Major Updates in Claude Code v2.1.194–v2.1.196

This is Ishikawa from the Cloud Business Division. I'll summarize the Claude Code updates from v2.1.194 to v2.1.196 (2026-06-26 to 2026-06-29). Note that v2.1.194 was not published to npm and is therefore a missing version, so this article actually covers the two published versions: v2.1.195 and v2.1.196.

Update Summary

The target versions are v2.1.195 (2026-06-26) and v2.1.196 (2026-06-29). In addition to new features (organization default model, session default names, clickable file attachments, etc.), the updates focus on improved reliability for background sessions and background agents, along with security and bug fixes related to plugins and MCP. However, some changes may affect existing configurations and behaviors, including hook matching behavior, streaming watchdog defaults, and remote control activation conditions.

It looks like it will take a little more time before Claude Mythos 5 and Fable 5 become generally available again.

https://x.com/AnthropicAI/status/2070665903440871779

Notable Updates

• New Feature: Support for organization default models. Administrators can configure this in the organization console, and when users have not selected a model, /model will display "Org default" (or "Role default") (v2.1.196).
• Bug Fix: Fixed an issue where conversations were completely deleted and the original prompt was re-executed when resuming background jobs. The affected files are now moved rather than deleted (v2.1.196).
• Security: claude mcp list/get will no longer start .mcp.json servers that were self-approved via .claude/settings.json committed to the repository (v2.1.196).

Target Versions and Period

New Features

• Support for organization default models (v2.1.196): Administrators can set a default model in the organization console, which is displayed as "Org default" (or "Role default") in /model when users have not selected a model themselves.
• Assign readable default names to sessions (v2.1.196): Sessions now automatically receive descriptive names at startup, making identification and message sending easier.
• Make file attachments in chat clickable (v2.1.196): Cmd/Ctrl + click now allows you to reveal attached files in Finder/Explorer.
• Added CLAUDE_CODE_DISABLE_MOUSE_CLICKS (v2.1.195): An environment variable that disables mouse clicks, drags, and hovers in fullscreen mode while still allowing wheel scrolling.

Security

• Prevent self-approved server startup in claude mcp list/get (v2.1.196): These commands will no longer start .mcp.json servers that were self-approved via .claude/settings.json committed to the repository. In untrusted workspaces, ⏸ Pending approval will be displayed.
• Require installation consent for external plugins through all paths (v2.1.195): Fixed an issue where external plugins enabled only via a project's .claude/settings.json were not requiring explicit installation consent through some loading paths.

Improvements

• Improved reliability of background sessions (v2.1.196): Long-running commands and workflows now persist across session process stops, restarts, and updates. On Windows, background shells are now handed off rather than forcibly terminated.
• Automatic resumption of background agents (v2.1.196): Workers stopped by a daemon restart will now automatically resume from where they left off the next time the agent view is opened.
• Reduced token usage in /code-review workflow (v2.1.196): Five cleanup detection processes were consolidated into one, reducing token usage by approximately 25%.
• Reduced terminal UI rendering overhead (v2.1.196): Skips traversal of unchanged subtrees during streaming, reducing per-frame rendering cost.
• Simplified opening of agent view from foreground (v2.1.196): Changed opening the agent view in a foreground session from pressing ← twice to once, aligning it with background sessions.
• Distinguish audio mode errors on Linux (v2.1.195): When SoX is installed but no audio capture device exists, "no microphone" and "SoX not installed" are now distinguished in the display.
• Improved completed list display in claude agents (v2.1.195): The completed list now fills available vertical space, and headers are compacted on narrow terminals so live sessions remain visible.
• Visualize remote session startup (v2.1.195): A provisioning checklist is now displayed while containers are starting.

Fixes (Major)

A selection of fixes related to stability and usability.

• Fixed conversation deletion on background job resume (v2.1.196): Fixed an issue where a transcript judgment error caused conversations to be completely deleted and the original prompt to be re-executed when resuming a job. The affected files are now moved rather than deleted.
• Fixed background job disappearance and data loss (v2.1.195): Fixed an issue where background jobs written by a newer version of Claude Code would disappear from claude agents or lose data.
• Fixed background agent daemon unreachability (v2.1.195): Fixed an issue where failure to start the control socket caused the daemon to operate while unreachable and blocked restarts.
• Fixed remote session crash recovery (v2.1.196): Remote sessions interrupted mid-turn by a server restart will now automatically resume on the next worker.
• Fixed claude agents side panel issues (v2.1.196): Fixed multiple issues including keyboard focus freezing when opening an agent, subagent types of background job being lost each time they were opened, and running sessions displaying incorrect status.
• Fixed session status display in claude agents (v2.1.196): Completed rows no longer toggle between "Done" and "Needs your input," stalled agents now display "Needs attention," and results mentioning a PR now include a clickable link.
• Fixed claude agents --dangerously-skip-permissions behavior (v2.1.196): Fixed issues where it silently fell back to auto mode without showing the bypass disclaimer, and did not apply bypass mode to spawned agents.
• Fixed false command failure detection in PowerShell (v2.1.196): Fixed an issue where git diff/git grep, egrep/fgrep, and quoted search patterns containing | were treated as failures with exit code 1, aligning behavior with Bash.
• Fixed MCP OAuth invalid_scope error (v2.1.196): Fixed an issue where, when no scopes were specified, the entire scopes_supported catalog of the authorization server was requested, causing invalid_scope errors with enterprise IdPs such as GitLab self-hosted.
• Fixed rollback menu regression (v2.1.196): Fixed a regression where pressing Esc Esc on an idle prompt did not open the rollback menu. Note that Ctrl+C or Ctrl+X Ctrl+K should be used to stop background agents.
• Fixed rate limit warning flickering and telemetry overcounting (v2.1.196): Fixed an issue where, when multiple parallel requests were in progress at the moment the usage limit was reached, rate limit warnings would flicker and disappear, and rate limit telemetry would be overcounted.
• Fixed voice auto-send for non-space-delimited languages (v2.1.195): Fixed an issue where voice input auto-send would not fire for languages that do not use spaces as delimiters (Japanese, Chinese, Thai).
• In addition, numerous minor bugs have been fixed, including voice input (on macOS / during fast typing), plugin management (/plugin enable/disable, claude plugin validate, dependency version pinning), session navigation with /cd, /context display when using Bedrock, /deep-research result reporting, blank screens when re-displaying crashed background tasks, and duplicate summary lines in background sessions.

Behavior Changes (Review Required)

These are not announced as explicit "breaking changes," but may alter behavior depending on existing configurations or environments. If you observe unintended behavior after updating, please check the following.

• Hook matchers changed from partial match to exact match (v2.1.195): Fixed an issue where hook matchers for identifiers containing hyphens (such as code-reviewer, mcp__brave-search) were unintentionally matching partially; they now use exact matching. To match all tools for a hyphenated MCP server, specify it as mcp__brave-search__.*. Existing hook configurations that relied on partial matching will need to be reviewed.
• Streaming idle watchdog now enabled by default (v2.1.196): The streaming idle watchdog is now enabled by default for all providers. If a response stream does not produce events for 5 minutes, it will be interrupted and retried. To disable, set CLAUDE_ENABLE_STREAM_WATCHDOG=0.
• Remote Control disabled when non-Anthropic host is specified (v2.1.196): Remote Control is now disabled when ANTHROPIC_BASE_URL points to a non-Anthropic host. This aligns with the existing behavior under CLAUDE_CODE_USE_BEDROCK/_VERTEX/_FOUNDRY.

Closing

v2.1.195 and v2.1.196 were updates focused on improved reliability for background sessions and agents, along with security and bug fixes related to plugins and MCP. As a new feature, organization default model support is a convenient addition for administrators.

On the other hand, please note that changes such as the shift to exact matching for hook matchers and the default enablement of streaming watchdog may alter behavior depending on existing configurations and environments.

References

https://github.com/anthropics/claude-code/blob/main/CHANGELOG.md

https://code.claude.com/docs/en/changelog