TL;DR

• /model saves as default again; press s for session-only. If you customized the modelPicker:setAsDefault keybinding, rename it to modelPicker:thisSessionOnly in keybindings.json. (more below)

• Subagent MCP servers now enforce --strict-mcp-config, --bare, and enterprise allow/deny policies. If you relied on strict MCP config to sandbox subagents, the fence was not actually up until this release. (more below)

• Custom API gateway credential leak fixed. A regression could send your Anthropic OAuth credential to the gateway instead of the gateway's own token.

• /bg while Claude is mid-response now continues in background instead of dropping it. Previously backgrounding a running response silently discarded the output.

• subagent_type: 'claude' no longer runs in a hidden worktree that discards gitignored outputs. If agent tool results were mysteriously missing, this was likely the cause.

New in 2.1.153

2.1.153 (May 28, 2026)

• Added skipLfs option to github/git plugin marketplace sources to skip Git LFS downloads during clone and update
• Claude Code now shows a one-time notice when your npm global install can't auto-update; /doctor lists the fixes
• Status line commands now receive COLUMNS and LINES environment variables so scripts can size output to the terminal width
• claude agents: autocomplete in the dispatch input now suggests native slash commands and bundled skills, not just project skills
• claude agents: PR column now shows PR #N for a single PR or N PRs for multiple
• claude doctor now shows the result of your last update attempt
• Combined the separate "needs authentication" startup notifications for MCP servers and connectors into a single message
• macOS: background agents now appear as "Claude Code" in Privacy & Security and keep their permission grants across upgrades
• Fixed stateful MCP servers without the optional GET SSE stream reconnect-looping on tools/list (regression in v2.1.147)
• Fixed a regression where a custom API gateway could receive the user's Anthropic OAuth credential instead of the gateway's own token
• Fixed subagent (Agent tool) frontmatter MCP servers ignoring --strict-mcp-config, --bare, remote mode, enterprise managed MCP config, and managed-settings MCP server allow/deny policies
• --strict-mcp-config no longer strips inline mcpServers from explicitly-passed agent definitions (--agents / SDK agents), and blocked subagent MCP servers now surface a visible warning
• Fixed the Windows PowerShell installer reporting "Installation complete!" when installation actually failed
• Fixed claude update installing the latest version instead of the configured release channel's version for npm installations
• Fixed excessive memory usage (multiple GB) when resuming a session by transcript file path on machines with many stored sessions
• Fixed claude agents and claude --bg running on a stale daemon started before binary-takeover support, even after upgrading
• Fixed a hang where the CLI could fail to exit when stdin was closed without EOF in stream-json mode, leaving a stale session marker behind
• Fixed malformed file:// links in Claude's responses not being clickable in the terminal
• Fixed claude --help rendering unwrapped output on terminals narrower than 92 columns
• Fixed MCP tool progress notifications not rendering in the collapsed tool view
• Fixed Agent tool with subagent_type: 'claude' running in an undocumented temporary worktree, which could silently discard outputs written to gitignored paths
• /bg while Claude is responding now continues the response in the background session instead of dropping it
• Fixed /btw keyboard shortcuts becoming unresponsive in background sessions while a task is running
• Fixed background sessions writing temp files to $CLAUDE_JOB_DIR triggering a "sensitive file" permission prompt
• Fixed recovering a background agent whose working directory was deleted showing a truncated stack trace instead of a clear error message
• Fixed EnterWorktree not being available immediately in background sessions (previously required ToolSearch first)
• Fixed cmd+k in iTerm2/Terminal.app not repainting attached background sessions
• Fixed the IME candidate window appearing at the bottom of the screen instead of next to the input caret in attached background sessions on Windows
• Fixed background-color bleed when attaching to a background agent from 256-color-only terminals after the agent had rendered file diffs
• Fixed /copy and copy-on-select silently failing to update the system clipboard when attached to a background session inside tmux
• Fixed opening claude agents with Remote Control enabled leaving zombie session entries on the Code tab after exiting
• Fixed /rename in background sessions not updating the session banner immediately
• Fixed Windows update rollback: if a Windows update fails, Claude Code now restores the original executable by copy and tells you how to recover
• [VSCode] Fixed Claude Code processes not shutting down cleanly when VS Code closed on Windows, causing false "unclean exit" reports and orphaned MCP servers
• /model now saves your selection as the default for new sessions (matching the IDE). Press s in the picker to switch models for the current session only.
• If you customized the modelPicker:setAsDefault keybinding, rename it to modelPicker:thisSessionOnly in keybindings.json (the d action was replaced by s)

Notes