Claude Code v2.1.187 to v2.1.191 Major Updates
This page has been translated by machine translation. View original
This is Ishikawa from the Cloud Business Division. Here is a summary of the Claude Code updates from v2.1.187 to v2.1.191 (2026-06-23 to 2026-06-24).
Update Summary
This covers 3 versions (v2.1.187 / v2.1.190 / v2.1.191, 2026-06-23 to 2026-06-24). The main highlights include new features such as the addition of a sandbox.credentials setting that blocks credential reads from within sandboxes, and enhancements to /rewind allowing rollback to before a /clear was executed, along with a performance improvement that reduces CPU usage by approximately 37% during streaming responses, and numerous bug fixes. Note that there are no breaking changes or deprecations in this range.
Notable Updates
- New Features: Addition of
sandbox.credentialssetting to protect credentials from commands inside sandboxes (v2.1.187) //rewindsupport for rewinding to conversations before/clearwas executed (v2.1.191) / Organization-level model restrictions (v2.1.187) / Mouse click support for select menus in fullscreen mode (v2.1.187) - Bug Fixes: Fixed hooks with comma-separated matchers not firing without any warning (v2.1.191) / Fixed stopped background agents coming back to life (v2.1.191) / Fixed structured output (
--json-schema/ workflow) issues (v2.1.187) / Fixed VSCode extension becoming unresponsive when resuming large sessions (v2.1.187) - Security: With
sandbox.credentials, commands executed in sandboxes can now be blocked from reading credential files and secret environment variables (v2.1.187) - Performance: Reduced CPU usage during streaming responses by approximately 37% (v2.1.191)
Target Versions and Period
| Version | Release Date |
|---|---|
| v2.1.187 | 2026-06-23 |
| v2.1.190 | 2026-06-24 |
| v2.1.191 | 2026-06-24 |
Note that v2.1.188 / v2.1.189 were not published to npm, so the actual versions in this range are the 3 listed above. Also, the CHANGELOG for v2.1.190 only states "Bug fixes and reliability improvements," with no individual change details published.
New Features
/rewindnow supports resuming conversations before/clear(v2.1.191): Previously, executing/clearmade it impossible to return to prior conversations, but you can now use/rewindto roll back and resume from the state before/clearwas executed. This is useful for resetting to an initial state when a task reaches a stopping point or when context has grown large. Even after using/clearto move on to a new task, if you find you need to continue the previous work or want to undo a recent change, you can now rewind and resume.- Organization-configured model restrictions now applied throughout (v2.1.187): Organization model restrictions are now reflected in the model picker,
--model,/model, andANTHROPIC_MODEL. Selecting a restricted model displays the message "restricted by your organization's settings." - Mouse click support for select menus in fullscreen mode (v2.1.187): Permission prompts and select menus such as
/modeland/configcan now be selected with mouse clicks even in fullscreen mode.
Security
- Addition of
sandbox.credentialssetting (v2.1.187): A new setting has been added that can block commands running inside sandboxes from reading credential files and secret environment variables. This helps reduce the risk of information leakage during sandbox execution.
In addition, there are minor improvements to permissions and authorization, including fixes to approval handling in /permissions (described later) and improvements to the sandbox network permissions dialog (described later).
Improvements
- Made workflow configuration optional for
/install-github-app(v2.1.187): GitHub Actions workflow configuration is now optional, allowing you to install only the GitHub App and skip the workflow and secrets steps. - Improved sandbox network permissions dialog (v2.1.191): Hosts approved with "Yes" are now remembered for the duration of the session, so you are no longer asked to reconfirm on every connection.
- Improved MCP server reliability (v2.1.191): Capability discovery (
tools/list,prompts/list,resources/list) now retries with a short backoff on temporary network errors. - Improved MCP OAuth (v2.1.191): Discovery and token requests now retry once after temporary network errors, and in headless environments, browser popups are skipped in favor of a URL paste prompt.
- Improved MCP error messages (v2.1.191): On HTTP 404 errors, the target URL is now displayed and users are prompted to check their MCP configuration.
- Added keyboard navigation for
/btw(v2.1.187): You can now navigate through past responses using the ← / → keys. /pluginnow displays unused plugins (v2.1.187): Plugins that have not been used recently are now displayed, making it easier to clean them up.- Improved prompt history search in vim mode (v2.1.191): When performing a
/search in NORMAL mode, a hint is now shown on how to reach slash commands.
Performance
- Reduced CPU usage during streaming responses by approximately 37% (v2.1.191): By coalescing text updates in 100ms units, CPU usage during response streaming has been reduced by approximately 37%.
- Reduced memory growth in long-running sessions (v2.1.191): Memory growth in long-running sessions caused by the terminal output cache has been suppressed.
Fixes (Major)
The following is a selection of fixes primarily related to stability and usability.
- Fixed "No conversation found" error with
--resume(v2.1.187): Fixed a bug where--resumewould fail if the original-pexecution did not generate a model turn. - Fixed structured output (
--json-schema/ workflow) issues (v2.1.187): The model no longer infinitely re-invokesStructuredOutputafter a success, and structured output is now reliably returned in subsequent turns. - Fixed 5-minute hang on remote MCP tool calls (v2.1.187): Calls that were hanging without a response now abort with an error instead of blocking indefinitely (overridable with
CLAUDE_CODE_MCP_TOOL_IDLE_TIMEOUT). - Fixed garbled text when pasting Korean/CJK characters (v2.1.187): Fixed a bug where pasted text would become garbled in terminals that deliver paste events as byte-by-byte extended key events.
- Fixed agent jobs getting stuck in "working" state (v2.1.187): Fixed a bug where background jobs would stop indefinitely when an agent ended a turn without generating structured output.
- Fixed VSCode extension becoming unresponsive when resuming large sessions (v2.1.187): Fixed a bug where the extension would become unresponsive when resuming large sessions.
- Fixed scroll position jumping during streaming (v2.1.191): Fixed a bug where the scroll position would jump to the bottom while reading past output during a streaming response.
- Fixed stopped background agents coming back to life (v2.1.191): Stopping from the task panel now takes permanent effect.
- Fixed hooks with comma-separated matchers not firing (v2.1.191): Fixed a bug where hooks with matchers specified as comma-separated values like
"Bash,PowerShell"would never fire without any warning. - Fixed approvals in
/permissionsbeing discarded (v2.1.191): Fixed an issue where changing a rejection to an approval in the "recently rejected" tab would silently be discarded upon closing the screen; approvals are now saved correctly. - Fixed managed settings (
forceRemoteSettingsRefresh) issues (v2.1.191): Now works via MDM and file policies as well, and sendsCache-Control: no-cacheduring retrieval to prevent proxies from returning stale responses. - In addition, numerous minor bugs have been fixed across v2.1.187 / v2.1.190 / v2.1.191, including startup delays in Claude Code Remote, channel connection drops, link and URL display in Ghostty / Windows Terminal, display issues in
claude agents, and splash art overflow.
Closing
In this update range, the standout items are new features such as sandbox credential protection (sandbox.credentials) and /rewind support for rewinding before /clear, as well as the performance improvement of approximately 37% CPU usage reduction during streaming. Additionally, impactful bugs in real-world use have been resolved, including hooks with comma-separated matchers not firing and stopped agents coming back to life. Since there are no breaking changes or deprecations, this is a relatively safe update to adopt. If anything catches your interest, try updating and checking it out.
References