• fallbackModel in settings.json stacks up to three fallback models tried in order when the primary is overloaded or unavailable. --fallback-model now applies to interactive sessions too, not just headless and pipe mode. (more below)
• Deny rules now accept glob patterns in the tool-name position, including "*" to deny all tools. Allow rules reject non-MCP globs, and unknown tool names in deny rules warn at startup, so check your config if you see new warnings.
• SendMessage across sessions no longer carries user authority. Receivers refuse relayed permission requests, and auto mode blocks them, so multi-session permission-relay workflows will break. (more below)
• MAX_THINKING_TOKENS=0, --thinking disabled, and the per-model thinking toggle now actually disable thinking on default-thinking models via the Claude API. Third-party providers are unchanged.

New in 2.1.167, 2.1.166, 2.1.165

2.1.167 (June 6, 2026)

• Bug fixes and reliability improvements

2.1.166 (June 6, 2026)

• Added fallbackModel setting to configure up to three fallback models tried in order when the primary model is overloaded or unavailable; --fallback-model now also applies to interactive sessions
• Added glob pattern support in deny rule tool-name position ("*" denies all tools); allow rules reject non-MCP globs, and unknown tool names in deny rules warn at startup
• Hardened cross-session messaging: messages relayed via SendMessage from other Claude sessions no longer carry user authority, receivers refuse relayed permission requests, and auto mode blocks them
• MAX_THINKING_TOKENS=0, --thinking disabled, and the per-model thinking toggle now disable thinking on models that think by default via the Claude API (3P providers unchanged)
• Claude Code now retries a turn once on the fallback model when the API rejects an unexpected non-retryable error; auth, rate-limit, request-size, and transport errors still surface immediately
• claude update now announces the target version before downloading instead of going silent
• claude agents: typing a URL into the list now filters to the session whose first prompt contained it
• Fixed a recurring "image could not be processed" error and extra token usage when an unprocessable image was sent in a session
• Fixed remote sessions becoming permanently stuck when a brief backend disruption occurred during worker registration at startup
• Fixed flickering in JetBrains IDE terminals (IntelliJ, PyCharm, WebStorm, etc.) on 2026.1+ by enabling synchronized output
• Fixed Shift+non-ASCII characters (e.g. Shift+ä → Ä) being dropped in terminals using the Kitty keyboard protocol (WezTerm, Ghostty, kitty)
• Fixed PowerShell command validation occasionally hanging far past its time budget on Windows when a killed process's children held its output pipes
• Fixed orphaned claude --bg-pty-host processes spinning at 100% CPU after the daemon dies while connected on macOS
• Fixed voice mode requiring /login to clear a stale auth check after toggling /voice
• Fixed managed settings with an invalid entry silently disabling enforcement of their remaining valid policies
• Fixed managed-settings allowedMcpServers/deniedMcpServers predicates not matching when they use ${VAR} references
• Fixed background agent sessions that entered a git worktree crash-looping with "No conversation found" when reopened from claude agents
• Fixed duplicated thinking text in the Ctrl+O transcript view while streaming
• Fixed /doctor showing a contradictory failed "Not inside a remote session" check when run inside a remote session
• Fixed the cursor sticking at the end of the first line when typing a multiline prompt in the claude agents dispatch and reply inputs
• Fixed blank lines appearing between background agent rows in the task list on terminals without Unicode support

2.1.165 (June 6, 2026)

• Bug fixes and reliability improvements

Notes