a fresh plan file is used after clearing a conversation.(v2.1.3)
• Fixed false skill duplicate detection on filesystems with large inodes (e.g., ExFAT) by implementing 64-bit precision for inode values.(v2.1.3)
• Fixed mismatch between the background task count displayed in the status bar and the items shown in the tasks dialog.(v2.1.3)
• Fixed sub-agents using the incorrect model during conversation compaction.(v2.1.3)
• Fixed web search in sub-agents using the incorrect model.(v2.1.3)
• Fixed trust dialog acceptance when running from the home directory, ensuring trust-requiring features like hooks are enabled for the session.(v2.1.3)
• Fixed a command injection vulnerability in bash command processing where malformed input could execute arbitrary commands(v2.1.2)
• Fixed a memory leak where tree-sitter parse trees were not being freed, causing WASM memory to grow unbounded over long sessions(v2.1.2)
• Fixed binary files (images, PDFs, etc.) being accidentally included in memory when using @include directives in CLAUDE.md files(v2.1.2)
• Fixed updates incorrectly claiming another installation is in progress(v2.1.2)
• Fixed crash when socket files exist in watched directories(v2.1.2)
• Fixed remote session URL and teleport being broken when using /tasks command(v2.1.2)
• Fixed MCP tool names being exposed in analytics events by sanitizing user-specific server configurations(v2.1.2)
• Fixed usage display not updating after manual compact in VSCode(v2.1.2)
• Fixed an issue where the skill's `allowed-tools` configuration was not being applied to tools invoked by that skill(v2.0.74)
• Resolved an issue where the Opus 4.5 tip was incorrectly displayed to users already running Opus(v2.0.74)
• Fixed a potential crash scenario that occurred when syntax highlighting failed to initialize properly(v2.0.74)
• Fixed a visual bug in /plugins discover where the list selection indicator remained visible while the search box was focused(v2.0.74)
• Fixed macOS keyboard shortcuts to correctly display 'opt' instead of 'alt'(v2.0.74)