Claude Code 2.1.163 Lets Enterprises Lock Users to Approved Versions

Anthropic released Claude Code 2.1.163 on June 4. The full changelog is on GitHub. The headline addition targets enterprise and team deployments: a version enforcement mechanism that IT admins have been asking about for a while.

A follow-up patch, v2.1.165, shipped the next morning with additional bug fixes.

Version Guardrails for Managed Deployments

The new requiredMinimumVersion and requiredMaximumVersion fields in managed settings give organizations control over which versions of Claude Code employees can run. If your version falls outside the allowed range, Claude Code refuses to start and tells you where to get an approved version.

This matters for two reasons. First, it lets security teams block versions with known vulnerabilities from being used, without relying on employees updating voluntarily. Second, it lets teams pin to a tested version during a critical project and prevent auto-updates from landing mid-sprint.

The enforcement happens at startup, so there is no way to quietly continue on a blocked version.

/plugin list

You can now run /plugin list to see all installed plugins. Pass --enabled or --disabled to filter to one side of that list.

Before this command existed, there was no good way to see what plugins were active in a session without checking config files manually. This is especially useful in team setups where plugins may be installed through managed settings.

Hooks: Better Feedback Without Error Labels

Stop and SubagentStop hooks can now return hookSpecificOutput.additionalContext to pass information back to Claude. Crucially, this keeps the turn going rather than labeling the result as a hook error.

Previously, if a hook needed to give Claude information at the end of a turn, the only mechanism produced an error-style annotation in the transcript. Now that feedback can come back cleanly, without the visual noise or the implication that something went wrong.

Bug Fixes Worth Knowing About

The $TMPDIR regression from v2.1.154 is resolved. That release inadvertently overrode $TMPDIR to /tmp/claude-{uid} for all Bash commands instead of only sandboxed ones, which broke workflows under Bazel and some EDR-protected Go build environments. The fix restores the original behavior: only sandboxed commands get the override.

A few other fixes that matter in practice:

• claude -p no longer hangs forever when a background command never exits. After the final result, background shells are stopped roughly five seconds after stdin closes.
• Bedrock, Vertex, and Foundry users running with CI=true no longer get a spurious “ANTHROPIC_API_KEY required” error when no Anthropic API key is set.
• Windows users on OneDrive paths no longer hit “EEXIST: file already exists” on the session-env directory.
• Hook if: "Bash(...)" conditions no longer fire on every Bash command that happens to contain $() or $VAR. The pattern now correctly matches against commands inside subshells and backticks.
• Deny rules on home-directory paths like Read(~/Desktop/**) now also block Bash commands that reference the same path through $HOME.
• Org-managed permission rules now apply for the entire session even when the managed settings fetch completes during startup on a fresh config directory.
• Background sessions in claude agents no longer lose running background tasks when reattached after a Claude Code update.

The full list of changes includes several more quality-of-life fixes to the desktop app, the agents view, and terminal rendering. The /btw command gained a “c to copy” shortcut that copies the raw markdown to clipboard, which is handy when you want to paste a formatted answer without losing the markdown structure.