v2.1.203
2.1.203
Highlights:
- Background sessions auto-recover when the daemon's session token is stale, preventing unresponsiveness
- Blocks unauthorized/destructive offensive sec actions; allows CTFs/tests only if approved, preventing misuse
- Background sessions now auto-recover when the daemon's session token expires, preventing hangs and lost work
CLI changelog
- Added a warning when your login is about to expire, so you can re-authenticate before background sessions are interrupted
- Added a grey ⏸ badge to the footer when in manual permission mode, making the active mode always visible
- Added the session's additional working directories to MCP roots/list, with notifications/roots/list_changed sent when the set changes
- Fixed opening or switching background agent sessions on macOS stalling for 15–20 seconds due to a false low-memory detection (regression in 2.1.196)
- Fixed background sessions becoming permanently unresponsive to attach, replies, and stop when the daemon's session token went stale — the session now recovers automatically
- Fixed returning to claude agents silently stopping running subagents and re-running the prompt from scratch — their work now carries over
- Fixed a memory and per-turn CPU regression in interactive sessions: the context-usage indicator no longer re-analyzes the entire transcript after every turn
- Fixed background agents inheriting a stale PATH from the daemon instead of the dispatching shell, causing missing tools on Windows
- Fixed background and agent-view sessions dropping a shell-exported ANTHROPIC_BASE_URL, which sent API keys to the default endpoint and failed with 401
- Fixed Bash failing with "argument list too long" in repos with many git worktrees
- Fixed worktree-isolated subagents sometimes running shell commands in the parent checkout instead of their own worktree
- Fixed worktree creation rejecting nested repositories in multi-repo workspaces, leaving background sessions unable to isolate and edit
- … +25 more CLI changelog entries
Source: https://github.com/anthropics/claude-code/blob/main/CHANGELOG.md#21203
Metadata
-
Time since 2.1.202 release: 5h 29m 37s
-
Bundle file size: +321.4 kB (+0.9%)
-
Prompt files: +2 (+5.0%)
-
Prompt tokens: +9,919 (+11.6%)
Prompt token mix by kind:
- system-reminder: 54.9%→56.6%
- tools: 44.0%→42.5%
- system: 0.7%→0.6%
- agent: 0.4%→0.3%
Files:
- metadata: b4df519/meta/metadata.md#diff-a08dfa163baef97ea4f56d29009ac65f5f7dbc46e3a58e80d7aa06a2a2520899L10-R10
- prompt stats: b4df519/meta/prompt-stats.md#diff-fa8e31336ece71d159f37b6fd4ed0c61939849140bd5c08c7ca793b5b2ae7f58L1-R1
Other prompt changes
- Assistant now refuses destructive or malicious cyberattack requests and only provides security-tool or exploit guidance for clearly authorized testing, CTFs, or research.
Links: