← 2.1.3 Release

Claude Code 2.1.3 Feature Testing (2.1.3)

| # | Feature | Status | Key Finding |

Claude Code 2.1.3 is a plumbing release that extends hook timeout from 60 seconds to 10 minutes and adds unreachable permission-rule detection, tested via changelog review on 2026-01-16.

"10 minutes is enough for a full pytest suite on most projects, a security scan, a benchmark suite... this turns hooks from 'gatekeeping' to 'processing'." -- OPUS-THOUGHTS.md

What Changed

Three substantive changes shipped in 2.1.3:

  • Hook timeout: 60s to 10 minutes. Previously hooks were constrained to quick checks; at 10 minutes they can run full CI pipelines, security scans, builds, and benchmark suites. Combined with the large-output persistence introduced in 2.1.2, a hook can now execute expensive operations and preserve their full results.
  • Unreachable permission rule detection. When a broad rule such as Bash(*) shadows a narrower rule such as Bash(git *), Claude Code now warns in /doctor and after saving rules. The warning includes the rule source and fix guidance.
  • Merged slash commands and skills. Skills and slash commands became the same concept. No behavior change; only documentation model simplified.

What the Test Found

Testing was conducted on version 2.1.9 (the running version at test time) against 2.1.3 changelog items. No features reached runtime-verified PASS status. Two structural blockers prevented it:

  • /doctor requires an interactive terminal in raw mode and cannot be invoked from automation.
  • Verifying the 10-minute timeout would require running a hook for more than 60 seconds, which is impractical in a standard test session.

All five line items were marked DEFERRED or CODE REVIEW (changelog-derived, not runtime-confirmed). Subagent delegation did complete successfully: a Haiku agent scaffolded the test directory and wrote template results; a Sonnet agent authored workflow hypotheses.

Why It Matters

The hook-timeout change is the only category-shift in the release. At 60 seconds, hooks were enforcement gates. At 10 minutes, they become workflow stages. The open question noted in OPUS-THOUGHTS is whether hooks block the session or run asynchronously; the answer changes how multi-stage pipelines should be structured.

Unreachable rule detection addresses a silent misconfiguration failure mode: overly broad allow-rules that make narrower deny-rules dead code, with no prior feedback to the user.

Caveats

This article is changelog-derived and not runtime-verified. The 10-minute timeout boundary, graceful-vs-hard-kill behavior at timeout, and exact /doctor output for unreachable rules across all rule sources (user, project, shared) remain untested. Feature interaction with agent_type filtering introduced in 2.1.2 is also unconfirmed.

2features tested
    Evidence & receipt
    • file2.1.3/SUMMARY.md
    ◇ ed25519 receipt
    idrelease_d1efabe2b5934282e4500c20
    alged25519
    pubkey9b87705613b1e2fd064d57fa75a6b679d2856ceafad6b1daa8f982493871b6dd
    sigad7c6a9eb38da9fd63d9436909d89a1dd4e6f8660632fcb3ea76e59a1333591a4d9438d8d60aabea7813d8f77c97f582aef83f42a3d98443ec874d8004fcae0b

    Signed with an ed25519 key held off the repo. Anyone can verify against the published public key; nobody without the secret key can forge it. Click verify: it recomputes the signature in your browser. The signature proves integrity and authorship of this exact content — not a third-party timestamp or that the underlying claim is objectively true. signedAt is when the @f3/attest pipeline ran, not when the work happened; the evidence refs carry the source dates.

    Connected
    ← Browse 2.1.3 Night Zero Work with me