Claude Code 2.1.214 closes a PowerShell permission bypass
Claude Code 2.1.214 fixes four permission-check bugs, including nested-directory allow rules matching too broadly and a bypass in Windows PowerShell 5.1 sessions.
What it is
A patch release of Claude Code focused entirely on tightening the permission system rather than adding features.
What it does
It fixes single-segment allow rules like `Edit(src/**)` that were auto-approving writes to any `dir/` folder anywhere in the tree instead of just the current working directory, closes a permission-check bypass specific to Windows PowerShell 5.1, makes Bash checks fail closed on file-descriptor redirect forms the permission analyzer parses differently than bash itself, and forces a manual prompt for any command over 10,000 characters instead of letting length confuse the auto-approval logic.
Why it matters
Each of these bugs meant a rule you thought scoped Claude Code down was quietly wider than intended, which matters a lot more once you're running unattended sessions with auto mode or background agents from recent releases.
How to use it
Update via your normal Claude Code update channel; no config changes are needed since these are bug fixes to existing permission-rule syntax.