Summary
Three agentic CLI tools have new stable releases. All updates are patch- or minor-level with no breaking changes detected.
Tool
Previous
New
Released
Claude Code
2.1.133
2.1.137
2026-05-09
Copilot CLI
1.0.43
1.0.44
2026-05-08
Codex
0.129.0
0.130.0
2026-05-08
No updates available for: GitHub MCP Server (v1.0.3), Playwright MCP (0.0.75), Playwright Browser (v1.59.1), MCP Gateway (v0.3.6).
Update Claude Code
Previous: 2.1.133 → New: 2.1.137 (intermediate: 2.1.136)
Timeline: 2026-05-07 → 2026-05-09 (2 days, 2 published versions)
Breaking Changes
None detected.
Key Features (2.1.136)
Added CLAUDE_CODE_ENABLE_FEEDBACK_SURVEY_FOR_OTEL env var to re-enable session quality survey for OTEL enterprises
Added settings.autoMode.hard_deny for unconditional auto mode classifier rules
WSL2 image paste from Windows clipboard via PowerShell fallback
View Full Changelog
2.1.137
[VSCode] Fixed extension failing to activate on Windows
2.1.136 — Bug Fixes
Fixed MCP servers in .mcp.json, plugins, and claude.ai connectors silently disappearing after /clear in VS Code, JetBrains, and Agent SDK
Fixed rare login loop where concurrent credential write could overwrite a freshly-rotated OAuth token
Fixed MCP OAuth refresh tokens being lost when multiple servers refresh concurrently
Fixed API error (400) when extended thinking emitted a redacted thinking block after a tool call
Fixed --resume / --continue not finding sessions when project path contains underscores
Fixed plan mode not blocking file writes when a matching Edit(...) allow rule exists
Fixed plugin Stop/UserPromptSubmit hooks failing when cache cleanup deletes a version still in use
Fixed colors appearing at wrong positions in bash command output and markdown code blocks
Fixed worktree exit dialog warning about uncommitted files in the wrong directory after worktree removal
Fixed @ file picker not matching files created mid-session in small non-git directories
Fixed @-mention file picker not finding files in directories with more than 100 entries
Fixed failed tool calls not being click-to-expand in fullscreen mode when output was truncated
Fixed /usage weekly reset showing time of day instead of calendar date
Fixed /insights crash when session history contains tool calls with malformed input fields
Fixed renderer crash when a tool's collapsibility classification changes mid-session
Fixed skills entry in plugin.json hiding plugin's default skills/ directory
Fixed IDE shell-integration lock files not respecting CLAUDE_CONFIG_DIR
Fixed plugin uninstall and enable/disable not matching slugs case-insensitively
Fixed /clear <name> not labeling the cleared session for /resume
Fixed AskUserQuestion discarding multi-select answers when supplied as an array
Fixed CronList output missing qualifiers and the scheduled prompt
Fixed env vars from CLAUDE_ENV_FILE SessionStart hooks going stale after /resume or /clear
Fixed mid-input slash command autocomplete not working after an initial slash command
Fixed MCP tool results being invisible when the server returns content blocks
Improved error message when --worktree collides with an existing or stale worktree
Changed plugin marketplace removal key to d (was r, collided with retry)
Note: 2.1.134 and 2.1.135 were not published to npm; 2.1.133 jumped directly to 2.1.136.
Impact Assessment
Risk: Low — bug-fix release; no breaking changes; MCP OAuth/Plan mode fixes are positive for gh-aw workflows
Affects: Claude engine workflows (smoke-claude, plus all workflows that pin the Claude engine)
Package Links
Update Copilot CLI
Previous: 1.0.43 → New: 1.0.44
Released: 2026-05-08
Breaking Changes
None detected.
Key Features
Added optional prerelease argument to copilot update and /update to fetch latest prerelease build
Slash commands can now appear mid-input, and multiple skills can be invoked in a single message
userPromptSubmitted hooks can now handle requests directly, bypassing the LLM and returning a response without making a model call
View Full Changelog
Path completion in /add-dir no longer flickers or gets intercepted by @ and # pickers
Slash commands can now appear mid-input, and multiple skills can be invoked in a single message
userPromptSubmitted hooks can now handle requests directly, bypassing the LLMFaster /user list and /user switch for multi-account users
Add optional prerelease argument to copilot update and /update
Shell commands via ! prefix work correctly with all shell configurations
Shell aliases and rc file settings now work in ! commands
Quota display correctly shows remaining usage for Free users
Tool permissions granted in autopilot mode are preserved after /clear
Effort level applies correctly when switching models via /model picker
Pressing Ctrl+C while a permission prompt is pending no longer hangs
Project info remains visible in slash command picker when no results match
Invalid URL entries in settings.json no longer crash CLI startup (skipped with warning)
Timeline shows the resolved model for rubber-duck sub-agents (e.g. Rubber-duck(claude-opus-4.7))
Impact Assessment
Risk: Low — bug-fix release with quality-of-life improvements
Affects: Copilot engine workflows (smoke-copilot, smoke-copilot-arm, plus all workflows pinning the Copilot engine)
Note: userPromptSubmitted hook bypass capability could be useful for guard workflows
Package Links
Update Codex
Previous: 0.129.0 → New: 0.130.0
Released: 2026-05-08
Breaking Changes
None detected.
Key Features
View Full Changelog
Bug Fixes
Documentation
Chores
Added a faster Cargo profiling build profile and disabled empty doctest targets (Add a Cargo build profile for benchmarking openai/codex#21574 Disable empty Cargo test targets openai/codex#21584
Hardened dependency and CI hygiene with fully qualified GitHub Action pins, Dependabot cooldown, and cargo-shear upgrade ([codex] Fully qualify hash-pins in GitHub Actions openai/codex#21436 Upgrade cargo-shear to 1.11.2 openai/codex#21547 [codex] Apply a Dependabot cooldown of 7 days openai/codex#21599
Simplified internal surfaces (device-key: clean up unused crate openai/codex#21487 Remove skills list extra roots openai/codex#21485 [codex] Remove remote thread store implementation openai/codex#21596 [codex] Remove string-keyed MCP tool maps openai/codex#21454
Added configurable OpenTelemetry trace metadata and richer review/feedback analytics (codex-otel: add configurable trace metadata openai/codex#21556 [codex-analytics] add tool review event schema openai/codex#18747 [codex-analytics] plumb protocol-native review timing openai/codex#21434 [codex] add account id to feedback uploads openai/codex#21498
Full Changelog: openai/codex@rust-v0.129.0...rust-v0.130.0
Impact Assessment
Risk: Low — minor release with new features and bug fixes; no breaking changes
Affects: Codex engine workflows (smoke-codex, plus all workflows pinning the Codex engine)
The new codex remote-control entrypoint is a notable feature; gh-aw could potentially leverage it for remote orchestration
Package Links
No Updates Required
Tool
Current Version
Status
GitHub MCP Server
v1.0.3
latest
Playwright MCP
0.0.75
latest
Playwright Browser
v1.59.1
latest
MCP Gateway (gh-aw-mcpg)
v0.3.6
latest
Files Changed
pkg/constants/version_constants.go — bumped 3 version constants (Claude Code, Copilot CLI, Codex)213 .lock.yml workflow files regenerated via make recompile
Recommendations
Update priority : Low-Medium — bug-fix and minor releases; no urgent security advisoriesTesting strategy : Run smoke-claude, smoke-copilot, smoke-copilot-arm, and smoke-codex workflows before mergingRollout plan : Standard — ship together as a single PR; the three engines are independent so blast radius per workflow is contained to that engine
References:
Generated by CLI Version Checker · ● 13M · ◷
Summary
Three agentic CLI tools have new stable releases. All updates are patch- or minor-level with no breaking changes detected.
No updates available for: GitHub MCP Server (v1.0.3), Playwright MCP (0.0.75), Playwright Browser (v1.59.1), MCP Gateway (v0.3.6).
Update Claude Code
Breaking Changes
None detected.
Key Features (2.1.136)
CLAUDE_CODE_ENABLE_FEEDBACK_SURVEY_FOR_OTELenv var to re-enable session quality survey for OTEL enterprisessettings.autoMode.hard_denyfor unconditional auto mode classifier rulesView Full Changelog
2.1.137
2.1.136 — Bug Fixes
.mcp.json, plugins, and claude.ai connectors silently disappearing after/clearin VS Code, JetBrains, and Agent SDK--resume/--continuenot finding sessions when project path contains underscoresEdit(...)allow rule existsStop/UserPromptSubmithooks failing when cache cleanup deletes a version still in use@file picker not matching files created mid-session in small non-git directories@-mention file picker not finding files in directories with more than 100 entries/usageweekly reset showing time of day instead of calendar date/insightscrash when session history contains tool calls with malformed input fieldsskillsentry inplugin.jsonhiding plugin's defaultskills/directoryCLAUDE_CONFIG_DIR/clear <name>not labeling the cleared session for/resumeAskUserQuestiondiscarding multi-select answers when supplied as an arrayCronListoutput missing qualifiers and the scheduled promptCLAUDE_ENV_FILESessionStart hooks going stale after/resumeor/clear--worktreecollides with an existing or stale worktreed(wasr, collided with retry)Note: 2.1.134 and 2.1.135 were not published to npm; 2.1.133 jumped directly to 2.1.136.
Impact Assessment
Package Links
Update Copilot CLI
Breaking Changes
None detected.
Key Features
prereleaseargument tocopilot updateand/updateto fetch latest prerelease builduserPromptSubmittedhooks can now handle requests directly, bypassing the LLM and returning a response without making a model callView Full Changelog
/add-dirno longer flickers or gets intercepted by@and#pickersuserPromptSubmittedhooks can now handle requests directly, bypassing the LLM/user listand/user switchfor multi-account usersprereleaseargument tocopilot updateand/update!prefix work correctly with all shell configurations!commands/clear/modelpickerImpact Assessment
userPromptSubmittedhook bypass capability could be useful for guard workflowsPackage Links
Update Codex
Breaking Changes
None detected.
Key Features
codex remote-controlas a simpler entrypoint for starting a headless, remotely controllable app-server (add top-level remote-control command openai/codex#21424)aws loginprofiles (feat: enable AWS login credentials for Bedrock auth openai/codex#21623)view_imagecan resolve files through the selected environment for multi-environment sessions (Route view_image through selected environments openai/codex#21143)View Full Changelog
Bug Fixes
ThreadStore, including threads without local rollout paths (Move thread name edits to ThreadStore openai/codex#21264, Route ThreadManager rollout path reads through thread store openai/codex#21265, [codex] Fix pathless thread summaries openai/codex#21266)response.processedfor v2 streams and avoids sendingservice_tieron API-key compact requests (Send response.processed after remote compaction v2 openai/codex#21642, Omit service_tier from remote /responses/compact requests under API auth openai/codex#21676)codex execstartup banner (Remove exec research preview banner wording openai/codex#21683)Documentation
cargo install --locked(Ensure all mentions of cargo-install are --locked openai/codex#21592)Chores
cargo-shearupgrade ([codex] Fully qualify hash-pins in GitHub Actions openai/codex#21436, Upgradecargo-shearto 1.11.2 openai/codex#21547, [codex] Apply a Dependabot cooldown of 7 days openai/codex#21599)Full Changelog: openai/codex@rust-v0.129.0...rust-v0.130.0
Impact Assessment
codex remote-controlentrypoint is a notable feature; gh-aw could potentially leverage it for remote orchestrationPackage Links
No Updates Required
Files Changed
pkg/constants/version_constants.go— bumped 3 version constants (Claude Code, Copilot CLI, Codex).lock.ymlworkflow files regenerated viamake recompileRecommendations
References: