Jellypod, Inc.

The Claude Code Changelog

TechnologyNews

Listen

All Episodes

Claude Code v2.1.196: Fixing RCE, Restoring 1M Tokens

We break down the security fix that pauses untrusted MCP servers with a new pending approval state, preventing auto-approved local code execution in cloned repos. Plus, a hidden bug that halves the auto-compact window, how to restore your full 1M-token context, and other quality-of-life updates and Linux regressions.

This show was created with Jellypod, the AI Podcast Studio. Create your own podcast with Jellypod today.

Is this your podcast and want to remove this banner? Click here.


Chapter 1

Hardening Untrusted Workspaces and Reclaiming Your 1M Token Context in Claude Code v2.1.196

Lachlan Reed

G g'day! Hope you've got a hot brew ready, because today we are dissecting some absolute under-the-hood chaos in the latest Claude Code v2.1.196 update. This episode is brought to you by Jellypod AI. Now, look, I- I reckon if you've been blindly cloning repo after repo and just letting Claude loose on them, you've been playing a very, very dangerous game of Russian roulette with your local machine. James, you saw this exploit, right?

James Turner

Oh yeah, it is a massive security hole. We are talking about remote code execution, RCE, right inside your terminal. So, before v2.1.196, if a repository had a committed dot-claude-slash-settings.json file, it could literally auto-approve a local dot-mcp.json server configuration without you knowing. The moment you boot up Claude Code in that directory, it spins up that Model Context Protocol server, and boom—it's executing arbitrary local code on your machine.

Lachlan Reed

It's terrifying, mate. You clone a seemingly innocent open-source library to play with, run Claude, and suddenly some rogue script is wiping your home directory. But, okay, so this new release finally puts a stop to that with a new state. It's called the, uh, "pending approval" state. If you try to spin up in an untrusted workspace now, the local MCP servers are paused. They literally show up as ⏸ Pending approval. You have to manually give it the green light before it can touch your system. It's a massive, massive relief.

James Turner

Exactly. It stops that automatic initialization cold. But speaking of things that are paused or, well, broken in this release... Anthropic silently cut our context windows in half, Lachlan. There is a brutal bug in v2.1.196 where the auto-compact window silently defaults to five hundred thousand tokens, instead of the full one million.

Lachlan Reed

Wait, seriously? Five hundred k? That explains why my long-context debugging session suddenly started forgetting things yesterday! I- I thought I was going bonkers.

James Turner

You're not crazy. The system is just aggressively compacting your history way too early. To fix this and reclaim your full one-million-token context, you have to explicitly set an environment variable. You need to export CLAUDE_CODE_AUTO_COMPACT_WINDOW equals one million. If you don't put that in your zshrc or bashrc, you're literally throwing away half your memory capacity.

Lachlan Reed

Right, so that's CLAUDE_CODE_AUTO_COMPACT_WINDOW equals one million. I am writing that down immediately. That is a gold-tier tip, mate. Now, there's also some nice quality-of-life stuff in this patch. They've added a streaming watchdog behavior under the variable CLAUDE_ENABLE_STREAM_WATCHDOG. It basically keeps an eye on the output stream so Claude doesn't get stuck in an infinite loop or hang indefinitely when a connection drops. Plus, if you're in the chat and you see a file attachment, you can now Cmd-click on Mac or Ctrl-click on Windows to instantly reveal that file in Finder or File Explorer. It's super handy.

James Turner

Sure, if you're on Mac or Windows. But if you're on Linux, v2.1.196 has a pretty annoying regression. If you use the remote control features, you'll find that the slash-remote-control or slash-r-c commands are completely missing. They just disappeared from the CLI toolbelt on Linux builds. So, keep that in mind before you upgrade your dev boxes.