SpyBara
Go Premium

whats-new/2026-w19.md 2026-06-09 06:34 UTC to 2026-06-10 23:57 UTC

60 added, 0 removed.

2026
Tue 30 23:02 Mon 29 23:02 Sat 27 01:01 Fri 26 23:00 Thu 25 23:58 Wed 24 22:02 Tue 23 22:00 Mon 22 23:59 Fri 19 22:58 Thu 18 22:00 Wed 17 17:02 Tue 16 21:57 Mon 15 23:02 Sat 13 21:59 Fri 12 22:00 Thu 11 23:01 Wed 10 23:57 Tue 9 06:34 Mon 8 06:52 Sat 6 06:24 Fri 5 06:45 Thu 4 06:52 Wed 3 06:53 Tue 2 06:51

Week 19 · May 4–8, 2026

Load plugins from .zip archives and URLs, search command history across every project with Ctrl+R, branch new worktrees from local HEAD or the remote default, and block actions unconditionally with auto mode hard deny rules.

Releases v2.1.128 → v2.1.136 2 features · May 4–8
Plugins from .zip archives and URLs

`--plugin-dir` now accepts a .zip plugin archive in addition to a directory, and the new `--plugin-url` flag fetches a plugin archive from a URL for the current session. Useful for trying a plugin before adding it to a marketplace, or for shipping internal plugins from an artifact store.

Load a plugin straight from a URL:

claude --plugin-url https://example.com/my-plugin.zip

<a className="digest-feature-link" href="/docs/en/plugins">Plugins guide

History search across all your projects v2.1.129

Ctrl+R reverse-search now defaults to all prompts across every project, restoring the behavior from before v2.1.124. Press Ctrl+S while searching to narrow back to the current project or session. Handy when you remember a command you ran in another repo last week and don't want to go digging for it.

<a className="digest-feature-link" href="/docs/en/interactive-mode#command-history">Interactive mode: command history

Other wins

New worktree.baseRef setting (fresh | head) controls whether --worktree, the EnterWorktree tool, and agent-isolation worktrees branch from the remote default branch or local HEAD; the default fresh keeps unpushed commits out of new worktrees
New settings.autoMode.hard\_deny rules block matching actions unconditionally in auto mode, regardless of allow exceptions, for actions that should never run automatically even when broader allow rules apply
Hooks now receive the active effort level via the `effort.level` JSON input field and the `$CLAUDE_EFFORT` environment variable, and Bash tool commands can read \$CLAUDE\_EFFORT
CLAUDE\_CODE\_DISABLE\_ALTERNATE\_SCREEN=1 opts out of the fullscreen alternate-screen renderer and keeps the conversation in the terminal's native scrollback
CLAUDE\_CODE\_PACKAGE\_MANAGER\_AUTO\_UPDATE lets Homebrew or WinGet installations run the upgrade in the background and prompt to restart
CLAUDE\_CODE\_SESSION\_ID is now in the Bash tool subprocess environment, matching the session\_id passed to hooks
/mcp now shows the tool count for connected servers and flags servers that connected with 0 tools
--channels now works with console (API key) authentication
Subprocesses such as Bash, hooks, MCP, and LSP no longer inherit OTEL\_\* environment variables, so OTEL-instrumented apps run via the Bash tool no longer pick up the CLI's own OTLP endpoint
Sub-agent progress summaries now hit the prompt cache, cutting cache\_creation token cost by roughly 3x
Several OAuth and credential reliability fixes: parallel sessions no longer dead-end at 401 after a refresh-token race, MCP OAuth refresh tokens are no longer lost when multiple servers refresh concurrently, and a rare login loop from a concurrent credential write is fixed
New parentSettingsBehavior admin key lets admins opt SDK managedSettings into the policy merge

Full changelog for v2.1.128–v2.1.136 →