What's Up Claude Code: Week of March 17th

TL;DR

The theme this week: Claude Code is hardening for production scripting and multi-device workflows. Four releases in four days brought --bare mode for clean CI/CD pipelines, --channels permission relay to approve tool calls from your phone, 64K default output tokens for Opus (128K ceiling), and line-by-line response streaming. Voice mode got three critical fixes. The plugin system matured with effort frontmatter, settings-declared plugins, and persistent state directories. Meanwhile, the community crossed 12,000 public repositories on GitHub.

---

1. --bare Mode — Claude Code for Pipelines

v2.1.81 adds --bare, a stripped-down mode for scripted -p calls. It skips hooks, LSP, plugin sync, and skill directory walks. No OAuth, no keychain—just ANTHROPIC_API_KEY or an apiKeyHelper via --settings. Auto-memory is fully disabled.

Why it matters: If you’re calling Claude Code from a CI pipeline, a cron job, or a subprocess, you don’t want plugin sync or skill walks adding latency and side effects. --bare gives you a clean, predictable execution path. Think of it as --headless for agentic workflows.

claude --bare -p "Summarize this diff" < changes.patch

2. --channels Permission Relay — Approve from Your Phone

v2.1.81 adds --channels permission relay: MCP channel servers that declare the permission capability can now forward tool approval prompts to another device—your phone, a browser tab, or a Slack channel.

This is the missing piece for unattended agents. You start a long-running Claude Code task on your server, walk away, and get a push notification when it needs approval. Tap approve, and the task continues.

Combined with last week’s --channels research preview (MCP servers pushing messages into sessions), this creates a bidirectional communication layer between Claude Code and external surfaces. The terminal is no longer the only control plane.

3. 64K Default Output for Opus — 128K Ceiling

v2.1.78 bumps the default maximum output token limit for Claude Opus 4.6 to 64K tokens, with the upper bound for both Opus 4.6 and Sonnet 4.6 raised to 128K tokens.

For context, 64K tokens is roughly 200 pages of text. This matters for:

• Large file generation (full component libraries, API clients)
• Comprehensive code reviews with inline suggestions
• Research synthesis that doesn’t truncate mid-analysis

The 128K ceiling is available if you need it—set maxTokens in your config. Most workflows won’t need it, but when you do, the headroom is there.

4. Line-by-Line Streaming

v2.1.78 enables line-by-line response streaming: text now appears as it’s generated, line by line, instead of buffering. This is a subtle but meaningful UX improvement—you can read and react to output while it’s still being produced.

Note: Disabled on Windows (including WSL in Windows Terminal) due to rendering issues.

5. Plugin System Matures

Three plugin improvements landed this week:

Effort frontmatter (v2.1.80) — Skills and slash commands can now set an effort level override in their frontmatter. A code review skill can force /effort high; a quick-lookup skill can set /effort low. No more asking users to remember to switch effort levels.

Settings-declared plugins (v2.1.80) — New source: 'settings' plugin marketplace source lets you declare plugin entries inline in settings.json. No git repo needed. Perfect for team-specific plugins that live in managed settings.

Persistent plugin state (v2.1.78) — ${CLAUDE_PLUGIN_DATA} gives plugins a persistent data directory that survives updates. /plugin uninstall prompts before deleting it. Plugins can now maintain state across versions without fragile workarounds.

Plugin validation (v2.1.78) — claude plugin validate now checks skill, agent, and command frontmatter plus hooks/hooks.json, catching YAML parse errors and schema violations before deployment.

6. Voice Mode — Three Critical Fixes

Voice mode got significant reliability improvements:

• WebSocket recovery (v2.1.81) — Fixed audio not recovering when the server silently drops the WebSocket connection. Previously, voice mode would go silent without any error message.
• Cloudflare bypass (v2.1.80) — Fixed WebSocket failures caused by Cloudflare bot detection on non-browser TLS fingerprints. This was blocking voice mode for many users.
• WSL2 support (v2.1.78) — Voice mode now works on WSL2 with WSLg (Windows 11). WSL1/Win10 users get a clear error instead of silent failure.

The pattern: voice mode is being treated as a first-class feature, not an experiment. Three separate fixes across three releases signals serious investment.

7. Session & Worktree Reliability

Several fixes improve session management for power users:

• Parallel tool results restored (v2.1.80) — --resume was dropping results from parallel tool calls, showing [Tool result missing] placeholders. Fixed.
• Large session truncation (v2.1.78) — cc log and --resume were silently truncating conversation history on sessions >5MB with subagents. Fixed.
• Worktree resume (v2.1.81) — Resuming a session that was in a worktree now switches back to that worktree automatically.
• Stale worktree cleanup (v2.1.78) — Fixed a race condition where cleanup could delete an agent worktree just resumed from a crash.
• Faster resume (v2.1.78) — Up to 45% faster loading and ~100-150MB less peak memory for fork-heavy sessions.

8. Security & Permissions

• PreToolUse hook bypass (v2.1.78) — Fixed hooks returning “allow” bypassing deny permission rules, including enterprise managed settings. This was a security issue for managed deployments.
• Sandbox hardening (v2.1.78) — .git, .claude, and other protected directories were writable without a prompt in bypassPermissions mode. Fixed.
• Sandbox dependency warning (v2.1.78) — When sandbox.enabled: true but dependencies are missing, you now get a visible startup warning instead of silent disable.
• Background task kill (v2.1.78) — Background bash tasks are now killed if output exceeds 5GB, preventing runaway processes from filling disk.

9. MCP & Remote Control

• MCP OAuth update (v2.1.81) — Support for Client ID Metadata Document (CIMD / SEP-991) for servers without Dynamic Client Registration.
• MCP tool collapse (v2.1.81) — Read/search tool calls now collapse into a single “Queried {server}” line (expand with Ctrl+O). Cleaner output for MCP-heavy workflows.
• Remote Control (v2.1.79) — /remote-control now available in VSCode, bridging sessions to claude.ai/code for browser or phone continuation.
• Remote Control polish (v2.1.81) — Session titles now derive from the first prompt, sync with /rename, and refresh after the third message. /exit reliably archives.
• Polling reduction (v2.1.81) — Remote Control /poll rate cut from 1-2s to once per 10 minutes (300× server load reduction).

10. Performance & Memory

The week’s releases collectively saved significant resources:

Improvement	Saving
Startup memory (large repos)	~80 MB (v2.1.80)
Startup memory (all)	~18 MB (v2.1.79)
macOS startup time	~60ms (v2.1.78)
Resume (large sessions)	45% faster, ~150MB less RAM (v2.1.78)
CA cert handling	~426KB (ongoing)
Prompt re-renders	-74% during turns

11. Community Spotlight

12,213 public repositories now tagged claude-code on GitHub — up from ~10K two weeks ago.

Notable projects this week:

• everything-claude-code — Agent harness performance optimization: skills, instincts, memory, security. Active development.

• claude-mem — Plugin that captures everything Claude does during sessions, compresses with AI (via agent-sdk), and injects context into future sessions. Automatic session memory.

• cc-switch — Cross-platform desktop app for Claude Code, Codex, OpenCode, OpenClaw & Gemini CLI. All-in-one launcher in Rust.

• get-shit-done — Meta-prompting and spec-driven development system for Claude Code. Opinionated workflows.

• nanoclaw — Lightweight OpenClaw alternative running in containers. WhatsApp, Telegram, Slack, Discord, Gmail integration on Anthropic’s Agents SDK.

• ruflo — Multi-agent orchestration platform: distributed swarms, RAG, native Claude Code/Codex integration.

• serena — Semantic code retrieval and editing MCP server. Smart code navigation.

• Claude Code Review — Team/Enterprise preview of multi-agent PR reviews. Coverage jumped from 16% → 54%. Average 7.5 issues found on large PRs. $15-25/PR. This is Claude Code moving into the review workflow, not just the writing workflow.

• dmux — Run multiple coding agents in parallel, each in its own git worktree. tmux-based TUI supporting 12 agents (Claude Code, Codex, Gemini CLI, etc.). Multi-select agents per prompt, AI-generated branch names, smart merging. The parallel execution layer the ecosystem was missing.

• claude-hud (9.4K⭐) — Real-time agent activity statusline: active tool name, live subagent count, 1M-token context bar, todo progress, git dirty indicator. 300ms updates.

• rune — Spec-compliance multi-agent plugin. 4 commands: /rune:devise (plan), /rune:strive (parallel workers), /rune:appraise (8 specialized reviewers), /rune:audit (codebase scan). Focus: verifiable spec compliance.

• gstack (16K⭐) — YC president Garry Tan’s setup: 15 virtual team skills + /codex cross-model review.

• LobsterLair — Managed OpenClaw hosting. Deploy in 2 minutes, persistent memory, browser automation, $19/mo. Zero-friction onboarding for non-technical users.

• ensemble — Claude Code + Codex running parallel tmux agents on the same task.

Pattern: The ecosystem is splitting into two camps: agent harnesses (everything-claude-code, get-shit-done, oh-my-openagent) that optimize how Claude Code runs, and orchestration platforms (ruflo, nanoclaw, dmux, cc-switch) that wrap multiple agents. Skills remain the composable glue between them.

---

12. Security Advisories

Two CVEs and a research paper landed this week:

CVE-2025-59536 (CVSS 8.7) — RCE via malicious .claude/settings.json. Hooks fire before the trust prompt. Patch: update Claude Code immediately. Inspect .claude/ before opening unfamiliar repos.

CVE-2026-21852 (CVSS 5.3) — MCP consent bypass via enableAllProjectMcpServers. Treat config files as executable code.

Yolo mode research — 84% prompt injection success rate against --dangerously-skip-permissions. Only 1.1% of yolo-mode users have deny rules (n=18,470). VSCode extension ignores settings.json deny rules—use terminal CLI for sensitive work.

ETH Zurich study on CLAUDE.md — Auto-generated files (via /init) reduce task success ~3% and inflate costs 20%+. Apply the “discovery filter”: keep only what Claude can’t find by reading the code.

---

13. Industry Signal

4% of all public GitHub commits are now by Claude Code (doubled in one month). 2.1% of ORCID-registered scientists use it.

Code with Claude conference announced: San Francisco (May 6), London (May 19), Tokyo (June 10). Lottery registration; notifications in early April.

Anthropic legal action vs OpenCode — Subscription OAuth now legally off-limits in third-party tools. Use ANTHROPIC_API_KEY for automation.

---

Community Events

132 events total (76 upcoming) across 60 cities and 34 countries. The community doubled its geographic footprint in March.

This week (Mar 17-22):

• 🇦🇺 Sydney | Claude Code for Everyone (Mar 18)
• 🇧🇪 Ghent | Claude Code for Knowledge Work (Mar 18) ← 🆕 First Belgium event!
• 🇫🇷 Paris | Claude Code for Everyone (Mar 19)
• 🇦🇺 Perth | Claude Code for Everyone (Mar 19)
• 🇦🇺 Sydney | Claude & Coffee (Mar 19)
• 🇺🇸 Chicago | Claude Code for HealthTech (Mar 19)
• 🇲🇽 Monterrey | Claude Code for Everyone (Mar 20)
• 🇲🇽 Mexico City | Claude Code for Builders (Mar 21)

Coming this week (Mar 23-28):

• 🇩🇪 Munich | Claude Code for Everyone (Mar 23)
• 🇦🇺 Sydney | Claude Code for Developers (Mar 23)
• 🇧🇷 Rio de Janeiro | Claude Code for Everyone (Mar 23)
• 🇬🇧 London | Claude Code Curious: Cutting Edge (Mar 24)
• 🇳🇴 Oslo | Claude Code for Everyone (Mar 24)
• 🇺🇸 Atlanta | Cowork for Beginners (Mar 24)
• 🇲🇽 Mérida | Claude Code for Everyone (Mar 25)
• 🇺🇸 Los Angeles | Claude Cowork for Everyone (Mar 25)
• 🇸🇬 Singapore | Claude Code Meetup #4 (Mar 26)
• 🇦🇺 Melbourne | Claude Code for Everyone (Mar 26)
• 🇭🇺 Budapest | Claude for Everyone (Mar 26)
• 🇩🇪 Nuremberg | Claude for Everyone (Mar 26)
• 🇲🇽 Cancún | Claude Code for Everyone (Mar 26)
• 🇬🇧 London | Claude Code for Voice (Mar 27) — Voice special with demos from Cactus, Movable, Camera Intelligence, Accenture & VITAL Auto. Hosted at BrainStation.
• 🇺🇸 Palo Alto | Claude for Technical Founders (Mar 27)
• 🇺🇸 Anchorage | Claude for Everyone (Mar 28)

New cities joining: Ghent 🇧🇪, Anchorage 🇺🇸, Kobe 🇯🇵, Bhopal 🇮🇳, Colima 🇲🇽, Hermosillo 🇲🇽, Villahermosa 🇲🇽, Halifax 🇨🇦, Adelaide 🇦🇺

Host your own on Luma →

---

What We’re Watching

1. --bare adoption in CI/CD — Will teams standardize on --bare for scripted pipelines? (Likely yes—it removes the last excuse for not embedding Claude Code in CI.)

2. --channels as the control plane — Permission relay + message push = remote agent management. This could make “Claude Code running on a server” the default for teams.

3. 128K output ceiling — Will developers actually generate 128K-token responses, or is 64K the practical sweet spot? (Bet: 64K covers 95% of cases; 128K is for code generation and synthesis.)

4. Plugin ecosystem velocity — Settings-declared plugins + persistent state + effort frontmatter are building blocks for a plugin marketplace. The pieces are falling into place.

5. Voice mode as daily driver — Three critical fixes in one week suggest Anthropic sees voice as a primary interface, not a novelty. Watch for voice-first workflows emerging.

6. Community repo explosion — 12,000+ repos. The claude-code topic is becoming one of GitHub’s fastest-growing tags. Are we approaching the “Rails moment” where the ecosystem defines the tool?