Claude Code Daily Briefing - 2026-04-02

Release Summary

Version	Date	Key Changes
v2.1.90	4/1	`/powerup` interactive lessons, `.husky` protected directory, performance optimizations, rate-limit dialog infinite loop fix
v2.1.89	4/1	PreToolUse `defer`, `/buddy` Easter egg, Windows voice/CRLF fixes, LSP zombie fix

Full Release Notes

New Features & Practical Usage

`/powerup` — Interactive Feature Lessons (v2.1.90)

A new /powerup command lets you learn Claude Code features through animated, interactive demos right in your terminal. Great for onboarding new users or discovering advanced features you didn’t know existed. With Boris Cherny recently revealing “15 hidden features” that most users hadn’t heard of, /powerup is the easiest way to catch up.

# Run in your Claude Code terminal
/powerup

GitHub v2.1.90

Developer Workflow Tips

Claude Code Unpacked — Visual Architecture Guide with 50+ Components

An unofficial project at ccunpacked.dev provides a visual deep-dive into Claude Code’s internal architecture, based on the recent source code leak.

Scope: 804 files, 220,000+ lines, 40+ commands, 22+ integrated tools
11-stage message pipeline: input → messaging → history → system → API → tokens → tools → loops → rendering → hooks → waiting
Hidden experimental features identified: Kairos (persistent memory), UltraPlan (30-min extended sessions), Coordinator Mode (parallel task distribution), Daemon Mode (background execution)
Why it matters: Understanding Claude Code’s internals helps you write better CLAUDE.md files, design more effective hooks, and leverage subagents more strategically

ccunpacked.dev | GeekNews

API Migration Notice: Sonnet 4.5/4 1M Context Beta Ends April 30

Anthropic is retiring the 1M token context window beta for Claude Sonnet 4.5 and Sonnet 4 on April 30, 2026. After that date, the context-1m-2025-08-07 beta header will have no effect, and requests exceeding 200K tokens will return an error.

Action required: Migrate to Claude Sonnet 4.6 or Opus 4.6, which support 1M context at standard pricing with no beta header needed
Scope: Only affects applications calling Sonnet 4.5/4 directly via API — Claude Code users are already on the latest models

Anthropic Release Notes

Security & Limitations

Claude Code Deny Rules Bypass — 50 Subcommand Threshold (4/1)

Israeli security firm Adversa reported that Claude Code’s deny rules can be bypassed when a bash pipeline exceeds 50 subcommands. Blocked commands like curl switch from “deny” to “ask”, potentially allowing execution.

PoC: 50 no-op true subcommands + curl successfully bypassed deny rules
Risk scenarios: Exploitable via prompt injection in --dangerously-skip-permissions mode or non-interactive CI/CD pipelines
Fix status: Anthropic has developed a tree-sitter-based parser internally but it’s not yet in public builds
Mitigation: If you rely on deny rules for security, monitor for unusually long pipeline commands

The Register | Let’s Data Science

Pentagon Appeal Deadline — D-Day (4/2)

Judge Lin’s 7-day stay on the preliminary injunction expires today. The government is expected to file an emergency stay with the 9th Circuit Court of Appeals.

If stay granted: Injunction paused until appeal hearing — Anthropic blacklisting and federal Claude ban remain in effect
If stay denied: Injunction takes immediate effect — blacklisting lifted, federal agencies can resume using Claude
9th Circuit composition: Politically diverse bench makes the outcome hard to predict
Parallel track: Anthropic also has a separate case pending in the D.C. Circuit

The Hill | Breaking Defense

Source Leak DMCA Overreach — Narrowed to 96 Repos

Anthropic initially filed DMCA takedown requests against thousands of GitHub repositories after the source code leak, but acknowledged that the requests affected more repos than intended. The scope has been narrowed to 96 copies and derivatives. Unrelated repositories were caught in the initial sweep, drawing criticism from the developer community.

Bloomberg | BleepingComputer

Ecosystem & Plugins

OpenAI codex-plugin-cc — Use Codex from Inside Claude Code (3/30)

OpenAI released an official plugin that lets you call Codex directly from Claude Code. Rather than waiting for developers to switch platforms, OpenAI is embedding itself into the dominant workflow.

/codex:review: Standard code review on uncommitted changes or branch diffs
/codex:adversarial-review: Devil’s advocate review that challenges design decisions
/codex:rescue: Hand off tasks to Codex in the background
Requirements: ChatGPT subscription (including free tier) or OpenAI API key + Node.js 18.18+
Cost: Each call consumes OpenAI API tokens, separate from your Claude subscription

# Install
claude /plugin install codex-plugin-cc

# Run reviews
/codex:review
/codex:adversarial-review

GitHub | The Decoder | SmartScope

claw-code — Fastest Repo to 100K Stars in GitHub History

Korean developer Sigrid Jin published claw-code, a clean-room Python/Rust rewrite of the Claude Code architecture based on patterns observed in the leaked source.

Growth: 50K stars in ~2 hours, 100K+ stars in one day — the fastest-growing repository in GitHub history
Clean-room approach: Architectural patterns reimplemented without direct code copying, minimizing legal risk
Built with: OpenAI’s oh-my-codex (OmX) framework
Background: Jin was previously profiled by the Wall Street Journal for consuming 25 billion Claude Code tokens in a single year

GitHub — claw-code | CyberNews | Layer5

Community News

NASA Artemis II Launches Successfully — First Crewed Deep Space Mission in 50 Years: Four astronauts launched aboard the SLS rocket toward lunar orbit on April 1. This is the first crewed deep space mission since Apollo 17 in 1972, with a planned 10-day lunar flyby before return. A critical validation step for future lunar landings and Mars exploration. NASA
“Was the Claude Code Leak the Best PR Stunt in AI History?”: A spirited debate on DEV Community examines whether the source leak was an accident, incompetence, or a deliberate strategy. The argument: exposing 512,000 lines of sophisticated code effectively demonstrated Claude Code’s technical depth for free, while critics point out this is the second security incident in a week for a “safety-first” company. DEV Community
The Register: Source Leak Reveals Privacy Concerns in Claude Code: The Register analyzed the scope of user data collection and depth of system access revealed in the leaked source, arguing that the privacy boundaries of AI tools installed in developer terminals need re-examination. The Register

Minor Changes Worth Knowing

.husky added to protected directories: v2.1.90 protects .husky in acceptEdits mode, preventing accidental modification of Git hook configurations
CLAUDE_CODE_PLUGIN_KEEP_MARKETPLACE_ON_FAILURE: New env var keeps plugins available when marketplace connection fails in offline environments
Auto-allow list trimmed: Get-DnsClientCache and ipconfig /displaydns removed from auto-allow — DNS cache queries now require explicit permission
Performance optimizations: JSON.stringify elimination, linear-time SSE frame handling, and quadratic slowdown fixes landed in v2.1.90
--resume prompt cache miss fixed: Session resumption now properly hits the prompt cache

Interesting Projects & Tools

cokacdir — Unified Telegram Bot for Coding Agents: Bundles Claude Code, Codex, Gemini CLI, and OpenCode into a single Telegram interface for mobile access. Works with your existing subscriptions at no extra API cost, with agent-to-agent task delegation and parallel session management. GitHub
SpanFinder — Mac-Style Miller Columns File Explorer for Windows: A lightweight file explorer built out of frustration with Windows Explorer’s deep folder navigation. Adopts macOS Finder’s multi-column view, handles 10,000+ files without UI freezing, includes syntax highlighting for 30+ languages, and shows Git status badges. Open source (GPL v3), free on the Microsoft Store. GitHub