DEV Community

정상록
정상록

Posted on

Claude Code 2.1.97~2.1.101 Update Roundup: Team Onboarding, TLS Proxy, and 5 Security Fixes

Claude Code 2.1.97~2.1.101: What Developers Need to Know

Claude Code shipped 4 versions between April 9-10, 2026. Here's the developer-focused breakdown.

/team-onboarding (2.1.101)

The new /team-onboarding command analyzes your Claude Code usage patterns — frequently used commands, workflows, settings — and generates a team onboarding guide automatically.

/team-onboarding
Enter fullscreen mode Exit fullscreen mode

This eliminates the "how do you use Claude Code?" documentation overhead when onboarding new team members.

Enterprise TLS Proxy Auto-Support (2.1.101)

Claude Code now automatically trusts OS CA certificate stores. Enterprise TLS inspection proxies work without additional configuration.

# Opt out to bundled CA only (optional)
export CLAUDE_CODE_CERT_STORE=bundled
Enter fullscreen mode Exit fullscreen mode

--resume Large Session Stability (2.1.101)

Three critical --resume bugs fixed for large sessions:

  1. Context loss — previous conversation content was being dropped
  2. Dead-end branch anchoring — resuming at wrong branch points
  3. Sub-agent contamination — recovering into unrelated sub-agent conversations

New: resume by session name:

claude -p --resume "my-session-name"
Enter fullscreen mode Exit fullscreen mode

Security Fixes (5 Total)

2.1.98 — Bash Permission Bypass (4 fixes)

Vulnerability Impact
Backslash escape flag auto-allow Arbitrary code execution
Compound bash command bypass Force permission prompt circumvention
Read-only command env-var prefix Unprompted environment access
/dev/tcp, /dev/udp redirect Network access auto-allow

2.1.101 — Command Injection

POSIX which fallback command injection in LSP binary detection. Fixed.

Action: Update immediately — claude update

Memory Leaks Fixed

  • Virtual scroller (2.1.101): Kept dozens of historical message list copies in long sessions
  • MCP HTTP/SSE (2.1.97-98): ~50MB/hr leak on MCP server connections

Notable DX Improvements

  • Focus View (Ctrl+O): Shows only prompts, tool summaries, final responses (2.1.97)
  • Vertex AI wizard: Interactive GCP setup from login screen (2.1.98)
  • Rate limit clarity: Shows which limit hit + reset time (2.1.101)
  • API timeout: Configurable via API_TIMEOUT_MS instead of 5min hardcoded (2.1.101)
  • Subprocess sandboxing: Linux PID namespace isolation (2.1.98)
  • W3C TRACEPARENT: OTEL trace propagation to bash subprocesses (2.1.98)
  • settings.json resilience: Unrecognized hook event names no longer invalidate entire file (2.1.101)

Update 

claude update
claude --version
Enter fullscreen mode Exit fullscreen mode

Full changelog: Claude Code CHANGELOG

Top comments (0)