2.1.49 untested · changelog-derived

Claude Code 2.1.49

Worktree isolation for Claude and subagents enables reproducible, containerized agent workflows without branch conflicts or stale state bleeding across sessions.

8 new primitives 2 workflow recipes 19 fixes

New primitives

--worktree / -w flagflag/command

Start Claude in an isolated git worktree

Added `--worktree` (`-w`) flag to start Claude in an isolated git worktree
isolation: "worktree"setting

Run subagent in a temporary git worktree

Subagents support `isolation: "worktree"` for working in a temporary git worktree
Ctrl+F keybindingkeybinding

Two-press confirmation to kill all background agents

Added Ctrl+F keybinding to kill background agents (two-press confirmation)
background: true in agent definitionssetting

Always run an agent as a background task

Agent definitions support `background: true` to always run as a background task
Plugin settings.json shippingcapability

Plugins can provide default configuration

Plugins can ship `settings.json` for default configuration
File edit tool in simple modecapability

Simple mode now includes the file edit tool alongside Bash

Simple mode (`CLAUDE_CODE_SIMPLE`) now includes the file edit tool in addition to the Bash tool, allowing direct file editing in simple mode.
ConfigChange hook eventhook

Fire when configuration files change during a session

Added `ConfigChange` hook event that fires when configuration files change during a session, enabling enterprise security auditing and optional blocking of settings changes.
SDK model capability fieldscapability/SDK

Discover model support for effort, adaptive thinking

SDK model info now includes `supportsEffort`, `supportedEffortLevels`, and `supportsAdaptiveThinking` fields so consumers can discover model capabilities.

Workflow recipes

Isolated Agent Orchestration with State Enforcement
--worktree + isolation: "worktree" + background: true + ConfigChange hook

Worktree-backed subagents running as persistent background tasks can safely parallelize work across branches without merge conflicts or stale-state issues. The ConfigChange hook enables parent orchestrators to react to policy/constraint changes mid-task, allowing enterprise-grade enforcement and task abortion if security posture shifts.

Launch a background subagent coordinator in the root worktree that monitors ConfigChange events. When policy changes (e.g., new permission restrictions, security audit requirements), it signals child background subagents running in isolated worktrees to checkpoint and abort if no longer compliant. Child agents resume work only after acknowledging the new constraints. This unblocks parallelized code review, batch analysis, and multi-team recompete intelligence workflows where global constraints (budget, clearance level, customer scope) can shift without orphaning in-flight work.

Simple Mode with Direct File Mutation for Embedded/Lightweight Agents
File edit tool now in simple mode + background: true + plugin settings.json defaults

Lightweight agents deployed in resource-constrained or embedded contexts (e.g., CI/CD pipelines, embedded CLI, SDK integrations) can now edit files directly without Bash, reducing tool surface and permission footprint. Plugins shipping settings.json allows distributing agents with sensible defaults, enabling plug-and-play delegation.

Build a "reviewer agent" plugin that ships with conservative settings.json defaults (no bash, file-edit-only, specific paths allowlisted). Distribute to teams as a plugin. On CI/CD activation, the agent runs in background with the plugin's defaults, reviews code changes, and edits files (e.g., add review comment markers, auto-fix style). This bypasses complex permission setup per CI job and keeps the agent surface minimal.

Agentic relevance

Worktree isolation (`--worktree` + `isolation: "worktree"`) enables multi-agent workflows with guaranteed state separation and reproducibility. Background agent persistence (`background: true`) and the new `ConfigChange` hook support orchestration patterns where agents watch configuration drift and react to policy changes—critical for enterprise automation and long-running daemons. SDK capability discovery (`supportsEffort`, `supportedEffortLevels`, `supportsAdaptiveThinking`) allows agents to adapt strategy to model capability at invocation time.

Hardening & fixes (19)

  • Improved MCP OAuth authentication with step-up auth support and discovery caching, reducing redundant network requests during server connections
  • Fixed file-not-found errors to suggest corrected paths when the model drops the repo folder
  • Fixed Ctrl+C and ESC being silently ignored when background agents are running and the main thread is idle. Pressing twice within 3 seconds now kills all background agents.
  • Fixed prompt suggestion cache regression that reduced cache hit rates.
  • Fixed `plugin enable` and `plugin disable` to auto-detect the correct scope when `--scope` is not specified, instead of always defaulting to user scope
  • Permission suggestions are now populated when safety checks trigger an ask response, enabling SDK consumers to display permission options
  • Fixed verbose mode not updating thinking block display when toggled via `/config` — memo comparators now correctly detect verbose changes
  • Fixed unbounded WASM memory growth during long sessions by periodically resetting the tree-sitter parser
  • Fixed potential rendering issues caused by stale yoga layout references
  • Improved performance in non-interactive mode (`-p`) by skipping unnecessary API calls during startup
  • Improved performance by caching authentication failures for HTTP and SSE MCP servers, avoiding repeated connection attempts to servers requiring auth
  • Fixed unbounded memory growth during long-running sessions caused by Yoga WASM linear memory never shrinking
  • Improved startup performance by caching MCP auth failures to avoid redundant connection attempts
  • Improved startup performance by reducing HTTP calls for analytics token counting
  • Improved startup performance by batching MCP tool token counting into a single API call
  • Fixed `disableAllHooks` setting to respect managed settings hierarchy — non-managed settings can no longer disable managed hooks set by policy (#26637)
  • Fixed `--resume` session picker showing raw XML tags for sessions that start with commands like `/clear`. Now correctly falls through to the session ID fallback.
  • Improved permission prompts for path safety and working directory blocks to show the reason for the restriction instead of a bare prompt with no context
  • Model change note: Sonnet 4.5 with 1M context is being removed from the Max plan in favor of Sonnet 4.6 model, which now has 1M context.

Raw changelog

## 2.1.49

- Improved MCP OAuth authentication with step-up auth support and discovery caching, reducing redundant network requests during server connections
- Added `--worktree` (`-w`) flag to start Claude in an isolated git worktree
- Subagents support `isolation: "worktree"` for working in a temporary git worktree
- Added Ctrl+F keybinding to kill background agents (two-press confirmation)
- Agent definitions support `background: true` to always run as a background task
- Plugins can ship `settings.json` for default configuration
- Fixed file-not-found errors to suggest corrected paths when the model drops the repo folder
- Fixed Ctrl+C and ESC being silently ignored when background agents are running and the main thread is idle. Pressing twice within 3 seconds now kills all background agents.
- Fixed prompt suggestion cache regression that reduced cache hit rates.
- Fixed `plugin enable` and `plugin disable` to auto-detect the correct scope when `--scope` is not specified, instead of always defaulting to user scope
- Simple mode (`CLAUDE_CODE_SIMPLE`) now includes the file edit tool in addition to the Bash tool, allowing direct file editing in simple mode.
- Permission suggestions are now populated when safety checks trigger an ask response, enabling SDK consumers to display permission options
- Sonnet 4.5 with 1M context is being removed from the Max plan in favor of our frontier Sonnet 4.6 model, which now has 1M context. Please switch in /model.
- Fixed verbose mode not updating thinking block display when toggled via `/config` — memo comparators now correctly detect verbose changes
- Fixed unbounded WASM memory growth during long sessions by periodically resetting the tree-sitter parser
- Fixed potential rendering issues caused by stale yoga layout references
- Improved performance in non-interactive mode (`-p`) by skipping unnecessary API calls during startup
- Improved performance by caching authentication failures for HTTP and SSE MCP servers, avoiding repeated connection attempts to servers requiring auth
- Fixed unbounded memory growth during long-running sessions caused by Yoga WASM linear memory never shrinking
- SDK model info now includes `supportsEffort`, `supportedEffortLevels`, and `supportsAdaptiveThinking` fields so consumers can discover model capabilities.
- Added `ConfigChange` hook event that fires when configuration files change during a session, enabling enterprise security auditing and optional blocking of settings changes.
- Improved startup performance by caching MCP auth failures to avoid redundant connection attempts
- Improved startup performance by reducing HTTP calls for analytics token counting
- Improved startup performance by batching MCP tool token counting into a single API call
- Fixed `disableAllHooks` setting to respect managed settings hierarchy — non-managed settings can no longer disable managed hooks set by policy (#26637)
- Fixed `--resume` session picker showing raw XML tags for sessions that start with commands like `/clear`. Now correctly falls through to the session ID fallback.
- Improved permission prompts for path safety and working directory blocks to show the reason for the restriction instead of a bare prompt with no context
All 395 primitives Book a call