Update log.

[PATCH] Claude Code 2.1.196 · Organization admins can now set a default model that shows as 'Org default' in `/model`, sessions get readable default names at start, and chat file attachments are Cmd/Ctrl-clickable to reveal them in Finder/Explorer. Background sessions and agents are far more reliable — long-running commands and workflows now survive the process being stopped, restarted, or updated, and workers killed by a daemon restart auto-resume. Fixes include waking a background job no longer deleting its conversation, several `claude agents` side panel issues, and `/context` showing 0 tokens for all tool groups on Bedrock.

[NEW] Claude in Microsoft Foundry is now generally available · Claude models are now generally available in Microsoft Foundry, hosted on Azure. Claude runs in your Azure environment with the authentication, billing, and governance controls your teams already use, and you can choose where inference is processed, including a US data zone for teams with data residency requirements. Claude Opus 4.8 and Claude Haiku 4.5 are available, with support for the Messages API, prompt caching, and extended thinking.

[NEW] Introducing the Claude apps gateway — centrally manage Claude Code on Amazon Bedrock and Google Cloud · The Claude apps gateway is a self-hosted control plane for managing Claude Code deployments on Amazon Bedrock and Google Cloud. It provides corporate SSO sign-in, centrally managed settings enforced on every request, and per-user cost attribution, and ships as a stateless container within the existing claude binary. It supports OIDC-based authentication, control over allowed models, and spend caps per organization, group, or user.

[PATCH] Claude Code 2.1.195 · A new CLAUDE_CODE_DISABLE_MOUSE_CLICKS environment variable disables mouse click, drag, and hover in fullscreen mode while keeping wheel scroll. Hook matchers with hyphenated identifiers (code-reviewer, mcp__brave-search) that accidentally substring-matched now exact-match, and voice dictation fixes cover macOS capturing silence after the default input device changes plus auto-submit never firing for languages written without spaces (Japanese, Chinese, Thai). Background agent fixes address jobs disappearing from claude agents when written by a newer version, blank screens when reopening crashed tasks, and daemons running unreachable when the control socket fails to start.

[PATCH] Claude Code 2.1.193 · A new autoMode.classifyAllShell setting routes all Bash/PowerShell commands through the auto-mode classifier, and a claude_code.assistant_response OpenTelemetry log event now carries the model's response text. Bash mode (!) gains live file path autocomplete, and a startup notice points at /mcp when MCP servers need authentication. A cluster of backgrounding and agent-panel regressions gets cleaned up — backgrounding (←←) no longer spuriously cancels when all tasks carry over, and a phantom subagent that re-ran the main conversation is gone. Note that the assistant_response log starts capturing response content on upgrade for deployments that already log prompts.

[PATCH] Claude Code 2.1.191 · `/rewind` now supports resuming a conversation from before `/clear` was run. CPU usage during streaming responses drops by ~37% by coalescing text updates to 100ms, and sandbox network hosts you allow with "Yes" are remembered for the rest of the session instead of re-prompting on every connection. MCP capability discovery and OAuth now retry transient network errors, and a batch of bug fixes lands: stopped background agents no longer resurrect, and hooks with comma-separated matchers (e.g. "Bash,PowerShell") no longer silently fail to fire.

[PATCH] Claude Code 2.1.187 · A security- and stability-focused release. A new sandbox.credentials setting blocks sandboxed commands from reading credential files and secret environment variables, org-configured model restrictions now apply to the model picker, --model, /model, and ANTHROPIC_MODEL, and select menus gain mouse click support in fullscreen mode. Remote MCP tool calls that hung with no response for 5 minutes now abort with an error instead of blocking indefinitely, alongside fixes for mojibake on pasted Korean/CJK text, --resume failing on empty -p runs, and a batch of resume, remote, and terminal stability issues.

[NEW] Introducing Claude Tag — work with @Claude in your Slack channels · Claude Tag is a new way for teams to work with Claude. Tag @Claude in a Slack channel to delegate a task, and it completes work autonomously while keeping context across the channel's conversations. Everyone in a channel works with the same Claude, it learns from channel history and connected data, and you can hand off work asynchronously. Built on Opus 4.8 and available in beta for Claude Enterprise and Team customers.

[PATCH] Claude Code 2.1.186 · New claude mcp login and claude mcp logout commands authenticate MCP servers from the CLI without opening the interactive /mcp menu, with --no-browser stdin redirect for completing over SSH. ! bash commands now trigger Claude to respond to the output automatically (set respondToBashCommands: false to keep the previous context-only behavior), and /workflows gains status filtering (f) plus a Skills section in the /plugin Installed tab. Background subagents now surface permission prompts in the main session instead of auto-denying, Agent(type) deny rules are now enforced for named subagent spawns, streaming requests no longer fail with "Content block not found" after the machine wakes from sleep, and several claude agents display issues are fixed.

[PATCH] Claude Code 2.1.183 · Auto mode safety is tightened: destructive git commands (`git reset --hard`, `git clean -fd`, and more) and `terraform destroy`/`pulumi destroy`/`cdk destroy` are now blocked unless you asked to discard work or named the specific stack. A warning now flags deprecated or auto-updated models, an `attribution.sessionUrl` setting omits the claude.ai session link from commits and PRs, and `/config --help` lists the shorthand keys. Fixes land for `thinking.disabled.display` 400 errors on subagent spawns, WebSearch returning empty results in subagents, fullscreen TUI corruption in Windows Terminal, and background tasks being killed when a teammate finishes a turn.

[NEW] Claude Code now supports artifacts — turn session work into live web pages · Claude Code can now turn session work into artifacts — live, shareable web pages built from full session context. Ask for a PR walkthrough, dashboard, or incident timeline, and the open page refreshes in place when Claude Code updates it. Artifacts are private by default and viewable only by authenticated members of your org, available in beta for Claude Team and Enterprise orgs.

[PATCH] Claude Code 2.1.181 · A new `/config key=value` syntax sets any setting straight from the prompt (e.g. `/config thinking=false`), working in interactive, `-p`, and Remote Control. A `CLAUDE_CLIENT_PRESENCE_FILE` environment variable suppresses mobile push notifications while you're at the machine, the bundled Bun runtime moves to 1.4, and long paragraphs now stream line-by-line instead of waiting for the first line break. A large batch of fixes lands across startup (a ~120ms regression, a 15-second blank-terminal hang), Write/Edit producing 0-byte files on network drives, prompt caching not reading on custom `ANTHROPIC_BASE_URL` and Foundry, macOS error -600 auth failures, and terminal rendering.

[NEW] Claude Design now stays on brand for daily work · Claude Design now imports your design system — from GitHub repos, design files, or raw uploads — so Claude builds with your components and validates against your system. New /design-sync and /design commands connect it to Claude Code, the editor gains rich layout controls and hundreds of stability fixes, usage limits are now shared with chat, Claude Cowork, and Claude Code, and connectors expand to Adobe, Base44, Canva, Gamma, Lovable, Miro, Replit, Vercel, and Wix.

[NEW] Workload Identity Federation is now generally available on the Claude Platform · Workload Identity Federation is generally available on the Claude Platform, letting developers authenticate with short-lived, scoped credentials from OIDC-compliant identity providers instead of static API keys. Federation rules bind external identities — AWS IAM, GCP, Azure, Kubernetes, GitHub Actions, Okta — to service accounts that issue tokens at request time across all Claude API endpoints.

[PATCH] Claude Code 2.1.179 · Mid-stream connection drops now preserve partial responses instead of showing a raw error, and the spinner no longer gets stuck at "running tool". This release also fixes a WSL2 mouse-wheel scrolling regression from 2.1.172, a sandbox denyRead/allowRead glob over a large directory tree that made the Bash tool description enormous and froze Linux sessions, and the welcome screen stacking multiple promotional banners, alongside improved plugin loading performance in remote sessions.

[PATCH] Claude Code 2.1.178 · Permission rules gain `Tool(param:value)` syntax (with `*` wildcard) to match a tool's input parameters — e.g. `Agent(model:opus)` to block Opus subagents. Skills in nested `.claude/skills` directories now load automatically when working on files there, and on a name clash the nested one is exposed as `<dir>:<name>` so both stay available. Plus a wide round of fixes — a CLI OOM crash when a parent process leaks a stale websocket/OAuth file-descriptor env var, `claude agents` workers failing with `401 Invalid bearer token` under custom API gateways, compaction not honoring `--fallback-model`, and MCP server-level specs in subagent `disallowedTools` being silently ignored.

[PATCH] Claude Code 2.1.176 · Session titles are now generated in the language of your conversation, and a new `footerLinksRegexes` setting adds regex-matched link badges to the footer. Bedrock credentials from `awsCredentialExport` are cached until their `Expiration` instead of a fixed hour. Plus a wide round of fixes — `ANTHROPIC_DEFAULT_*_MODEL` redirecting alias picks to blocked models, auto mode failing on Fable 5 for orgs without Opus 4.8, hook `if` conditions like `Edit(src/**)` not matching, and regressions across Remote Control, background sessions, and agents.

[PATCH] Claude Code 2.1.174 · The VS Code `/usage` dialog now breaks down usage by cache misses, long context, subagents, and per-skill/agent/plugin/MCP attribution. The `/model` picker no longer hides the model family that Default resolves to — Opus, Sonnet, and pay-as-you-go API rows now appear correctly. Regressions across models, auth, and background sessions are fixed, including Bedrock GovCloud regions deriving the wrong inference profile prefix and background sessions inheriting another session's `ANTHROPIC_*` provider env.

[PATCH] Claude Code 2.1.172 · Sub-agents can now spawn their own sub-agents up to 5 levels deep. Amazon Bedrock reads the AWS region from ~/.aws config files when AWS_REGION isn't set, matching AWS SDK precedence, and a search bar lands when browsing a marketplace's plugins in /plugin. Sessions using 1M context without usage credits no longer get permanently stuck — they automatically compact back under the standard context limit. A batch of model-selection fixes also lands: availableModels restrictions now apply to subagent model overrides and the dispatch model picker, and WebFetch(domain:*.example.com) wildcard domain rules now actually match subdomains.

[NEW] Claude Fable 5 and Claude Mythos 5 · Anthropic released Claude Fable 5 and Claude Mythos 5 on June 9, 2026. Fable 5 is a Mythos-class model made safe for general use — state-of-the-art on nearly all tested benchmarks, with the `claude-fable-5` model ID. Mythos 5 is identical with cybersecurity safeguards lifted, available in limited release through Project Glasswing. Both support a 1M token context window and up to 128k output tokens by default, priced at $10/$50 per MTok. When a safety classifier declines a request, the Messages API returns stop_reason: "refusal" as an HTTP 200, and the fallbacks parameter (beta) or SDK middleware retries on another Claude model.

[NEW] What's new in Claude Managed Agents — scheduled deployments and environment variables in vaults · Two capabilities land in public beta on the Claude Platform. Scheduled deployments give an agent a cron schedule — each time the schedule fires, the agent starts a new session and completes its task, with no scheduler for you to build or host. Environment variables in vaults store API keys tied to specific approved domains: the agent never sees your key because the sandbox only holds a placeholder, and the real key is attached at the network boundary, only on requests to domains you allow. Supports the Browserbase, KERNEL, Notion, Ramp, and Sentry CLIs plus any CLI using HTTP authentication.

[PATCH] Claude Code 2.1.169 · The new `--safe-mode` flag (and `CLAUDE_CODE_SAFE_MODE` env) starts Claude Code with all customizations (CLAUDE.md, plugins, skills, hooks, MCP servers) disabled for troubleshooting, and `/cd` moves a session to a new working directory without breaking the prompt cache. `disableBundledSkills` (and `CLAUDE_CODE_DISABLE_BUNDLED_SKILLS`) hides bundled skills, workflows, and built-in slash commands from the model. Fixes for enterprise managed MCP policies (`allowedMcpServers`/`deniedMcpServers`) not being enforced on reconnect or IDE-typed configs, Up/Down arrows jumping past wrapped rows of a long input, a 30-50ms per-turn UI stall on macOS with claude.ai credentials, and `claude -p` being slow on Windows (regression in 2.1.161) also land.

[NEW] Claude in Apple's Foundation Models framework · Anthropic released a Swift package that lets Apple developers use Claude through Apple's Foundation Models framework. The framework gives developers access to tap into models natively from Swift and can return typed Swift values through guided generation in as few as three lines of code. Apps can use on-device models for simple tasks, then hand off to Claude when workflows require multi-step reasoning or code generation, with streaming, tool calls, and structured responses flowing back into your SwiftUI view. Supports iOS 27, iPadOS 27, macOS 27, visionOS 27, and watchOS 27; an Anthropic API key is required.

[PATCH] Claude Code 2.1.166 · The new `fallbackModel` setting takes up to three fallback models tried in order when the primary is overloaded or unavailable, and `--fallback-model` now also applies to interactive sessions. Deny rules accept glob patterns in the tool-name position (`"*"` denies all tools), and messages relayed via `SendMessage` from other Claude sessions no longer carry user authority. `MAX_THINKING_TOKENS=0`, `--thinking disabled`, and the per-model thinking toggle now disable thinking on default-thinking models via the Claude API, and Claude Code retries a turn once on the fallback model when the API returns an unexpected non-retryable error. Plus fixes for remote sessions stuck during worker registration, JetBrains 2026.1+ terminal flicker, Shift+non-ASCII characters dropped under the Kitty keyboard protocol, and managed settings whose single invalid entry silently disabled enforcement of the rest.

[PATCH] Claude Code 2.1.163 · Claude Code 2.1.163 lands enterprise version pinning, plugin listing, and several agent-loop ergonomics. `requiredMinimumVersion` and `requiredMaximumVersion` managed settings refuse to start outside an approved range, `/plugin list` lists installed plugins with `--enabled`/`--disabled` filters, and Stop and SubagentStop hooks can return `hookSpecificOutput.additionalContext` to keep the turn going. stdio MCP servers now receive `CLAUDE_CODE_SESSION_ID` on `--resume`. The release also fixes `claude -p` hanging on backgrounded commands, a `$TMPDIR` override regression from 2.1.154, org-managed permission rules missing parts of startup, and a broad sweep of background-session, Windows, and terminal-UI bugs.

[PATCH] Claude Code 2.1.162 · `claude agents --json` now includes `waitingFor` showing what a waiting session is blocked on, and `--tools` finally provides the dedicated Grep/Glob tools on native builds when you list them. Slash command autocomplete clicks now fill the prompt instead of running immediately, and Remote Control moves from a startup message to a persistent footer pill. Plus a round of fixes for silent startup hangs on read-only config dirs, WebFetch permission rules being skipped for preapproved domains, and Windows permission rules never matching backslash paths.

[PATCH] Claude Code 2.1.161 · `OTEL_RESOURCE_ATTRIBUTES` values are now included as labels on metric datapoints so usage can be sliced by custom dimensions like team or repo, and a failed Bash in a parallel tool batch no longer cancels its siblings. Fullscreen Linux clipboard now uses `wl-copy`/`xclip`/`xsel` and copies to both the clipboard and PRIMARY selection. Plus fixes for `claude mcp` printing secrets to the terminal and the `forceLoginOrgUUID`/`forceLoginMethod` managed-settings regression (2.1.146) that blocked Bedrock, Vertex, Foundry, and Mantle sessions.

[PATCH] Claude Code 2.1.160 · Claude Code 2.1.160 lands a security tightening and a workflow-trigger rename. The release adds confirmation prompts before writes to shell startup files (`.zshenv`, `.zlogin`, `.bash_login`) and build-tool config files that grant code execution (`.npmrc`, `bunfig.toml`, and similar), and renames the dynamic-workflow trigger keyword from `workflow` to `ultracode`. Edit no longer requires a separate Read after a single-file `grep`/`egrep`/`fgrep`, and the release lands a broad sweep of `claude agents`, background-session, Windows/WSL clipboard, voice-mode, and auto-mode classifier fixes.

[PATCH] Claude Code 2.1.157 · Claude Code 2.1.157 auto-loads plugins from `.claude/skills` directories with no marketplace required, adds `claude plugin init <name>` to scaffold a new plugin in place, and ships autocomplete for `/plugin` arguments. `claude agents` dispatched sessions now honor the `agent` field in `settings.json`, `EnterWorktree` can switch between Claude-managed worktrees mid-session, and worktrees are left unlocked when the agent finishes. The release also fixes a broad set of bugs across background sessions, `--resume`, worktrees, the `/model` picker, terminal rendering, WSL image paste, and the VS Code / Cursor / Windsurf integrated terminals.

[PATCH] Claude Code 2.1.154 · Claude Code 2.1.154 brings Opus 4.8 (now defaulting to high effort, with `/effort xhigh` for your hardest tasks) and dynamic workflows (`/workflows`) to Claude Code. Fast mode on Opus 4.8 ships at 2x the standard rate for 2.5x the speed, and the lean system prompt becomes the default for most models. It also adds `! <command>` background shell sessions in `claude agents`, plugin `defaultEnabled: false`, a cleanup-only `/simplify`, and a broad sweep of background-session, security, and terminal-UI bug fixes.

[PATCH] Claude Code 2.1.153 · `/model` now saves your selection as the new-session default (matching the IDE); `s` in the picker switches the current session only — reversing the 2.1.144 `d` behavior and requiring a keybinding rename. Security fixes close a regression where a custom API gateway could receive the user's Anthropic OAuth credential, and subagent frontmatter MCP servers now respect `--strict-mcp-config` and enterprise managed policies. Other fixes cover `skipLfs` for `github`/`git` marketplace sources, `COLUMNS`/`LINES` env vars in status line, macOS Privacy & Security persistence, background sessions, and the Windows installer.

[NEW] Claude Opus 4.8 · Claude Opus 4.8 builds on Claude Opus 4.7 with improvements across benchmarks and is a more effective collaborator, available today for the same price. It targets long-horizon agentic coding with better long-context handling and compaction recovery, more reliable effort calibration, and better tool triggering. The model ID is claude-opus-4-8; it supports the 1M token context window by default on the Claude API, Amazon Bedrock, and Vertex AI, with 128k max output tokens.

[NEW] Dynamic workflows in Claude Code · Claude breaks a problem into subtasks and fans them out across tens to hundreds of subagents running in parallel, dynamically writing orchestration scripts that run in a single session and checking its work before anything reaches you. It targets broad work like codebase-wide bug hunts and security audits and large migrations spanning thousands of files, verifying each result before folding it into the final answer. Available as a research preview on Max, Team, and Enterprise plans.

[PATCH] Claude Code 2.1.152 · `/code-review --fix` now applies review findings to the working tree, and `/simplify` is folded into it. New: `disallowed-tools` in skill and slash-command frontmatter, `/reload-skills`, `SessionStart` `reloadSkills` and `sessionTitle`, and a `MessageDisplay` hook event. An unfound primary model now switches the session to `--fallback-model` instead of failing every request, and Auto mode no longer requires opt-in. Other fixes cover Vim NORMAL-mode `/` reverse history, `/usage` including large session files, plugin MCP dedup, remote MCP under egress proxy, markdown tables, and the post-response timer waiting for backgrounded agents.

[PATCH] Claude Code 2.1.149 · `/usage` now breaks limit consumption down by skills, subagents, plugins, and per-MCP-server cost. The `/diff` detail view is keyboard-scrollable, markdown output renders GFM task lists as checkboxes, and enterprise gets the new `allowAllClaudeAiMcps` managed setting. Four permission-model gaps are closed, along with `find` exhausting the macOS file/vnode table and a wide bug-fix sweep across the transcript view, `/feedback`, `/insights`, `/config`, and the status bar.

[PATCH] Claude Code 2.1.147 · Added the `Workflow` tool for deterministic multi-agent orchestration, off by default and enabled with `CLAUDE_CODE_WORKFLOWS=1`. Pinned background sessions in `claude agents` now stay alive when idle and are restarted in place to apply updates. Renamed `/simplify` to `/code-review` — it now reports correctness bugs at a chosen effort level with `--comment` for inline PR comments. REPL and Workflow tool sandboxes are hardened, the auto-updater reports error category and OS code on failure, and a managed-settings bypass was closed where `forceLoginOrgUUID` and `forceLoginMethod` weren't enforced against third-party-provider and API-key sessions.

[PATCH] Claude Code 2.1.145 · Added `claude agents --json` to list live sessions as JSON for scripting. `claude_code.tool` OTEL spans now include `agent_id` and `parent_agent_id` so background subagent traces nest correctly. Status line JSON now includes GitHub repo and PR information, and `/plugin` Discover/Browse screens show commands, agents, skills, hooks, and MCP/LSP servers before installation. Fixed a permission-prompt bypass where bare variable assignments to non-allowlisted environment variables in Bash were auto-approved, along with MCP slash-command validation, spinner freezing after terminal resize, and the Read tool now returning a truncated PARTIAL view instead of a hard error on oversized reads.

[PATCH] Claude Code 2.1.144 · Added `/resume` support for background sessions (marked `bg` in the picker). `/model` now changes the current session only — press `d` in the model picker for the new-session default. Renamed "extra usage" to "usage credits" (`/extra-usage` → `/usage-credits`, old name still works). 50+ bug fixes including startup hanging up to 75s on unreachable `api.anthropic.com`, garbled terminal output after window resize, `/model` changes not applying after startup, MCP `tools/list` pagination returning only the first page, and a regression where the Skill tool failed in headless mode.

[NEW] Claude Managed Agents — Self-hosted sandboxes and MCP tunnels · Claude Managed Agents now supports self-hosted sandboxes (public beta) and MCP tunnels (research preview). The agent orchestration loop stays on Anthropic infrastructure while tool execution runs in customer infrastructure or with managed sandbox providers — Cloudflare, Daytona, Modal, Vercel — and agents reach private-network MCP servers through a lightweight gateway with a single outbound connection, no inbound firewall rules required.

[PATCH] Claude Code 2.1.143 · Added plugin dependency enforcement (`claude plugin disable`/`enable` understand dependency chains), projected context cost in the `/plugin` marketplace browse pane, a `worktree.bgIsolation: "none"` setting for repos where worktrees are impractical, `-ExecutionPolicy Bypass` for the PowerShell tool, model and effort preservation across background-session wakeups, and auto mode in the Shift+Tab cycle. Bug fixes cover a corrupt `.credentials.json` hanging startup, stop hooks looping forever, macOS background sessions failing under Full Disk Access folders, and `git worktree remove` no longer falling back to `rm -rf`.

[PATCH] Claude Code 2.1.142 · Added new `claude agents` flags — `--add-dir`, `--settings`, `--mcp-config`, `--plugin-dir`, `--permission-mode`, `--model`, `--effort`, and `--dangerously-skip-permissions` — to configure dispatched background sessions. Fast mode now uses Opus 4.7 by default (set `CLAUDE_CODE_OPUS_4_6_FAST_MODE_OVERRIDE=1` to pin to Opus 4.6). Plugins with a root-level `SKILL.md` and no `skills/` subdirectory are now surfaced as a skill, the `/plugin` details pane and `claude plugin details` show LSP servers a plugin provides, and `/web-setup` warns before replacing an existing GitHub App connection. Bug fixes span `MCP_TOOL_TIMEOUT` not raising the per-request fetch timeout for remote HTTP and SSE MCP servers, background sessions disappearing and daemon reconnect failing after macOS sleep/wake, the daemon not exiting cleanly after `brew upgrade`, plus a wide sweep of `claude agents`, plugin, session-title, and UI regressions.

[PATCH] Claude Code 2.1.141 · Added `terminalSequence` to hook JSON output so hooks can emit desktop notifications, window titles, and bells without a controlling terminal, `CLAUDE_CODE_PLUGIN_PREFER_HTTPS` to clone GitHub plugin sources over HTTPS instead of SSH, `ANTHROPIC_WORKSPACE_ID` for workload identity federation, and `claude agents --cwd <path>` to scope sessions to a directory. `/feedback` can now include recent sessions (last 24 hours or 7 days), and the Rewind menu adds "Summarize up to here" to compress earlier context. Bug fixes span background side-queries sending an unavailable Haiku model ID on Bedrock/Vertex/Foundry/gateway, Remote Control MCP connectors failing with 401 during worker token rotation, `claude plugin install` failing on stale marketplace refs, MCP HTTP/SSE 403s being shown as `failed` instead of `needs auth`, and a wide sweep of auth, session, MCP, plugin, and UI regressions.

[PATCH] Claude Code 2.1.140 · Agent tool `subagent_type` matching now accepts case- and separator-insensitive values (e.g. "Code Reviewer" resolves to `code-reviewer`), and plugins now warn when a default component folder (e.g. `commands/`) is silently ignored because `plugin.json` sets the matching key. Bug fixes cover `/goal` silently hanging under `disableAllHooks` / `allowManagedHooksOnly`, a settings hot-reload regression on symlinked files, `claude --bg` connection drops at idle-exit, remote managed settings not retrying on 401, the managed `extraKnownMarketplaces` auto-update policy not being persisted, `Read` tool validation on whitespace-padded `offset` strings, and a Windows event-loop stall caused by missing executables.

[PATCH] Claude Code 2.1.139 · Adds the agent view (Research Preview) for tracking every Claude Code session in one place, and a `/goal` command that keeps Claude working across turns until a completion condition is met. Hooks gain an exec form (`args: string[]`) and a `PostToolUse` `continueOnBlock` option, MCP stdio servers now receive `CLAUDE_PROJECT_DIR`, and `/mcp` Reconnect picks up `.mcp.json` edits without a restart. Note: Remote Control, `/schedule`, claude.ai MCP connectors, and notification preferences are now disabled whenever `ANTHROPIC_API_KEY` / `apiKeyHelper` / `ANTHROPIC_AUTH_TOKEN` is set, even alongside a Claude.ai login.

[NEW] Agent view in Claude Code · Agent view is a centralized interface inside the Claude Code CLI for managing multiple concurrent agent sessions. Now in Research Preview, it lets developers see which agents need input, are actively working, or have completed tasks — and scale up background work via peek, `/bg`, and `claude --bg`.

[NEW] Claude Platform on AWS is now generally available · The Claude Platform on AWS — Anthropic-operated, accessed via AWS IAM with CloudTrail audit logging and a single AWS invoice — is generally available. AWS customers get day-one access to all native Claude API features, including Claude Managed Agents (beta), Advisor strategy (beta), Files API (beta), Skills (beta), and the MCP connector (beta), with Claude Opus 4.7, Sonnet 4.6, and Haiku 4.5 available at launch.

[PATCH] Claude Code 2.1.136 · Session quality survey is re-enabled for OTEL enterprises via `CLAUDE_CODE_ENABLE_FEEDBACK_SURVEY_FOR_OTEL`, and `settings.autoMode.hard_deny` lets classifier rules block actions unconditionally. WSL2 image paste now falls back to PowerShell when xclip/wl-paste are unavailable. Plus a wide round of fixes — MCP servers disappearing after `/clear`, login loops from concurrent OAuth token writes, and plan mode failing to block writes when an `Edit(...)` allow rule matched.

[PATCH] Claude Code 2.1.133 · A new `worktree.baseRef` setting (`fresh` | `head`) lets you choose whether worktrees branch from `origin/<default>` or local `HEAD`, and hooks and Bash commands can now read the active effort level via `$CLAUDE_EFFORT`. Plus fixes for a refresh-token race that dead-ended parallel sessions at 401, MCP OAuth ignoring `HTTP(S)_PROXY`/mTLS across discovery and token refresh, and subagents failing to discover project, user, or plugin skills.

[PATCH] Claude Code 2.1.132 · `CLAUDE_CODE_SESSION_ID` is now exposed to Bash subprocesses, and `CLAUDE_CODE_DISABLE_ALTERNATE_SCREEN=1` lets you opt out of the fullscreen renderer. Plus a wide round of stability fixes — graceful shutdown on external SIGINT, blank fullscreen after sleep/wake, 10GB+ RSS growth from stdio MCP servers, scroll regressions in Cursor/VS Code/JetBrains terminals, and Bedrock/Vertex 400s when `ENABLE_PROMPT_CACHING_1H` is set.

[PATCH] Claude Code 2.1.129 · `--plugin-url` loads a `.zip` plugin straight from a URL, and Homebrew/WinGet installs can self-upgrade in the background. Ctrl+R history is back to searching all projects by default, and Gateway `/v1/models` discovery is now opt-in via env var. Plus fixes for 1-hour prompt cache TTL silently downgrading, OAuth logouts after wake-from-sleep, and `/context` wasting ~1.6k tokens per call.

[NEW] What's new in Claude Managed Agents — Dreaming, Outcomes, Multiagent, Webhooks · A month after the April 8 beta launch, Managed Agents added two new features and promoted three from research preview to public beta. Dreaming (research preview) curates memory between sessions for self-improvement, and outcomes, multiagent orchestration, memory, and webhooks all ship as public beta.

[NEW] Claude Financial Services Agents — 10 templates, Moody's MCP, and 17 data connectors · Ten ready-to-run financial services agents — pitch builder, KYC screener, month-end closer, and more — ship as plugins in Claude Cowork and Claude Code, and as cookbooks for Claude Managed Agents. A Moody's MCP app brings proprietary credit ratings and data on 600M+ companies, and 17 data partners are integrated alongside.

[NEW] Claude for Microsoft 365 — Excel, PowerPoint, and Word now GA, Outlook joins in beta · The Claude add-ins for Excel, PowerPoint, and Word are generally available on all paid plans, and Claude for Outlook joins in public beta. Once installed, context carries automatically between apps so a model built in Excel can become a PowerPoint deck or a Word memo without re-explaining inputs, assumptions, or calculation flow.

[PATCH] Claude Code 2.1.128 · `--channels` now works with console (API key) authentication, and `/mcp` shows per-server tool counts and flags zero-tool servers. `OTEL_*` environment variables no longer leak into subprocesses, and `EnterWorktree` branches from local HEAD as documented. Plus fixes for falsely-blocked 1M-context sessions, parallel shell tool regressions, sub-agent cache misses, and more.

[NEW] Claude Security Enters Public Beta · Anthropic launched Claude Security in public beta — a Claude Opus 4.7-powered tool that scans codebases for vulnerabilities and generates targeted patches. Available directly at claude.ai/security and embedded in CrowdStrike, Microsoft Security, Wiz, and other platforms. Currently for Claude Enterprise customers; Claude Team and Max coming soon.

[NEW] Claude Platform on AWS Announced (Coming Soon) · AWS announced Claude Platform on AWS — a new way to use Anthropic's native Claude Platform with AWS credentials, billing, and access controls. It sits alongside Claude on Amazon Bedrock as a second path with different data-residency tradeoffs.

[NEW] Running Claude Cowork in Amazon Bedrock · AWS published the official guide to running Claude Cowork on Amazon Bedrock — reuse the same Bedrock infrastructure you built for Claude Code to bring Claude to every knowledge worker, inside your AWS perimeter.

[NEW] Claude for Word · A Microsoft Word add-in that brings Claude into your document — with native tracked changes, template-aware drafting, and consistency checks.

[NEW] Claude Design by Anthropic Labs · Collaborative visual creation with Claude — designs, interactive prototypes, presentations, and more through conversation.

[NEW] Claude Opus 4.7 · A new Opus model with significant gains in coding, high-resolution vision, and instruction following. Claude Code adds /ultrareview and the xhigh effort level.

[NEW] Routines — automated Claude Code workflows · Autonomous routines in Claude Code triggered by schedules, API calls, and GitHub events. Run code review, bug fixes, and deploy verification from the cloud — laptop closed.

[NEW] Claude Managed Agents · A new API alongside Messages that provides a pre-built agent harness and managed infrastructure — run Claude agents without building your own loop, sandbox, or tool-execution layer.

[NEW] Claude Code Remote Control · Keep a local Claude Code session running and control it from claude.ai/code or the mobile apps — with your local files, MCP servers, and tools intact.