Anthropic Release Notes

How it works

Admins can now provision MCP connectors for their whole organization through their identity provider, starting with Okta. Users get connector access automatically on first login, with authorization configured centrally by their organization.

Connectors make Claude more useful at work — they give Claude the context it needs from the tools that your teams already use. Until now, turning them on required action at two steps: admins enabled a connector for the organization, and then every individual user authorized it themselves.

Enterprise-managed authorization streamlines that second step. Admins authorize a connector once, users inherit access through the IdP groups and roles they already have, and the connector is there the first time someone opens Claude. The result is zero-touch connector setup for the end user.

Enterprise-managed auth is the first implementation of the Enterprise-Managed Authorization extension to the Model Context Protocol. It's built on an open standard so any connector can support it — including the custom connectors your own teams build — and they all work the same way for every Claude customer.

Connect your identity provider to Claude and choose which MCP connectors to enable for your organization. When an employee logs in, their connectors are already there. Access stays consistent across Claude chat, Claude Code, and Cowork.

For admins, this folds MCP access management into the same workflow that governs the rest of your stack: provision once, scope by group, manage revocation through the IdP. Because checking access with the IdP is frictionless, admins can shorten access token lifetimes without impacting productivity — so when someone is deprovisioned, their connector access expires fast instead of lingering on an old token. Access runs through the identity provider you already trust, so connectors fall under the same security and access controls as everything else, rather than a separate surface to monitor.

Admins can also require that a connector only ever connects through the IdP, which keeps work and personal use cleanly separated and prevents someone from accidentally linking a personal account to a work tool.

Built with an ecosystem

Enterprise-managed authorization works across three groups: the identity providers that govern access, the MCP providers that support the standard, and the Claude customers deploying managed connections across their teams.

Identity providers

Okta is supported at launch, with support for additional identity providers coming soon.

MCP providers

Asana, Atlassian, Canva, Figma, Granola, Linear, and Supabase support Enterprise-managed auth at launch, with Slack coming soon.

Claude customers

Hubspot, Ramp, and Webflow are among the organizations rolling out enterprise-managed auth across their teams.

Quotes and endorsements from partners and customers are included to highlight the impact and trust in this feature.

Getting started

Enterprise-managed auth is available today in beta for customers on the Claude Team and Enterprise plans. Learn more on our Help Center and apply for access to get started.

Any identity or MCP provider can add support for enterprise-managed auth by implementing the open extension to the MCP authorization spec. Submit interest to join the beta here.

Preview your in-progress work as a live, interactive web page—built from your full session context and shareable with your team.

Starting today, Claude Code can capture work progress as an artifact, which turn Claude Code's work into live, shareable visual pages— including PR walkthroughs, system explainers, dashboards, and release checklists—that update themselves as your session works.

A Claude Code session can range from investigating an incident to refactoring a service to analyzing months of data. Artifacts translate the work into a web page anyone can open and explore, like a pull request walkthrough, a dashboard you can filter and sort, or even a release checklist that fills itself out as work gets done. Artifacts make it easier to collaborate on shared work, so teams can spend more time building and less time communicating status updates.

Built on the context from your session

Claude Code builds an artifact using the full context of your session, including your codebase, your connectors, and the conversation itself. A single incident page can bring together the failing test and the function behind it from your code, the error spike from a connected monitoring tool, and the root-cause reasoning from the session you just ran. With artifacts, you don't need to wire up data sources or stand up infrastructure. You ask for a page, and Claude Code builds it from what already exists.

Live pages that update in place

When Claude Code updates an artifact, the open page refreshes in place and teammates see the updates the moment they’re published. Every publish is a new version at the same link, with version history so you can restore at any time, and a gallery lets you browse and manage all artifacts you've made.

From our internal testing, one of our most common use cases has been debugging. These typically look something like: An engineer kicks off an incident investigation before standup. Claude Code works through the logs and publishes an artifact: a timeline, the suspect commits, and an error-rate chart. She shares the link with her team from the page header. By the time standup begins, Claude has republished it twice as the investigation progressed, incorporating the latest information. With artifacts, team members and stakeholders don’t have to "walk us through what the agent found" because they're all looking at the same view, with the same context.

Private to your organization

Every artifact is private to its author by default. When you're ready, share it with your teammates and your organization directly from the page. Artifacts are viewable only by authenticated members of your org and cannot be made public. Admins manage access with an org-level toggle and role-based scoping, set retention policies, and get org-wide visibility through the compliance API.

Getting started

Ask your session for an artifact — or just ask for something visual, here are some ideas by role:

• Legal / open source: A license audit of every dependency, flagging copyleft, straight from the repo. "Build an artifact listing every third-party dependency and its license, flagging anything copyleft."
• Privacy: A data-flow map of where personal data is collected, stored, and logged across the code. "Trace where we touch personal data across the codebase into an artifact for the privacy review."
• Security: Findings that link to the exact line, so the fix is unambiguous. "Build an artifact of the auth findings from this review, each linked to the code."
• FinOps / platform finance: Cloud resources and cost drivers mapped from your infrastructure-as-code. "Map our cloud resources from the Terraform into an artifact, grouped by service, with the big cost drivers."
• Software engineers: A PR or bug walkthrough reviewers can actually follow, pulled from the diff and the code around it. "Make an artifact walking through this PR — the diff, the reasoning, and what I tested."
• Designers & frontend engineers: Several UX directions for a screen, each built from your real components so the one you pick is shippable. "Give me an artifact with 5 UX variations of this signup form, built from our component library."
• Staff engineers & architects: A map of how a service actually fits together, drawn from the real import graph instead of a whiteboard. "Map how the payments service fits together into an artifact, from the code."
• SRE & on-call: An incident page that grows as you investigate and becomes the postmortem. "Turn this incident into an artifact — timeline, suspect commits, error spike from our monitoring — and republish as I work through it."
• Engineering managers: A page of what actually shipped, built from the merged PRs. "Build an artifact of what merged on my team this week from the PRs, grouped by project."

Claude Code builds the page and gives you a link. Open it in your browser or the desktop app, share it from the header—updates publish to the same URL automatically.

Availability

Artifacts is available in beta to Claude Team and Enterprise orgs, from the Claude Code CLI and desktop app, with pages viewable in any browser.

Get started today with Claude Code.

Claude Design now sticks to your design system across projects, works fluidly with Claude Code, lets you edit directly on the canvas, and connects to more tools you already use. It has a new home in the sidebar on the Claude desktop app; you can also find it at claude.ai/design.

Our goal remains the same as before: letting you explore more directions than a deadline usually allows and making the handoff to polish or build as seamless as possible. That goal now serves a lot more people. Over one million people used Claude Design in its first week, and your feedback is shaping what we build next.

Build with your design system components

We rebuilt the design system import to give you more flexibility and increase precision. Bring in one or several design systems from a GitHub repo, design files, or raw uploads. Claude builds with your components, checks its output against your design system, and makes corrections before you see it. For larger teams, a new admin role can approve one standard system and lock down edits, so the work always matches your company guidelines.

Move between design and code

It's now easier to move between working in Claude Design and Claude Code while keeping your work synced, with updates rolling out today. Use /design-sync to pull in your design system, so everything you build in Claude Design starts from your existing components. When a design is ready to become software, you can hand it off to Claude Code, which continues from your existing work instead of starting over from a screenshot.

Prefer to begin in Claude Code? You can create, edit, and sync design projects without leaving the terminal using /design. Import a design into your codebase, turn your code into a live prototype, or let Claude carry a project all the way through.

"Claude design gives me the intelligence of frontier models with the functionality & capabilities of tried & true design tools. Anytime I'm working on design directions for Tenex's site, new brand assets, or presentations, Claude Design is the first place I go. The combination of approachable UX with strong taste & design instinct is why it's become a core part of my tech stack. And then the hand-off between Claude Design and Claude Code makes the process of prototype to production seamless."

• Alex Lieberman, Cofounder, Morning Brew & Tenex

Steadier for daily work

Our new editor gives you direct, fine-grained control over every element of your designs. New, rich layout controls let you drag, resize, and align elements. Hundreds of stability fixes make the editor hold up under real use.

Claude Design also now shares usage limits with chat, Claude Cowork, and Claude Code, so most people will get much more headroom to create, and those hitting limits will do so less often. The average turn now uses fewer tokens to achieve the same results, and errors are down sharply.

From the canvas to the tools you use

Export reliably to PDF and PowerPoint or send your work to the apps you already use—the list of connectors now includes Adobe, Base44, Canva, Gamma, Lovable, Miro, Replit, Vercel and Wix, with more destinations coming soon.

Getting started

Claude Design is in beta on Claude Pro, Max, Team, and Enterprise plans and included with your subscription. It’s turned off by default for Enterprise users; admins can enable it in organization settings, and work is shareable only within your organization. Find it at claude.ai/design or in the sidebar on the desktop app. Bring in your design system and create. No ideas? Ask for three directions on your next landing page, and pick the one worth refining.

Workload Identity Federation (WIF) is now generally available on the Claude Platform.

WIF is compatible with any OIDC-compliant identity provider and covers all Claude API endpoints, including when accessing the endpoints through our first-party SDKs and Claude Code.

With WIF for workloads and ant auth login for interactive sessions, developers never have to handle a static API key when building with the Claude Platform.

How Workload Identity Federation works

WIF replaces static API keys with short-lived, scoped credentials issued at request time. Whether you're a two-person startup running GitHub Actions or an enterprise with detailed credential policies, you can now authenticate with the Claude Platform the same way you authenticate with the rest of your stack.

With WIF, there are no static Anthropic credentials to create, rotate, or leak. Workloads authenticate with the identity they already have: an AWS IAM role, a GCP or Kubernetes service account, an Azure managed identity, a GitHub Actions token, Okta, or other OIDC-compliant providers.

We're also introducing service accounts to the Claude Platform, so each workload can have its own identity, roles, and audit trail instead of a shared API key. First, a federation rule binds an external identity to a service account. Then, when a workload requests access, the Claude Platform verifies the workload's signed OIDC token, matches its claims against your federation rules, and issues a short-lived access token bounded by the service account's roles. Every exchange and request is recorded against that service account in your audit logs.

Set up your first workload in minutes

The Claude Console has a guided setup flow for configuring workload identities. The setup validates each step and finishes with a test command that confirms your workload can authenticate.

Run your whole organization without static keys

WIF is compatible with the Admin API for organization management. Federation rules can be configured for least-privilege access through fine-grained scopes.

Federation configuration is also fully programmatic for organizations operating at scale. New Admin API endpoints let you create and update issuers, service accounts, and federation rules.

Getting started

API keys work alongside WIF, so you can migrate one workload at a time. Read the setup guides for each identity provider, or open the Claude Console to connect your first workload.

• Added /config key=value syntax to set any setting from the prompt (e.g. /config thinking=false) — works in interactive, -p, and Remote Control
• Added sandbox.allowAppleEvents opt-in setting that lets sandboxed commands send Apple Events on macOS
• Added CLAUDE_CLIENT_PRESENCE_FILE environment variable: point it at a marker file to suppress mobile push notifications while you're at the machine
• Upgraded the bundled Bun runtime to 1.4
• Improved streaming of long paragraphs: text now appears line-by-line instead of waiting for the first line break
• Improved auto-retry: API connection drops mid-thinking now automatically retry instead of showing "Connection closed while thinking"
• Improved the subagent panel: idle subagents auto-hide after 30s, the list caps at 5 rows with scroll hints, and keyboard hints now show in the footer
• Improved the MCP OAuth browser page to match Claude Code's visual style and auto-close on success
• Changed fullscreen mode URL opening to require Cmd+click (macOS) / Ctrl+click, matching native terminal behavior
• Changed the Improved N memories line to no longer list individual files outside verbose mode
• Fixed prompt caching not reading on custom ANTHROPIC_BASE_URL and on Foundry due to a per-request attestation token changing every turn
• Fixed Write/Edit producing 0-byte or truncated files on network drives and cloud-synced folders
• Fixed open, osascript, and browser-based auth flows failing with error -600 on macOS by adding the Apple Events entitlement
• Fixed a startup regression (~120ms per launch in fresh environments, introduced in 2.1.169): the first prompt no longer waits for the managed-settings fetch when no MCP servers are configured
• Fixed startup blocking with a blank terminal for up to 15 seconds when the account settings fetch is slow on a degraded network
• Fixed startup crash (TypeError: Cannot read properties of null) when .claude.json contains corrupted null project entries
• Fixed macOS TUI freezing at session start (Ctrl+C unresponsive) when Spotlight is busy reindexing
• Fixed long-running idle sessions losing their history when another Claude Code process ran the 30-day transcript cleanup
• Fixed foreground subagents spawning unbounded nested chains; they now respect the same 5-level depth limit as background subagents
• Fixed /recap and conversation forks using the previous model immediately after a model switch
• Fixed subagent "Thinking" duration showing the parent agent's elapsed time instead of the subagent's own
• Fixed subagents blocked on a nested agent showing a ticking elapsed time instead of "waiting" in the agent panel
• Fixed the API retry indicator ("Retrying in 0s · attempt N/10") staying on screen after the retry succeeded
• Fixed AWS awsCredentialExport credentials with a short remaining lifetime causing credential refreshes every minute, and now accepts the JSON shape from aws configure export-credentials
• Fixed claude mcp get/list showing ✓ Connected when tools/list fails; they now show ! Connected · tools fetch failed with the error detail
• Fixed /remote-control leaving a stale "connecting…" line; it now confirms in the transcript once connected
• Fixed ExitWorktree refusing to remove a clean worktree with "Could not verify worktree state" when bare git cannot be resolved on Windows
• Fixed settings changes (such as /effort or /model) failing with ENOENT when ~/.claude/settings.json is a relative symlink under a symlinked ~/.claude
• Fixed IDE selection line numbers in context reminders being off by one (IntelliJ and VS Code)
• Fixed Ctrl+C in fullscreen after a native terminal selection (modifier+drag) overwriting the clipboard with the app's prior selection
• Fixed Ctrl+V showing "No image found in clipboard" instead of pasting when the clipboard contains text
• Fixed agent creation failing with "EEXIST: file already exists" when the agents directory already exists (Windows/OneDrive)
• Fixed AskUserQuestion preview content being cut off at the dialog edge instead of word-wrapping
• Fixed AskUserQuestion multi-select questions silently dropping a typed "Other" free-text answer when submitting
• Fixed /stats "Most active day" and daily token chart dates showing one day early in UTC-negative timezones
• Fixed /copy and copy-on-select on Linux not detecting a clipboard utility installed after Claude Code started
• Fixed tab-indented code rendering with incorrect indentation in the Write (create-file) preview
• Fixed user prompts queued mid-turn not showing a full-width background highlight in the transcript
• Fixed the activity spinner's pulse dwelling on the wrong glyph size in Ghostty

• Fixed mid-stream connection drops: partial responses are now preserved instead of showing a raw error, and the spinner no longer gets stuck at "running tool"
• Fixed mouse-wheel scrolling in WSL2 under Windows Terminal and VS Code (regression in 2.1.172)
• Fixed a sandbox denyRead/allowRead glob over a large directory tree making the Bash tool description enormous and the session unusable on Linux
• Fixed the feedback survey capturing a single-digit reply as a session rating immediately after a turn completes
• Fixed the welcome screen stacking multiple promotional banners — at most one promo now shows per session
• Fixed Ctrl+O not showing the subagent's transcript when viewing a subagent
• Fixed clicking the prompt input not returning focus from the subagent/footer panel
• Fixed remote session background tasks appearing stuck as "still running" between turns
• Improved plugin loading performance in remote sessions

• Fixed mid-stream connection drops: partial responses are now preserved instead of showing a raw error, and the spinner no longer gets stuck at "running tool"
• Fixed mouse-wheel scrolling in WSL2 under Windows Terminal and VS Code (regression in 2.1.172)
• Fixed a sandbox denyRead/allowRead glob over a large directory tree making the Bash tool description enormous and the session unusable on Linux
• Fixed the feedback survey capturing a single-digit reply as a session rating immediately after a turn completes
• Fixed the welcome screen stacking multiple promotional banners at most one promo now shows per session
• Fixed Ctrl+O not showing the subagent's transcript when viewing a subagent
• Fixed clicking the prompt input not returning focus from the subagent/footer panel
• Fixed remote session background tasks appearing stuck as "still running" between turns
• Improved plugin loading performance in remote sessions

Move a session to a new directory with /cd, let sub-agents spawn their own sub-agents, and troubleshoot a broken configuration with safe mode.

Move a session with /cd

v2.1.169

The new /cd command moves the current session to a different working directory without rebuilding the prompt cache: the new directory’s CLAUDE.md is appended as a message instead of replacing the system prompt. The session relocates to the new directory’s project storage, so --resume and --continue find it there. Claude prompts you to trust the directory if you haven’t worked in it before.

Move the session into another project without restarting:

/cd ../other-project

Sub-agents can spawn sub-agents

v2.1.172

Sub-agents can now spawn their own sub-agents. The subagent panel below the prompt shows the full tree: each row carries a count of its descendants and a path back to main. Background sub-agents are capped at five levels deep to prevent runaway concurrent trees; foreground chains can spawn at any depth and are self-limiting.

Open the agents view to watch the nested tree as work fans out:

/agents

Troubleshoot with safe mode

v2.1.169

Start Claude Code with --safe-mode, or set CLAUDE_CODE_SAFE_MODE, to launch with all customizations disabled: CLAUDE.md, skills, plugins, hooks, MCP servers, and custom commands and agents do not load. Authentication, model selection, built-in tools, and permissions still work. If a problem disappears in safe mode, one of those surfaces is the cause.

Launch a clean session to isolate a broken configuration:

claude --safe-mode

Other wins

• fallbackModel configures up to three fallback models tried in order when the primary is overloaded or unavailable, and --fallback-model now applies to interactive sessions too
• Session titles are now generated in the language of your conversation; pin a specific one with the language setting
• claude agents --json adds --all to include completed sessions plus new id and state fields, and no longer omits blocked or newly dispatched sessions
• Browsing a marketplace’s plugins in /plugin now has a search bar
• New disableBundledSkills setting and CLAUDE_CODE_DISABLE_BUNDLED_SKILLS hide bundled skills, workflows, and built-in commands from the model
• Deny rules accept a glob in the tool-name position, so ”*” denies all tools, and unknown tool names in deny rules now warn at startup
• Cross-session messaging is hardened: messages relayed via SendMessage from other sessions no longer carry user authority, and auto mode blocks them
• Amazon Bedrock reads the AWS region from ~/.aws config files when AWS_REGION is unset, and /status shows where the region came from
• New enforceAvailableModels managed setting makes the availableModels allowlist also constrain the Default model
• Claude in Chrome browser tools now load in a single batched call instead of one per tool
• claude update announces the target version before downloading instead of going silent
• New footerLinksRegexes setting adds regex-matched link badges to the footer row

Full changelog for v2.1.166–v2.1.176 →

Auto mode on Bedrock, Vertex, and Foundry

v2.1.158

Auto mode is now available on Bedrock, Vertex, and Foundry for Opus 4.7 and Opus 4.8, replacing permission prompts with background safety checks on third-party providers. Opt in by setting CLAUDE_CODE_ENABLE_AUTO_MODE=1.

Opt in on a third-party provider, then cycle to auto mode with Shift+Tab:

export CLAUDE_CODE_ENABLE_AUTO_MODE=1

Safer automatic edits

v2.1.160

Claude Code now prompts before writing files that can run code, even in acceptEdits mode. The protected set covers shell startup files such as .zshenv and .bash_login, git config under ~/.config/git/, and build-tool configs such as .npmrc, .bazelrc, and .pre-commit-config.yaml. These writes are never auto-approved in any mode except bypassPermissions.

Work in acceptEdits mode; Claude now pauses before writing these files:

claude --permission-mode acceptEdits

List installed plugins with /plugin list

v2.1.163

The new /plugin list command prints your installed plugins inline, without opening the /plugin menu, and is also available as claude plugin list from the shell. In the interactive form, add --enabled or --disabled to show only plugins in that state.

List the plugins that are currently turned on:

> /plugin list --enabled

Version requirements for managed deployments

v2.1.163

Two managed settings, requiredMinimumVersion and requiredMaximumVersion, let your organization require an approved Claude Code version range. A client outside the range exits at startup and tells the user to update through the organization’s method. claude update, claude install, and claude doctor keep working so users can still recover.

Add a floor to your managed settings so older clients refuse to start:

"requiredMinimumVersion": "2.1.163"

Other wins

The trigger keyword for dynamic workflows changed from workflow to ultracode; asking for a workflow in your own words still works, and the keyword is highlighted in violet in the prompt

Stop and SubagentStop hooks can return hookSpecificOutput.additionalContext to give Claude feedback and keep the turn going instead of being treated as an error

claude mcp list, get, and add no longer print secrets: environment-variable references are not expanded, and credential headers and URL secrets are redacted

A failed Bash command in a parallel tool batch no longer cancels the others; each tool returns its own result independently

Editing a file no longer needs a separate Read first when you viewed it with a single-file grep, egrep, or fgrep

Clicking a command in the autocomplete menu now fills it into your prompt instead of running it immediately; press Enter to run

Listing Grep or Glob in --tools now provides the dedicated search tools on native builds with embedded search, instead of silently ignoring those names

/effort now confirms when your chosen level will persist as the default for new sessions

OTEL_RESOURCE_ATTRIBUTES values are now attached as labels on metric datapoints, so you can slice usage metrics by custom dimensions like team or repo

Windsurf is renamed to Devin Desktop in /ide, /terminal-setup, and /scroll-speed, following the editor’s rebrand

/btw gains a c to copy shortcut that copies the raw markdown answer to the clipboard

• Added Tool(param:value) syntax for permission rules to match a tool's input parameters (with * wildcard), e.g. Agent(model:opus) to block Opus subagents

• Skills in nested .claude/skills directories now load when working on files there; on a name clash, the nested skill appears as <dir>:<name> so both stay available

• Nested .claude/ directories: the agent, workflow, and output-style closest to the working directory now wins when names collide; project-scope workflow saves now target the closest existing .claude/workflows/

• Improved auto mode: subagent spawns are now evaluated by the classifier before launch, closing a gap where a subagent could request a blocked action without review

• Improved /doctor with consistent flat tree layout across all sections, clearer section status icons, and highlighted command names

• Improved the skill listing truncation warning to show how many skill descriptions are affected

• Changed the workflow prompt keyword to use a purple shimmer highlight and trigger only on explicit phrases like "run a workflow" or "workflow:", not on any mention of the word

• Improved Remote Control error messages: connection failures now show a persistent red "/rc failed" indicator in the footer, and the "not yet enabled" error now explains whether it's a gate, a check failure, stale entitlement, or org policy

• /bug now requires a description before submitting, and no longer uses model-refusal text as the GitHub issue title

• Fixed a crash (out-of-memory) when the CLI inherits a stale websocket/OAuth file-descriptor environment variable from a parent process

• Fixed Claude in Chrome silently failing to connect when the OAuth token belongs to a different account than the Claude Code login

• Fixed nested .claude/skills skills with directory-qualified names being blocked by permission prompts in non-interactive runs

• Fixed several subagent issues: viewing a subagent's transcript now shows tool results and live progress, messages sent while it finishes its turn are no longer dropped, and backgrounding a running subagent (ctrl+b) no longer restarts it from scratch

• Fixed claude agents workers failing with 401 Invalid bearer token when the daemon was started from a shell with a custom API gateway via ANTHROPIC_BASE_URL and ANTHROPIC_AUTH_TOKEN

• Fixed compaction not honoring --fallback-model: compaction now falls back to the configured fallback model chain on overload or model-availability errors

• Fixed model requests continuing to fail with auth errors after credentials were refreshed outside the session, due to a stale cached request configuration

• Fixed background sessions created with /bg or ←← after a turn finished showing "Working" forever in the agents list

• Fixed CLAUDE_CODE_PLUGIN_KEEP_MARKETPLACE_ON_FAILURE=1 preventing fresh marketplace installs from cloning

• Fixed MCP server-level specs (mcp__server, mcp__server__*, mcp__*) in subagent disallowedTools being silently ignored

• Fixed vim mode undo: u now steps through NORMAL/VISUAL-mode commands one at a time instead of merging commands in quick succession into a single undo step

• Fixed statusline links with custom URI schemes (e.g. vscode://) not opening when clicked in claude agents

• [VSCode] Fixed pressing Esc to dismiss a CJK IME candidate window canceling the running Claude task

• Session titles are now generated in the language of your conversation (set the language setting to pin a specific language)

• Added footerLinksRegexes setting for regex-matched link badges in the footer row, configurable via user or managed settings

• Improved Bedrock credential caching: credentials from awsCredentialExport are now cached until their Expiration instead of a fixed 1 hour

• Fixed availableModels enforcement: alias model picks can no longer be redirected to a blocked model via ANTHROPIC_DEFAULT_*_MODEL environment variables, and /fast now refuses to toggle when it would switch to a model outside the allowlist

• Fixed auto mode failing on Fable 5 for organizations without Opus 4.8 enabled — the classifier now falls back to the best available Opus model

• Fixed hook if conditions for Read/Edit/Write tool paths: documented patterns like Edit(src/**), Read(~/.ssh/**), and Read(.env) now match correctly

• Fixed claude agents completed sessions losing their running background tasks when reattached after a Claude Code update

• Fixed terminal misalignment and a multi-second hang when exiting the agent view by pressing Esc

• Fixed clicking Stop on a background-task chip in the desktop app not clearing the chip when the underlying process was already gone

• Fixed keyboard input becoming permanently unresponsive after a paste operation whose end marker is dropped by the terminal

• Fixed hook if: "Bash(...)" conditions firing on every Bash command containing $() or $VAR; the pattern now matches against commands inside subshells and backticks too

• Fixed deny rules on home-directory paths (e.g. Read(~/Desktop/**)) not blocking Bash commands that reference the path via $HOME

• Fixed a stray "(no content)" line left in the transcript after closing panel dialogs like /mcp and /plugins

• Background agent sessions now update to a new Claude Code version in the background, so opening a session after an update no longer waits on a cold restart

• Clearer descriptions for built-in commands and skills in the / menu

• The subscription-switch suggestion now shows in the startup announcement slot instead of a toast

• claude agents dispatching from the state-grouped view now starts the session in the directory the agent view was opened from

• Added enforceAvailableModels managed setting — when enabled, the availableModels allowlist also constrains the Default model (a Default that would resolve to a disallowed model now falls back to the first allowed model), and user or project settings can no longer widen a managed availableModels list

• Added wheelScrollAccelerationEnabled setting to disable mouse-wheel scroll acceleration in fullscreen mode
• Fixed the /model picker hiding the model family that Default resolves to — Opus now appears as its own row on Max/Team Premium/Enterprise plans, Sonnet on Pro/Team plans, and Opus on pay-as-you-go API accounts
• Fixed /model picker showing a hardcoded Sonnet version label when ANTHROPIC_DEFAULT_SONNET_MODEL pins a different Sonnet
• Fixed the "Fable 5 is now consuming usage credits" banner incorrectly showing for enterprise accounts with usage-based billing
• Fixed Bedrock GovCloud regions (us-gov-*) deriving the wrong inference profile prefix (global instead of us-gov), causing 400 errors on derived model IDs
• Fixed background sessions inheriting another session's ANTHROPIC_* provider env (gateway URL, custom headers, /model aliases) from the shell that started the background daemon
• Fixed a 1-2 second pause when exiting Claude Code shortly after a shell command was interrupted or killed on macOS and Linux
• Fixed git commit co-author attribution showing an incorrect model name for some models
• Fixed the /advisor dialog pre-selecting a saved advisor model that is blocked by the availableModels allowlist
• Fixed skill hot-reload re-sending the entire skill listing when a single skill changed; only changed skills are now re-announced
• Fixed Workflow tool agent() subagents missing per-agent attribution headers
• [VSCode] Added usage attribution to the Account & usage dialog (/usage) showing cache misses, long context, subagents, and per-skill/agent/plugin/MCP breakdowns over the last 24h or 7d
• Fixed pre-warmed background workers failing with "Could not resolve authentication method" when claimed after sitting idle

• We've retired the Claude Sonnet 4 model (claude-sonnet-4-20250514) and the Claude Opus 4 model (claude-opus-4-20250514). All requests to these models will now return an error. We recommend upgrading to Claude Sonnet 4.6 and Claude Opus 4.8 respectively. Researchers can request ongoing access through the External Researcher Access Program.

• The GET /v1/environments/{id}/work endpoint, which lists pending work for a self-hosted sandbox, is now available on Claude Platform on AWS. See IAM actions for Claude Platform on AWS for the GetEnvironment action that authorizes it.