v2.1.101

Bug Fixes

• Fixed a command injection vulnerability in the POSIX which fallback used by LSP binary detection.
• Fixed a memory leak where long sessions retained dozens of historical copies of the message list in the virtual scroller.
• Fixed resume/continue losing conversation context on large sessions when the loader anchored on a dead-end branch.
• Fixed resume chain recovery bridging into an unrelated subagent conversation when a subagent message landed near a main-chain write gap.
• Fixed a crash on resume when a persisted Edit\/Write tool result was missing its file_path.
• Fixed a hardcoded 5-minute request timeout that aborted slow backends regardless of API_TIMEOUT_MS.
• Fixed permissions.deny rules not overriding a PreToolUse hook's permissionDecision: "ask", preventing hooks from downgrading denies to prompts.
• Fixed setting sources without user causing background cleanup to ignore cleanupPeriodDays and delete history older than 30 days.
• Fixed Bedrock SigV4 authentication failing with 403 when Authorization headers were set via environment variables or helpers.
• Fixed claude -w <name> failing with "already exists" after stale worktree cleanup from a previous session.
• Fixed subagents not inheriting MCP tools from dynamically-injected servers.
• Fixed sub-agents running in isolated worktrees being denied Read\/Edit access to files inside their own worktree.
• Fixed sandboxed Bash commands failing with mktemp: No such file or directory after a fresh boot.
• Fixed claude mcp serve tool calls failing with "Tool execution failed" in MCP clients that validate outputSchema.
• Fixed RemoteTrigger tool's run action sending an empty body and being rejected by the server.
• Fixed several resume picker issues including narrow default view, unreachable preview on Windows Terminal, incorrect cwd, missing session-not-found errors, and terminal title not being set.
• Fixed Grep tool ENOENT when the embedded ripgrep binary path becomes stale; now falls back to system rg and self-heals.
• Fixed \/btw writing a copy of the entire conversation to disk on every use.
• Fixed \/context Free space and Messages breakdown disagreeing with the header percentage.
• Fixed several plugin issues including slash commands resolving incorrectly, \/plugin update failing with ENAMETOOLONG, Discover showing installed plugins, directory-source plugins loading stale cache, and skills not honoring context and agent frontmatter.
• Fixed the \/mcp menu offering OAuth-specific actions for servers configured with headersHelper; Reconnect is now offered instead.
• Fixed ctrl+], ctrl+\, and ctrl+^ keybindings not firing in terminals that send raw C0 control bytes.
• Fixed \/login OAuth URL rendering with padding that prevented clean mouse selection.
• Fixed rendering issues including flicker in non-fullscreen mode, scrollback wiping, and mouse-scroll escape sequences leaking into the prompt.
• Fixed crash when settings.json env values are numbers instead of strings.
• Fixed in-app settings writes not refreshing the in-memory snapshot, preventing removed directories from being revoked mid-session.
• Fixed custom keybindings not loading on Bedrock, Vertex, and other third-party providers.
• Fixed claude --continue -p not correctly continuing sessions created by -p or the SDK.
• Fixed several Remote Control issues including worktrees removed on session crash, connection failures not persisting, spurious Disconnected indicator in brief mode, and \/remote-control failing over SSH when only Organization UUID is set.
• Fixed \/insights sometimes omitting the report file link from its response.
• Fixed the file attachment below the chat input not clearing when the last editor tab is closed in VSCode.