Between May 15 and May 23, 2026, Anthropic shipped eight Claude Code releases — v2.1.143 through v2.1.150 . That's eight versions in nine calendar days against a tool that already moves fast. The run mixes planned infrastructure work — background session reliability, OTel tracing, a renamed slash command — with reactive hotfixes touching the same subsystems within days of the originating release. Here's what changed and what it means for teams running Claude Code in production.
Eight Releases in Nine Days: Why the Pace Matters
Claude Code's release cadence is already aggressive by developer tooling standards, but the v2.1.143–v2.1.150 window stands out even by its own norms. At least two releases — v2.1.148 and v2.1.149 — shipped on the same calendar day , with v2.1.148 serving as a pure regression fix for an issue introduced by v2.1.147 hours earlier. That's a fast internal feedback loop, not a scheduled release train.
/simplify renamed /code-review (now catches logic bugs), /model is session-scoped by default (breaking), background sessions can be pinned via Ctrl+T, and a Bash permission-prompt bypass was patched in v2.1.145.
Four themes define the window: background session maturation, security hardening, developer ergonomics improvements (structured JSON output, OTel span IDs), and Windows parity fixes. The reactive hotfixes within the same window signal active dogfooding pressure — enterprise users filing regressions quickly enough to close them before the next planned release.
This is a curated signal extract. The full CHANGELOG and claudeupdates.dev have the complete diff for each version.
Release-by-Release Breakdown (v2.1.143–v2.1.150)
The table below maps each version to its ship date, primary category, and headline change .
| Version | Date (2026) | Category | Headline Change |
|---|---|---|---|
| v2.1.143 | May 15 | Features + fixes | Plugin dependency enforcement; worktree.bgIsolation: "none"; PowerShell -ExecutionPolicy Bypass default; stop-hook loop cap at 8 blocks |
| v2.1.144 | May 19 | Reliability | /resume lists bg sessions; /model now session-scoped (breaking); startup hang 75 s → 15 s; "usage credits" rename |
| v2.1.145 | May 19–20 | Scripting + security | claude agents --json; OTel agent_id/parent_agent_id; plugin install previews; Bash permission bypass patched |
| v2.1.146 | May 21 (AM) | UX + Windows | /simplify → /code-review rename begins; diff render perf; PowerShell regression fix; enterprise login enforcement |
| v2.1.147 | May 21 (PM) | Features | Pinned bg sessions (Ctrl+T); /code-review --comment for PR inline comments; auto-updater retry hardening |
| v2.1.148 | May 22 01:16 UTC | Hotfix | Bash tool exit-code 127 regression from v2.1.147 reverted; no other changes |
| v2.1.149 | May 22 22:09 UTC | Features + security | Per-category /usage breakdown; GFM task-list checkboxes; 3 security patches; macOS find vnode exhaustion fix |
| v2.1.150 | May 23 | Infrastructure | Internal changes only; no user-facing changes |
Two releases shipped on May 21 and two on May 22 . V2.1.148 arrived at 01:16 UTC — a same-day hotfix for a Bash tool regression introduced by v2.1.147 hours earlier . The same-day hotfix is the clearest evidence of a fast internal feedback loop in this window.
Breaking Changes and Migration Notes
Three changes in this window warrant immediate attention for anyone with production pipelines or shared team configurations.
/model is now session-scoped. As of v2.1.144, the /model picker applies to the current session only . Press d in the picker to set a persistent default for new sessions. Any automation or habit that assumed /model wrote to global config will silently use a stale model in subsequent sessions — no error, just wrong behavior.
/simplify → /code-review. The rename shipped across v2.1.146–v2.1.147 . Update CI scripts, runbooks, and keybinding configs. The old alias may not survive future versions.
PowerShell execution policy. From v2.1.143, the PowerShell tool passes -ExecutionPolicy Bypass by default on Windows . Teams with locked-down policies must opt out with:
CLAUDE_CODE_POWERSHELL_RESPECT_EXECUTION_POLICY=1Bash permission bypass (v2.1.145 security patch). Bare variable assignments to non-allowlisted env vars in Bash tool invocations could bypass permission prompts . Upgrading to v2.1.145+ closes the gap. Review allowlist configurations after upgrading.
"Enterprise login restrictions were not being enforced against third-party identity providers." — Anthropic Claude Code CHANGELOG, v2.1.147 entry (May 21, 2026)
This enterprise identity enforcement fix in v2.1.147 is separate from the Bash bypass. Both are patched in current releases. If your org uses a third-party IdP for Claude Code SSO, verify that login restrictions are applying correctly after the update.
Background Sessions: Reliability and Pinning
Background agent reliability was the most consistently improved subsystem across the window — nearly every release touched it. The changes compound into a meaningfully more stable runtime for long-running agent tasks.
- Corrupt
.credentials.jsonno longer hangs the CLI on startup (v2.1.143) . - Stop-hook loop cap: a hook that blocks repeatedly now terminates the turn after 8 consecutive blocks with a warning . Tunable via
CLAUDE_CODE_STOP_HOOK_BLOCK_CAP. - Model and effort persistence: sessions preserve their selected model and effort level after waking from idle (v2.1.143) .
- Startup hang fixed: when
api.anthropic.comis unreachable, the CLI now times out in 15 seconds instead of hanging for up to 75 seconds (v2.1.144) . - Pinned sessions (
Ctrl+Tinclaude agents): pinned sessions stay alive on idle and restart in place during Claude Code updates, preserving context (v2.1.147) .
Pinning is the most operationally significant change here. Before v2.1.147, a Claude Code auto-update would silently kill unpinned background sessions. With pinning, context survives the update cycle — relevant for any agent task measured in hours rather than minutes.
/code-review: From Formatting Linter to Review Agent
The rename from /simplify to /code-review signals a scope change, not just a label swap. The command now targets correctness bugs in addition to style and complexity issues .
Key additions shipping in v2.1.147 :
- Effort levels:
/code-review highprioritizes logic errors over formatting. Lower effort levels keep the focus on style. --commentflag: posts findings as inline GitHub PR comments, enabling async review without context switching.
"[/code-review] now reports correctness bugs at a chosen effort level." — Anthropic Claude Code CHANGELOG, v2.1.147 entry (May 21, 2026)
A practical CI integration: use claude agents --json to monitor session state, then trigger /code-review --comment on opened PRs. Findings appear as inline PR comments; reviewers address them in the diff view; the agent runs headless in the background. Migrate from /simplify now — the old name may not persist as a permanent alias.
Observability: OTel Agent Tracing and JSON Session Output
Two observability additions in v2.1.145 change how teams instrument multi-agent pipelines .
claude agents --json returns live session state as structured JSON. Feed it to tmux-resurrect integrations, status bars, or custom session pickers — any tooling that needs to react to session state programmatically now has a stable interface.
OTel agent spans now carry agent_id and parent_agent_id with proper trace parenting . Before v2.1.145, multi-agent OTel traces were flat — individual spans were visible but parent-child delegation paths were not reconstructable. After, a distributed trace shows the full call tree across agents. Point OTEL_EXPORTER_OTLP_ENDPOINT at a local Jaeger or Tempo instance to visualize it.
V2.1.149 adds per-category cost breakdowns to /usage: skills, subagents, plugins, and individual MCP server costs are reported separately . Paired with OTel tracing, teams now have both latency and cost visibility into multi-agent workflows from a single release window.
What to Watch in the Next Window
Four signals from this window are worth tracking as leading indicators for v2.1.151 and beyond.
- Auto-updater hardening (v2.1.147) suggests a more aggressive rollout cadence ahead — fewer manual intervention points, but more frequent version transitions to track in production.
- Plugin context-cost previews (v2.1.143) in the marketplace browse pane hint at a forthcoming cost-aware plugin selection UX — likely a fuller cost model surfaced before install.
- Enterprise login enforcement gaps closed in v2.1.146–v2.1.147 signal tightening org-level controls ahead of a broader enterprise push. Expect more managed settings in upcoming releases.
- Security audit cadence: at least 4 separate permission and bypass issues were patched across v2.1.145, v2.1.147, and v2.1.149 . This looks like a targeted audit, not coincidence — more patches are likely in v2.1.151+.
Track the GitHub releases page, releasebot.io, and claudelog.com for v2.1.151+ to see whether the regression → hotfix pattern stabilizes or continues.
Frequently Asked Questions
Is the /simplify command gone in Claude Code v2.1.147+?
/simplify has been fully renamed to /code-review, with the rename beginning in v2.1.146 and completing in v2.1.147 . The scope also expanded: the command now reports correctness bugs at a chosen effort level, not just style and complexity feedback. The old alias behavior may not persist in future versions — update scripts, CI workflows, and runbooks to use /code-review.
What does the /model scope change in v2.1.144 break?
As of v2.1.144, /model applies only to the current session . Press d in the model picker to set a persistent default for new sessions. Any tooling or workflow that assumed /model wrote to global config will silently use a stale model when a new session opens. Audit automation scripts and developer onboarding docs for assumptions about global model state.
How do I opt out of the PowerShell -ExecutionPolicy Bypass default?
Set CLAUDE_CODE_POWERSHELL_RESPECT_EXECUTION_POLICY=1 in your environment before launching Claude Code . This is required for organizations with restricted PowerShell execution policies. The default changed in v2.1.143; without this env var, the PowerShell tool passes -ExecutionPolicy Bypass on every invocation regardless of system policy.
What is the security fix in v2.1.145 and am I affected?
A permission-prompt bypass was possible via bare variable assignments to non-allowlisted environment variables inside Bash tool invocations . If your allowlist configs relied on this gap — intentionally or not — upgrading to v2.1.145+ closes it. Review Bash tool allowlist configurations after upgrading. Related patches in v2.1.147 and v2.1.149 address a PowerShell cd bypass and a git worktree sandbox write-allowlist misconfiguration respectively.
How do pinned background sessions work after v2.1.147?
In the claude agents view, press Ctrl+T to pin a session . Pinned sessions stay alive on idle (unpinned sessions can be reaped) and are restarted in place when Claude Code updates, preserving their context instead of silently dying. This is the direct fix for long-running background agents that previously lost state across auto-updates.
What's Next for Claude Code
The v2.1.143–v2.1.150 window shows Claude Code operating in two modes simultaneously: shipping planned infrastructure — OTel tracing, /code-review, session pinning — while closing regressions and security gaps fast enough to stay within the same release window. That combination reflects healthy velocity under real production pressure.
For teams running Claude Code in production today, three items require immediate action: the /model scope change, the /simplify → /code-review rename, and the PowerShell execution policy default. Everything else in this window is additive and opt-in. The full CHANGELOG, release history, and official Anthropic release notes are the authoritative sources for details beyond this summary.
Last updated: 2026-05-26. Based on Claude Code CHANGELOG entries for v2.1.143–v2.1.150 as published by Anthropic between May 15–23, 2026.
