Agent DailyAgent Daily
releaseintermediate

[Release] anthropics/claude-code v2.1.214: v2.1.214

By ashwin-antgithub
View original on github

Claude Code v2.1.214 is a security and stability release that fixes critical permission-check bypasses across multiple shells (Bash, PowerShell, zsh), improves command parsing to prevent auto-approval of unsafe operations, and adds new features like the EndConversation tool and OpenTelemetry enhancements. The release addresses 50+ bugs including permission prompt timing issues, background session management, streaming failures, and platform-specific encoding problems on Windows.

Key Points

  • Fixed permission-check bypass in Windows PowerShell 5.1 and improved Bash permission checks to fail closed on file-descriptor redirects and very long commands (>10,000 chars)
  • Enhanced permission prompts to prevent auto-approval of unsafe `help`, `man`, and `docker` daemon-redirect commands that could execute dangerous options or substitutions
  • Added EndConversation tool allowing Claude to terminate sessions with abusive users or jailbreak attempts, matching claude.ai behavior since 2025
  • Improved observability with periodic progress heartbeats for long-running tool calls, ISO timestamps in memory files, and enhanced OpenTelemetry logging with message UUIDs and tool provenance
  • Fixed critical background session bugs: idle sessions now properly release daemon/worker processes, completed sessions can be removed via `claude rm`, and session restoration works with unreadable folders
  • Resolved Windows-specific issues: UTF-16LE file encoding in PowerShell redirects, UnicodeDecodeError/EncodeError in Python scripts, and hanging child processes waiting on stdin
  • Fixed permission rule semantics: single-segment `dir/**` rules now match only `<cwd>/dir` (not any-depth); use `**/dir/**` for any-depth matching in write rules
  • Addressed streaming and networking issues: fixed 'Socket is closed' errors behind corporate proxies, stream-json output truncation, and stale connection handling in keep-alive pooling
  • Fixed feature flag staleness in long-running sessions after OAuth token rotation and GrowthBook null evaluation crashes
  • Improved remote session handling: permission prompts now wait for local confirmation before proceeding, and Remote Control 'session ready' notifications fire only when explicitly enabled

Found this useful? Add it to a playbook for a step-by-step implementation guide.

Workflow Diagram

Start Process
Step A
Step B
Step C
Complete
Quality

Concepts