by VibecodedThis

Claude Code 2.1.133: Worktree Base-Ref Control, Effort-Aware Hooks, and a Stack of Fixes

Claude Code 2.1.133 shipped on May 7 with a configurable base ref for worktrees, hooks that can read the current effort level, Linux/WSL bubblewrap path settings, and fixes for parallel-session 401s, MCP OAuth proxies, and subagent skill discovery.

Share

Claude Code 2.1.133 shipped on May 7, the third release this week after 2.1.131 and 2.1.132 on May 6. It’s a meatier update than the recent point releases, with a couple of real workflow controls and a long list of bug fixes that hit MCP, parallel sessions, and subagents.

Worktree Base-Ref Control

The new worktree.baseRef setting takes either fresh or head and controls where --worktree, EnterWorktree, and agent-isolation worktrees branch from. With fresh, new worktrees branch from origin/<default>. With head, they branch from your local HEAD. The default is fresh, which actually changes behavior from 2.1.128 onwards (where EnterWorktree defaulted to local HEAD). If you’ve come to rely on unpushed local commits being available in fresh worktrees, set worktree.baseRef: "head" to keep that behavior.

This is the kind of setting that matters once you’re running parallel agents off main versus a feature branch. Defaulting to fresh is the right call for most teams; the override is there for the case where it isn’t.

Hooks Can Read Effort Level

Hooks now receive the active effort level via the effort.level JSON input field, and the same value is exposed to Bash tool commands as $CLAUDE_EFFORT. This makes it possible to write hooks that behave differently depending on whether you’re in low or x-high effort mode, without parsing it out indirectly. Useful for anything that wants to gate expensive checks behind higher effort runs.

Sandbox Path Settings on Linux and WSL

Two new managed settings, sandbox.bwrapPath and sandbox.socatPath, let you point Claude Code at custom bubblewrap and socat binaries on Linux and WSL. Niche but real for anyone running in environments where the system binaries aren’t where Claude Code expects them.

Bug Fixes That Matter

The fix list is long. The ones most likely to have bitten people:

  • Parallel sessions all hitting 401 after a refresh-token race wiped shared credentials. Anyone running multiple Claude Code sessions at once would have seen this.
  • HTTP(S)_PROXY, NO_PROXY, and mTLS not being respected through the full MCP OAuth flow, including discovery, dynamic client registration, token exchange, and token refresh. If MCP OAuth was broken behind a corporate proxy, this is the fix.
  • Read, Write, and Edit being denied on mapped network drives passed via --add-dir or the SDK’s additionalDirectories.
  • Edit and Write allow rules scoped to a drive root (C:\) or POSIX / matching incorrectly and always prompting.
  • Subagents not discovering project, user, or plugin skills via the Skill tool.
  • Remote Control stop and interrupt from claude.ai not fully canceling the CLI session, which left queued messages stuck after interrupting a hung tool.
  • /effort in one session unexpectedly changing the effort level of other concurrent sessions, plus a related case where IDE effort changes could be silently dropped.

Memory Behavior

There’s also a stability improvement: memory usage now drops under pressure by releasing warm-spare background workers. Long-running sessions on memory-constrained machines should benefit.

Why It Matters

Two of the fixes here, the parallel-session 401 race and the MCP OAuth proxy bug, were the kind of thing that quietly broke real workflows. The worktree base-ref setting is a smaller change but the right shape: a default that fits most teams plus a clean override for the rest.

The full changelog is on Anthropic’s docs and Releasebot.

Sources: Claude Code changelog 2.1.133, Claude Code GitHub releases, Releasebot — Claude Code updates

Share