Anthropic Files for IPO

Highlight

Fallback Model Chain Now Configurable

You can now set up to three fallback models via the fallbackModel setting, tried in order when your primary model is overloaded or unavailable. The --fallback-model flag also applies to interactive sessions now, and Claude Code will retry a turn once on a fallback when the API rejects an unexpected non-retryable error. Auth, rate-limit, request-size, and transport errors still surface immediately.

Worth Knowing

Cross-Session Messages Lose User Authority

Messages relayed via SendMessage from other Claude sessions no longer carry your authority -- receivers refuse relayed permission requests, and auto mode blocks them outright. If you have multi-session workflows that depended on one session approving tools for another, you'll need to grant those permissions directly.

Managed Settings Can Pin Version Ranges

Admins can now set requiredMinimumVersion and requiredMaximumVersion in managed settings; Claude Code refuses to start outside the allowed range and points you to an approved version. Useful if your org needs to gate rollouts of new releases.

Plugin List Command Arrives

Run /plugin list to see installed plugins, with --enabled and --disabled filters to narrow the view. Handy when you're debugging which plugins are actually active in a session.

Sensitive Config Writes Now Prompt

Claude Code now prompts before writing to shell startup files like .zshenv, .zlogin, and .bash_login, as well as ~/.config/git/. In acceptEdits mode, build-tool configs that grant code execution -- .npmrc, .yarnrc*, bunfig.toml, .bazelrc, .pre-commit-config.yaml, .devcontainer/, and more -- also require confirmation.

Grep Now Satisfies Read-Before-Edit

Single-file grep, egrep, and fgrep commands now satisfy the read-before-edit check, so Claude can edit a file it just searched without a separate Read call. Expect fewer redundant tool calls on quick search-and-fix turns.

Stop Hooks Can Inject Additional Context

Stop and SubagentStop hooks can now return hookSpecificOutput.additionalContext to feed Claude information and keep the turn going, without being treated as a hook error. This makes it easier to build hooks that nudge Claude toward continuing work rather than aborting.

Under the Hood

Background Agents and Resume Get Major Cleanup

Fixes land for sessions that lost chat history on restore, background agents shown under Completed after resuming, worktree subagents blocked from editing their own files, sessions booting on stale models, 5-second stalls when attaching, and crash loops in worktree-launched background sessions. Cross-session messaging via SendMessage also no longer breaks when CLAUDE_CODE_TMPDIR points at a deep path.

MCP Secret Redaction and Windows Path Rules Fixed

claude mcp list/get/add now redact credential headers and URL secrets and stop expanding ${VAR} references when printing. Windows permission rules now match when spelled with backslashes or case-variant paths, Read deny rules hide files from Glob/Grep results, and hooks invoking /usr/bin/bash no longer fail with "command not found." Sub-1000 ms MCP timeout values are ignored instead of aborting every tool call.

From Anthropic

In the News