What's changed
- Added plugin dependency enforcement:
claude plugin disablenow refuses when another enabled plugin depends on the target (with a copy-pasteable disable-chain hint), andclaude plugin enableforce-enables transitive dependencies - Added projected context cost (per-turn and per-invocation token estimates) to the
/pluginmarketplace browse pane - Added
worktree.bgIsolation: "none"setting to let background sessions edit the working copy directly withoutEnterWorktree, for repos where worktrees are impractical - PowerShell tool now passes
-ExecutionPolicy Bypass. Opt out withCLAUDE_CODE_POWERSHELL_RESPECT_EXECUTION_POLICY=1 - Background sessions now preserve the model and effort level you set after waking from idle
- Shift+Tab in attached agent sessions now includes auto mode in the cycle
- Fixed a corrupt
.credentials.jsonwith a non-arrayscopesvalue hanging the CLI on startup or silently aborting OAuth token refresh - Fixed right-click paste in
claude agentson Windows Terminal and WSL - Fixed stop hooks that block repeatedly looping forever — the turn now ends with a warning after 8 consecutive blocks (override via
CLAUDE_CODE_STOP_HOOK_BLOCK_CAP) - Fixed Esc/Ctrl+C not cancelling a pending
/loopwakeup while Claude is idle between iterations - Fixed
/goalevaluator firing while background shells or delegated subagents are still running - Fixed
NO_COLOR/FORCE_COLORin settings.jsonenvstripping Claude Code's own UI colors — they now apply to subprocesses only - Fixed agent view spawning repeated PowerShell processes on Windows when listing sessions
- Fixed
/bgwithout a prompt sending "continue" to the forked session — the fork now waits for input - Fixed
--agent <name>not finding plugin-contributed agents without theplugin:prefix - Fixed deleting a session from agent view not removing its transcript file
- Fixed stale-fragment rendering when scrolling in attached background sessions on Windows Terminal
- Fixed background agents false-positive worker-stall detection storm after host sleep or macOS App Nap
- Fixed 5xx error messages pointing at status.claude.com instead of naming the configured gateway or cloud provider
- The PowerShell tool is now enabled by default on Windows for Bedrock, Vertex, and Foundry users. Opt out with
CLAUDE_CODE_USE_POWERSHELL_TOOL=0. claude agentsnow accepts--add-dir,--settings,--mcp-config, and--plugin-dirand applies them to the dashboard and to background sessions dispatched from itclaude agentsaccepts--permission-mode,--model,--effort, and--dangerously-skip-permissionsto set defaults for sessions dispatched from the viewclaude --bg --dangerously-skip-permissionsnow persists across retire→wake- Fixed background sessions silently capturing IDE file references into the warm spare's input, which caused the reference to be prepended to the next prompt dispatched from
claude agents - Worktree cleanup no longer falls back to
rm -rfwhengit worktree removefails, preventing loss of gitignored or in-progress files - Fixed background-job sessions on macOS getting "Operation not permitted" errors when reading files under
~/Documents,~/Desktop, or~/Downloads, even with Full Disk Access granted. /bgnow preserves--mcp-config,--settings,--add-dir,--plugin-dir, and--strict-mcp-config, so backgrounded sessions keep their MCP servers and settings across respawn.- Background sessions launched from
claude agentsnow honorpermissions.defaultModefrom settings.json (was previously overridden to auto mode) - Fixed: on Windows, pressing ← in
claude agentswhile a response was streaming could leave the agents list unresponsive to all input /bgand←-detach now preserve--fallback-model, so backgrounded workers degrade to the fallback model on overload instead of hard-failing./bgand←-detach now preserve--allow-dangerously-skip-permissions, so the forked worker keeps bypass-permissions available in its Shift+Tab cycle.- Fixed: background daemon spawn now falls back to the running binary when the
~/.local/bin/claudelauncher is missing or non-executable - Fixed
claude agents --allow-dangerously-skip-permissionsdefaulting dispatched sessions to bypass mode instead of making it available in the permission cycle