Claude Code version 2.1.202 ships a new 'Dynamic workflow size' configuration setting that advises how large Claude makes dynamic workflows (small/medium/large agent counts). The release adds OpenTelemetry attributes (workflow.run_id and workflow.name) to telemetry from workflow-spawned agents, enabling full reconstruction of workflow runs from OTel data. A large set of bug fixes addresses crashes in history search, mTLS rotation failures, Remote Control command failures, unicode corruption in workflow scripts, and memory/performance issues with git worktrees. The /review command reverts to single-pass mode, with multi-agent review now available via /code-review.
Claude Code version 2.1.193 ships several notable additions: a new autoMode.classifyAllShell setting to route all shell commands through the auto-mode classifier, an OpenTelemetry log event for assistant responses (redacted by default, with opt-in via environment variable), and live file path autocomplete in bash mode. The release also fixes multiple background agent bugs including phantom subagent spawning, spurious cancellation on backgrounding, and agent panel display issues, while improving MCP authentication reconnection on 401/403 errors.
Anthropic released Claude Code version 2.1.199, a patch-heavy update addressing roughly 25 bugs across multi-agent orchestration, background agent lifecycle management, SSL/TLS error handling, and streaming response reliability. Key fixes include subagents silently swallowing errors or partial work on rate-limit/server failures, a Linux daemon self-termination bug every ~50 seconds after unclean shutdown, and a macOS SSH cold-start regression from 2.1.196. The release also improves retry behavior for transient 429 errors and raises default retry counts via CLAUDE_CODE_RETRY_WATCHDOG.
Anthropic released Claude Code version 2.1.196 with a notable security fix preventing untrusted workspace .mcp.json servers from auto-spawning, and added support for organization-level default model configuration via the admin console. The release includes significant background agent reliability improvements — long-running workflows now survive process restarts on all platforms including Windows — plus a streaming idle watchdog enabled by default that aborts and retries stalled response streams after 5 minutes. Numerous bug fixes address agent session state management, MCP OAuth scope handling, PowerShell compatibility, and a /code-review token usage reduction of ~25%.
Claude Code version 2.1.183 introduces auto-mode safety guardrails that block destructive git and infrastructure commands (git reset --hard, terraform destroy, etc.) unless explicitly requested, and prevents amending commits not made by the agent in the current session. The release also adds a deprecated-model warning on stderr, a new attribution.sessionUrl config option, and fixes a range of bugs including empty WebSearch results in subagents, fullscreen TUI corruption on Windows Terminal, MCP auth-stub tool exposure in headless mode, and scheduled task triggers incorrectly acting as keyboard input.
Anthropic released Claude Code CLI version 2.1.205, a patch addressing roughly 15 bugs and adding several improvements. Notable safety-relevant changes include a new auto-mode rule blocking tampering with session transcript files, explicit notifications that background task approvals require human input (preventing fabricated in-transcript approvals), and a prompt before running unresolvable `rm -rf` commands. Infrastructure improvements include streaming binary downloads that cut updater peak memory usage by ~400 MB, and the `/doctor` command is now a full diagnostic and repair tool.
Anthropic released Claude Code version 2.1.203, a substantial patch addressing over 25 bugs primarily affecting background agent sessions, subagent orchestration, and worktree isolation. Key fixes include automatic recovery when daemon session tokens go stale, correct subagent state carry-over when returning to sessions, and PATH/environment variable inheritance issues on Windows. The release also adds MCP roots/list integration for working directories and improves streaming responsiveness.
Anthropic released Claude Code version 2.1.187 with a mix of security, reliability, and UX improvements. Notable additions include a sandbox.credentials setting to block credential file access in sandboxed commands, org-level model restriction enforcement in the model picker, and mouse click support in fullscreen menus. Key bug fixes address remote MCP tool calls hanging indefinitely (now abort after 5 minutes), subagent depth tracking on resume, leaked agent worktree registrations, and CJK text mojibake in certain terminals.
Anthropic released Claude Code version 2.1.176 with a mix of new features and bug fixes. Notable additions include session titles generated in the conversation language, a new footerLinksRegexes setting, and improved AWS Bedrock credential caching. Key fixes address model allowlist enforcement (alias models can no longer bypass blocked-model restrictions), auto-mode fallback for organizations without Opus 4.8 enabled, hook path pattern matching, and numerous Remote Control and background-session reliability issues across Linux, Windows, and tmux environments.