releaseintermediate
[Release] anthropics/claude-code v2.1.214: v2.1.214
By ashwin-antgithub
View original on githubClaude Code v2.1.214 is a security and stability release that fixes critical permission-check bypasses across multiple shells (Bash, PowerShell, zsh), improves command parsing to prevent auto-approval of unsafe operations, and adds new features like the EndConversation tool and OpenTelemetry enhancements. The release addresses 50+ bugs including permission prompt timing issues, background session management, streaming failures, and platform-specific encoding problems on Windows.
Key Points
- •Fixed permission-check bypass in Windows PowerShell 5.1 and improved Bash permission checks to fail closed on file-descriptor redirects and very long commands (>10,000 chars)
- •Enhanced permission prompts to prevent auto-approval of unsafe `help`, `man`, and `docker` daemon-redirect commands that could execute dangerous options or substitutions
- •Added EndConversation tool allowing Claude to terminate sessions with abusive users or jailbreak attempts, matching claude.ai behavior since 2025
- •Improved observability with periodic progress heartbeats for long-running tool calls, ISO timestamps in memory files, and enhanced OpenTelemetry logging with message UUIDs and tool provenance
- •Fixed critical background session bugs: idle sessions now properly release daemon/worker processes, completed sessions can be removed via `claude rm`, and session restoration works with unreadable folders
- •Resolved Windows-specific issues: UTF-16LE file encoding in PowerShell redirects, UnicodeDecodeError/EncodeError in Python scripts, and hanging child processes waiting on stdin
- •Fixed permission rule semantics: single-segment `dir/**` rules now match only `<cwd>/dir` (not any-depth); use `**/dir/**` for any-depth matching in write rules
- •Addressed streaming and networking issues: fixed 'Socket is closed' errors behind corporate proxies, stream-json output truncation, and stale connection handling in keep-alive pooling
- •Fixed feature flag staleness in long-running sessions after OAuth token rotation and GrowthBook null evaluation crashes
- •Improved remote session handling: permission prompts now wait for local confirmation before proceeding, and Remote Control 'session ready' notifications fire only when explicitly enabled
Found this useful? Add it to a playbook for a step-by-step implementation guide.
Workflow Diagram
Start Process
Step A
Step B
Step C
Complete