[ca] Update CLI versions: Claude Code 2.1.101, Copilot 1.0.24, Codex 0.120.0

[github-actions]

Three CLI tools have been updated in pkg/constants/version_constants.go and workflows recompiled.

Summary

Tool	Previous	New	Risk
Claude Code	2.1.98	2.1.101	Low
Copilot CLI	1.0.21	1.0.24	Medium (verify MCPs + PAT auth)
Codex	0.118.0	0.120.0	Low

---

Update: Claude Code 2.1.98 → 2.1.101

• 2.1.99 — 2026-04-10
• 2.1.100 — 2026-04-10
• 2.1.101 — 2026-04-10

All three patch releases shipped on the same day. No public GitHub repository for Claude Code; changes are inferred from npm metadata and CLI help diff.

View CLI Help Changes (2.1.98 → 2.1.101)

New flag added in 2.1.101:

--exclude-dynamic-system-prompt-sections   Move per-machine sections (cwd, env info, memory paths,
                                            git status) from the system prompt into the first user
                                            message. Improves cross-user prompt-cache reuse. Only
                                            applies with the default system prompt (ignored with
                                            --system-prompt). (default: false)

All other flags unchanged.

Impact Assessment

• Risk: Low
• Affects: All workflows using Claude Code
• Migration: No breaking changes; --exclude-dynamic-system-prompt-sections is opt-in

Package Links

• NPM Package: https://www.npmjs.com/package/`@anthropic-ai/claude-code`
• Specific Release: https://www.npmjs.com/package/`@anthropic-ai/claude-code`/v/2.1.101

---

Update: Copilot CLI 1.0.21 → 1.0.24

⚠️ Verify before deploying: Per the code comment in version_constants.go, confirm MCPs are not blocked from loading and /models does not silently fail on PATs.

• 1.0.22 — 2026-04-09
• 1.0.23 — 2026-04-10
• 1.0.24 — 2026-04-10

View Full Changelog (v1.0.22 → v1.0.24)

v1.0.22 — 2026-04-09

• MCP tools with non-standard JSON schemas are now sanitized for compatibility with all model providers
• Better handling of large images from MCP and extension tools
• Improved rendering performance with a new simplified inline renderer
• Show a clear message to contact your organization administrator when remote sessions are blocked by policy
• Sub-agent activity no longer shows duplicated tool names
• Permission checks and other hooks now work correctly when using Anthropic models via BYOM/BYOK
• Slash command picker appears above the text input for a more stable layout
• Custom agents can now declare a skills field to eagerly load skill content into agent context at startup
• Plugins can now display a post-install message with setup instructions after installation
• Breaking: Removed .vscode/mcp.json and .devcontainer/devcontainer.json as MCP server config sources; CLI now only reads .mcp.json. Migration hint appears when .vscode/mcp.json is detected without .mcp.json
• Plugins remain enabled across sessions and auto-install on startup based on user config
• Added sub-agent depth and concurrency limits to prevent runaway agent spawning
• Warn when resuming a session that is already in use by another CLI or application
• CLI no longer crashes on systems affected by a V8 engine bug in grapheme segmentation
• sessionStart and sessionEnd hooks fire once per session in interactive mode instead of once per prompt
• Plugin agents respect the model specified in their frontmatter

v1.0.23 — 2026-04-10

• New --mode, --autopilot, and --plan flags to start the CLI directly in a specific agent mode
• Agent no longer hangs on the first turn when the memory backend is unavailable
• Bazel/Buck build target labels (e.g. //package:target) no longer misidentified as file paths
• Ctrl+L clears the terminal screen without clearing the conversation session
• Slash command picker shows full skill descriptions and a refined scrollbar
• /diff, /agent, /feedback, /ide, and /tuikit work while the agent is running
• Display reasoning token usage in the per-model token breakdown when nonzero
• Remote tab correctly shows Copilot coding agent tasks and supports steering via the Tasks API
• Shell output with BEL characters no longer causes repeated terminal beeping
• Migration notice for .vscode/mcp.json now includes a jq command to migrate config to .mcp.json

v1.0.24 — 2026-04-10

• preToolUse hooks now respect modifiedArgs/updatedInput, and additionalContext fields
• Custom agent model field now accepts display names and vendor suffixes from VS Code (e.g., "Claude Sonnet 4.5", "GPT-5.4 (copilot)")
• Terminal state (alt screen, cursor, raw mode) is restored correctly after CLI crashes like OOM or segfaults
• The --remote flag is respected when the session sync prompt appears on first run in a GitHub repo
• Redesigned exit screen with Copilot mascot and cleaner usage summary layout

Breaking Changes

• .vscode/mcp.json no longer used as MCP config source (1.0.22). Only .mcp.json is read.

Impact Assessment

• Risk: Medium
• Affects: Workflows using Copilot CLI, MCP configurations, hook-driven workflows
• Verify: MCPs load correctly, PAT-based /models works, preToolUse hooks with modifiedArgs

Package Links

• NPM Package: https://www.npmjs.com/package/`@github/copilot`
• Release Notes (v1.0.22): https://github.com/github/copilot-cli/releases/tag/v1.0.22
• Release Notes (v1.0.23): https://github.com/github/copilot-cli/releases/tag/v1.0.23
• Release Notes (v1.0.24): https://github.com/github/copilot-cli/releases/tag/v1.0.24

---

Update: Codex 0.118.0 → 0.120.0

• 0.119.0 — 2026-04-10
• 0.120.0 — 2026-04-11

View Full Changelog (0.119.0 → 0.120.0)

0.119.0 — 2026-04-10 (large feature release)

New Features:

• Realtime voice sessions now default to the v2 WebRTC path with configurable transport, voice selection, and native TUI media support (Attach WebRTC realtime starts to sideband websocket openai/codex#17057, Add WebRTC realtime app-server e2e tests openai/codex#17093)
• MCP Apps and custom MCP servers gained richer support: resource reads, tool-call metadata, custom-server tool search, server-driven elicitations, file-parameter uploads ([mcp] Support MCP Apps part 1. openai/codex#16082, [mcp] Support MCP Apps part 2 - Add meta to mcp tool call result. openai/codex#16465)
• Remote/app-server workflows support egress websocket transport, remote --cd forwarding, and experimental codex exec-server subcommand (app-server: Add egress websocket transport openai/codex#15951, [codex] Support remote exec cwd in TUI startup openai/codex#17142)
• TUI can copy latest agent response with Ctrl+O (feat(tui): Ctrl+O copy hotkey and harden copy-as-markdown behavior openai/codex#16966)
• /resume can jump directly to a session by ID or name from the TUI (feat: /resume per ID/name openai/codex#17222)
• TUI notifications: Warp OSC 9 support and opt-in mode for notifications while terminal is focused

Bug Fixes:

• TUI starts faster by fetching rate limits asynchronously
• Resume flows more stable: picker no longer flashes false empty states
• Fast Mode no longer stays stuck after /fast off in app-server-backed TUI sessions (Fix TUI fast mode toggle regression openai/codex#16833)
• macOS HTTP-client sandbox panic fix (Fix remote address format to work with Windows Firewall rules. openai/codex#17053)

Architecture:

• codex-core slimmed down through major crate extractions for MCP, tools, config, model management, auth, feedback, and protocol

Full changelog: openai/codex@rust-v0.118.0...rust-v0.119.0

0.120.0 — 2026-04-11

New Features:

• Realtime V2 can stream background agent progress while work is still running and queue follow-up responses (Stream Realtime V2 background agent progress openai/codex#17264, Queue Realtime V2 response.create while active openai/codex#17306)
• Hook activity in TUI is easier to scan: live running hooks shown separately, completed hook output kept only when useful ([codex] Improve hook status rendering openai/codex#17266)
• Custom TUI status lines can include the renamed thread title (Add thread title to configurable TUI status line openai/codex#17187)
• Code-mode tool declarations now include MCP outputSchema details (Add output_schema to code mode render openai/codex#17210)
• SessionStart hooks can distinguish sessions created by /clear from fresh startup or resume sessions (Support clear SessionStart source openai/codex#17073)

Bug Fixes:

• Fixed Windows elevated sandbox handling for split filesystem policies (fix: support split carveouts in windows elevated sandbox openai/codex#14568)
• Fixed sandbox permission handling for symlinked writable roots (fix(permissions): fix symlinked writable roots in sandbox permissions openai/codex#15981)
• Fixed codex --remote wss://... panics by installing Rustls crypto provider before TLS websocket connections (Install rustls provider for remote websocket client openai/codex#17288)
• Preserved tool search result ordering instead of alphabetically reordering (preserve search results order in tool_search_output openai/codex#17263)
• Fixed live Stop-hook prompts so they appear immediately (Emit live hook prompts before raw-event filtering openai/codex#17189)

Full changelog: openai/codex@rust-v0.119.0...rust-v0.120.0

Impact Assessment

• Risk: Low
• Affects: Workflows using Codex CLI
• Migration: No breaking changes; SessionStart hook gains new source field distinguishing /clear from startup/resume

Package Links

• NPM Package: https://www.npmjs.com/package/`@openai/codex`
• Release Notes (0.119.0): https://github.com/openai/codex/releases/tag/rust-v0.119.0
• Release Notes (0.120.0): https://github.com/openai/codex/releases/tag/rust-v0.120.0

---

References:

• §24274317479

Generated by CLI Version Checker · ● 441.4K · ◷

• expires on Apr 13, 2026, 4:17 AM UTC

[github-actions]

🍪 Issue Monster has assigned this to Copilot!

I've identified this issue as a good candidate for automated resolution and assigned it to the Copilot coding agent.

The Copilot coding agent will analyze the issue and create a pull request with the fix.

Om nom nom! 🍪

🍪 Om nom nom by Issue Monster · ● 178.7K · ◷