Skip to content

deps(deps): bump @anthropic-ai/claude-code from 2.1.167 to 2.1.207 in /docker#514

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/docker/anthropic-ai/claude-code-2.1.207
Open

deps(deps): bump @anthropic-ai/claude-code from 2.1.167 to 2.1.207 in /docker#514
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/docker/anthropic-ai/claude-code-2.1.207

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 11, 2026

Copy link
Copy Markdown
Contributor

Bumps @anthropic-ai/claude-code from 2.1.167 to 2.1.207.

Release notes

Sourced from @​anthropic-ai/claude-code's releases.

v2.1.207

What's changed

  • Auto mode is now available without CLAUDE_CODE_ENABLE_AUTO_MODE opt-in on Bedrock, Vertex AI, and Foundry; disable via disableAutoMode in settings
  • Fixed the terminal freezing and keystrokes lagging while streaming responses containing very long lists, tables, paragraphs, or code blocks
  • Fixed remote managed settings from a non-interactive run (claude -p, the SDK) being permanently recorded as consented without ever showing the security consent dialog
  • Fixed spurious prompt-injection warnings triggered by benign system-generated conversation updates
  • Fixed the auto-updater overwriting a custom launcher script or symlink at ~/.local/bin/claude on every release; /doctor now reports an externally managed launcher
  • Fixed compound commands with cd prompting for permission when the only output redirect was to /dev/null
  • Fixed the transcript jumping above the start of the answer when a response finishes streaming
  • Fixed extensions.worktreeConfig being left in the repo's .git/config (breaking go-git tools like tea) after the last worktree.sparsePaths worktree was removed
  • Fixed malformed bracket patterns in rules globs, skill paths, .ignore, and .worktreeinclude breaking file reads, file suggestions, and worktree creation
  • Fixed a crash loop in agent teams where a malformed teammate mailbox message caused repeated errors every second until the mailbox file was manually deleted
  • Fixed background sessions auto-named by accepting a plan not showing that name on their agent-view row
  • Fixed background sessions that entered a git worktree resuming blank after a cold reopen from the agent list
  • Fixed Remote Control task status updates being lost when the connection recovered from a network interruption or credential refresh
  • Fixed Remote Control sessions hosted by the desktop app not showing background agent and workflow progress on mobile and web
  • Fixed Deep research runs labeling every Fetch-phase agent "unknown" — chips now show the source hostname
  • Fixed Bedrock repeatedly requesting fresh AWS SSO credentials from IAM Identity Center on every API request
  • Improved agent view: pasting the same text again now expands the collapsed [Pasted text #N] placeholder instead of adding a second one
  • Improved agent view: blocked session peeks now lead with the question and show a worded staleness clock (waiting 3m) instead of the same timestamp twice
  • Changed Bedrock, Vertex, and Claude Platform on AWS to default to Claude Opus 4.8
  • Changed auto mode to no longer read autoMode from .claude/settings.local.json (repo-resident); use ~/.claude/settings.json instead
  • Fixed an indefinite hang on Windows when AWS credential resolution stalls (e.g. a stuck credential_process): the 60-second stall guard now fires instead of waiting forever.
  • Plugin hooks/monitors/MCP headersHelper: ${user_config.*} in shell-form commands is now rejected (shell-injection fix). Hooks: use exec form (args array) or $CLAUDE_PLUGIN_OPTION_<KEY>; monitors and headersHelper: read the value inside the script (config file or the server's env block).
  • Plugin option values (pluginConfigs) are no longer read from project-level .claude/settings.json; only user, --settings, and managed settings are honored
  • Fixed /usage-credits amount inputs silently stripping malformed values (e.g. a pasted timestamp) to digits; malformed amounts are now rejected with an error, and amounts over $1,000 require a typed confirmation

v2.1.206

What's changed

  • Added directory path suggestions to /cd, matching /add-dir behavior
  • Added a /doctor check that proposes trimming checked-in CLAUDE.md files by cutting content Claude could derive from the codebase
  • /commit-push-pr now auto-allows git push to the repo's configured push remote (remote.pushDefault, or the sole remote when only one is configured) in addition to origin
  • Gateway: /login now supports Anthropic-operated public gateway endpoints
  • EnterWorktree now asks for confirmation before entering a git worktree outside the project's .claude/worktrees/ directory
  • Background agents now upgrade to a new version in the background right after a Claude Code update, instead of paying a slow stale-session upgrade when you attach
  • Fixed an expired login failing every model with a misleading "There's an issue with the selected model" error instead of prompting to run /login
  • Fixed claude --resume and --continue not responding to keyboard input on startup
  • Fixed MCP servers configured via --mcp-config or .mcp.json ignoring a per-server request_timeout_ms, which caused long-running MCP tool calls to time out at the 60s default in fresh sessions
  • Fixed CLAUDE_CODE_EXTRA_BODY being silently ignored by claude agents / --bg background workers; the shell-exported override now follows the dispatching session
  • Fixed OAuth MCP servers requiring manual re-authentication after a single failed token refresh
  • Fixed --permission-prompt-tool pointing at an MCP server crashing with "MCP tool not found" on cold start before the server finishes connecting
  • Fixed /model picker rows printing a price for a different model than the row named, and stopped quoting first-party list prices on providers that don't bill them
  • Fixed server-provided model rows being misplaced in the /model picker when an entitlement or allowlist restriction drops the row they were positioned against
  • Fixed desktop sessions getting stuck showing "running" after a slash command was sent mid-turn
  • Fixed keyboard input being ignored in the agents view when a setup prompt appeared before a bare claude --resume on Windows
  • Fixed claude rm leaving the removed job in the daemon roster, causing the row to reappear in claude agents
  • Fixed /remote-control showing "Unknown command" when logged out — it now explains how to sign in
  • Fixed left arrow not stepping back out of a phase or agent in the workflow detail view

... (truncated)

Changelog

Sourced from @​anthropic-ai/claude-code's changelog.

2.1.207

  • Auto mode is now available without CLAUDE_CODE_ENABLE_AUTO_MODE opt-in on Bedrock, Vertex AI, and Foundry; disable via disableAutoMode in settings
  • Fixed the terminal freezing and keystrokes lagging while streaming responses containing very long lists, tables, paragraphs, or code blocks
  • Fixed remote managed settings from a non-interactive run (claude -p, the SDK) being permanently recorded as consented without ever showing the security consent dialog
  • Fixed spurious prompt-injection warnings triggered by benign system-generated conversation updates
  • Fixed the auto-updater overwriting a custom launcher script or symlink at ~/.local/bin/claude on every release; /doctor now reports an externally managed launcher
  • Fixed compound commands with cd prompting for permission when the only output redirect was to /dev/null
  • Fixed the transcript jumping above the start of the answer when a response finishes streaming
  • Fixed extensions.worktreeConfig being left in the repo's .git/config (breaking go-git tools like tea) after the last worktree.sparsePaths worktree was removed
  • Fixed malformed bracket patterns in rules globs, skill paths, .ignore, and .worktreeinclude breaking file reads, file suggestions, and worktree creation
  • Fixed a crash loop in agent teams where a malformed teammate mailbox message caused repeated errors every second until the mailbox file was manually deleted
  • Fixed background sessions auto-named by accepting a plan not showing that name on their agent-view row
  • Fixed background sessions that entered a git worktree resuming blank after a cold reopen from the agent list
  • Fixed Remote Control task status updates being lost when the connection recovered from a network interruption or credential refresh
  • Fixed Remote Control sessions hosted by the desktop app not showing background agent and workflow progress on mobile and web
  • Fixed Deep research runs labeling every Fetch-phase agent "unknown" — chips now show the source hostname
  • Fixed Bedrock repeatedly requesting fresh AWS SSO credentials from IAM Identity Center on every API request
  • Improved agent view: pasting the same text again now expands the collapsed [Pasted text #N] placeholder instead of adding a second one
  • Improved agent view: blocked session peeks now lead with the question and show a worded staleness clock (waiting 3m) instead of the same timestamp twice
  • Changed Bedrock, Vertex, and Claude Platform on AWS to default to Claude Opus 4.8
  • Changed auto mode to no longer read autoMode from .claude/settings.local.json (repo-resident); use ~/.claude/settings.json instead
  • Fixed an indefinite hang on Windows when AWS credential resolution stalls (e.g. a stuck credential_process): the 60-second stall guard now fires instead of waiting forever.
  • Plugin hooks/monitors/MCP headersHelper: ${user_config.*} in shell-form commands is now rejected (shell-injection fix). Hooks: use exec form (args array) or $CLAUDE_PLUGIN_OPTION_<KEY>; monitors and headersHelper: read the value inside the script (config file or the server's env block).
  • Plugin option values (pluginConfigs) are no longer read from project-level .claude/settings.json; only user, --settings, and managed settings are honored
  • Fixed /usage-credits amount inputs silently stripping malformed values (e.g. a pasted timestamp) to digits; malformed amounts are now rejected with an error, and amounts over $1,000 require a typed confirmation

2.1.206

  • Added directory path suggestions to /cd, matching /add-dir behavior
  • Added a /doctor check that proposes trimming checked-in CLAUDE.md files by cutting content Claude could derive from the codebase
  • /commit-push-pr now auto-allows git push to the repo's configured push remote (remote.pushDefault, or the sole remote when only one is configured) in addition to origin
  • Gateway: /login now supports Anthropic-operated public gateway endpoints
  • EnterWorktree now asks for confirmation before entering a git worktree outside the project's .claude/worktrees/ directory
  • Background agents now upgrade to a new version in the background right after a Claude Code update, instead of paying a slow stale-session upgrade when you attach
  • Fixed an expired login failing every model with a misleading "There's an issue with the selected model" error instead of prompting to run /login
  • Fixed claude --resume and --continue not responding to keyboard input on startup
  • Fixed MCP servers configured via --mcp-config or .mcp.json ignoring a per-server request_timeout_ms, which caused long-running MCP tool calls to time out at the 60s default in fresh sessions
  • Fixed CLAUDE_CODE_EXTRA_BODY being silently ignored by claude agents / --bg background workers; the shell-exported override now follows the dispatching session
  • Fixed OAuth MCP servers requiring manual re-authentication after a single failed token refresh
  • Fixed --permission-prompt-tool pointing at an MCP server crashing with "MCP tool not found" on cold start before the server finishes connecting
  • Fixed /model picker rows printing a price for a different model than the row named, and stopped quoting first-party list prices on providers that don't bill them
  • Fixed server-provided model rows being misplaced in the /model picker when an entitlement or allowlist restriction drops the row they were positioned against
  • Fixed desktop sessions getting stuck showing "running" after a slash command was sent mid-turn
  • Fixed keyboard input being ignored in the agents view when a setup prompt appeared before a bare claude --resume on Windows
  • Fixed claude rm leaving the removed job in the daemon roster, causing the row to reappear in claude agents
  • Fixed /remote-control showing "Unknown command" when logged out — it now explains how to sign in
  • Fixed left arrow not stepping back out of a phase or agent in the workflow detail view
  • Fixed /status listing the same broken-install warning twice
  • Fixed false "disused plugin" tips and skewed disuse telemetry for LSP plugins

... (truncated)

Commits
  • d4d8fbb chore: Update CHANGELOG.md and feed.xml
  • 15a21e1 chore: Update CHANGELOG.md and feed.xml
  • be02c39 chore: Update CHANGELOG.md and feed.xml
  • d0f5beb chore: Update CHANGELOG.md and feed.xml
  • 00ea292 chore: Update CHANGELOG.md and feed.xml
  • 7930e1c chore: Update CHANGELOG.md and feed.xml
  • c489eb2 chore: Update CHANGELOG.md and feed.xml
  • 1322e9b chore: Update CHANGELOG.md and feed.xml
  • 125d63f chore: Update CHANGELOG.md and feed.xml
  • 5dc12eb chore: Update CHANGELOG.md and feed.xml
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [@anthropic-ai/claude-code](https://github.com/anthropics/claude-code) from 2.1.167 to 2.1.207.
- [Release notes](https://github.com/anthropics/claude-code/releases)
- [Changelog](https://github.com/anthropics/claude-code/blob/main/CHANGELOG.md)
- [Commits](anthropics/claude-code@v2.1.167...v2.1.207)

---
updated-dependencies:
- dependency-name: "@anthropic-ai/claude-code"
  dependency-version: 2.1.207
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot requested a review from ljagiello as a code owner July 11, 2026 04:22
@dependabot dependabot Bot added the dependencies Pull requests that update a dependency file label Jul 11, 2026
@dependabot dependabot Bot requested a review from Vpr99 as a code owner July 11, 2026 04:22
@dependabot @github

dependabot Bot commented on behalf of github Jul 11, 2026

Copy link
Copy Markdown
Contributor Author

Labels

The following labels could not be found: claude-code, docker. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

@dependabot dependabot Bot added the dependencies Pull requests that update a dependency file label Jul 11, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant