github Lexus2016/claude-code-studio v5.25.8
v5.25.8 — Harden CLI/SSH session ID guards
on GitHub

latest releases: v5.49.1, v5.49.0, v5.48.3...
one month ago

What's Fixed

Extended session ID protection to SSH path

Follow-up to v5.25.7's session ID corruption fix. This patch extends the same UUID validation guards to the SSH execution path that was missed in the previous release.

Changes:

  • claude-ssh.js — UUID validation for --resume — The SSH runner now applies the same sessionId regex guard (/^[a-f0-9-]+$/i) before passing --resume to the remote Claude process. Previously, a corrupted session ID could be forwarded to a remote server unchecked.

  • claude-ssh.js — Type check on session_id responses — SSH result parsing now verifies data.session_id is a string before passing it to the onSessionId handler, preventing object values from propagating.

  • claude-cli.js — Diagnostic logging — When a non-UUID sessionId is rejected by the --resume guard, a console.warn is now emitted with the type and truncated value. This makes debugging session corruption issues visible in server logs instead of silently dropping the ID.

Why this matters

Without this patch, SSH-based sessions (remote servers added via the SSH panel) could still experience the session ID corruption that v5.25.7 fixed for local sessions. If you use Claude Code Studio to work on remote servers via SSH, this update is recommended.

Full Changelog: v5.25.7...v5.25.8

Check out latest releases or
releases around Lexus2016/claude-code-studio v5.25.8

Don't miss a new claude-code-studio release

NewReleases is sending notifications on new releases.

Get notifications