Update Claude Code before Windows worktrees can delete linked data

Claude Code repository preview from GitHub.GitHub
Claude Code repository preview from GitHub.GitHub
Tools & Apps

Claude Code 2.1.205 fixes a Windows worktree cleanup bug where nested NTFS junctions could lead to files outside the worktree being deleted. Teams using Claude Code background agents or subagents on Windows should update and check linked worktree folders.

Claude Code 2.1.205 is a confirmed maintenance release with one urgent Windows fix: worktree removal now handles nested NTFS junctions and directory symlinks as links before deleting the worktree. The risk is narrow but serious for teams using Claude Code background agents or subagents on Windows with junctioned folders inside worktrees. Update first, then audit old worktrees before letting cleanup run again.

Claude Code repository preview
Claude Code repository preview
Source: GitHub repository preview for Anthropic's Claude Code.

What changed

Anthropic's July 8, 2026 Claude Code 2.1.205 changelog says the release fixes Windows worktree removal deleting files outside the worktree when an NTFS junction or directory symlink existed inside it. The same release also adds an auto-mode rule against transcript tampering, improves rm -rf handling when variables cannot be resolved, and fixes several background-agent state issues.

The matching worktrees documentation now states that Claude Code removes NTFS junctions or directory symlinks at any depth as link entries before removing a worktree. It also documents the previous behavior: before 2.1.205, only top-level links were handled that way, so nested links could point cleanup at data outside the worktree.

AreaWho should careAction nowCaveat
Windows worktreesClaude Code users with subagents or background sessionsUpdate to 2.1.205 or newerHighest risk when worktrees contain NTFS junctions or directory symlinks
Linked logs/dataTeams linking large datasets into temporary worktreesRemove or inspect links before cleanupGitignored data may not be recoverable from Git
Automation agentsUsers relying on unattended background cleanupReview worktree settings and old agent foldersThe issue is platform-specific, not a general Git worktree failure
Structured CI outputUsers of --json-schemaRetest schema validation after updatingInvalid schemas previously could produce unstructured output

Why this is early

The official release notes and documentation already show the fix, but the operational blast radius is still being discovered by users. A public GitHub issue opened July 7 describes a Windows setup where stale-worktree cleanup followed nested junctions and deleted data outside the worktree. Treat the issue body as an incident report, not as a vendor advisory, and verify your own setup before assuming exposure.

This is a local filesystem safety issue in an AI coding tool's worktree lifecycle. Anthropic's changelog names the exact fix, and the updated worktrees documentation explains the before-and-after behavior.

Key takeaways

  • Claude Code 2.1.205 was released on July 8, 2026 and is the version to check for this Windows worktree fix.
  • The risky pattern is a Claude-managed worktree on Windows containing nested NTFS junctions or directory symlinks that point outside the worktree.
  • Users with large local datasets, logs, caches, or generated artifacts linked into worktrees should inspect those folders before relying on automated cleanup.
  • The public incident report claims data loss outside the worktree, but the safest action does not depend on that exact environment: update and remove risky links.
  • Teams running unattended agent workflows should add a Windows-specific worktree audit to their Claude Code upgrade checklist.

Availability and access

Claude Code 2.1.205 is listed in the official changelog and GitHub releases. Run claude --version locally to confirm the installed version, then update through your normal Claude Code installation path if you are behind.

The fix matters most for Windows users who allow Claude Code to create and clean up worktrees for subagents or background sessions. Users who create manual Git worktrees outside Claude's cleanup path are less exposed, but they should still avoid nested junctions in any folder that an automated tool may delete.

Practical LinkLoot angle

If you run agentic coding workflows, treat temporary worktrees as production-adjacent storage, not disposable folders with no risk. Any link, mount, junction, symlink, cache, or generated-data folder inside an agent worktree changes what "delete the worktree" can mean.

For more agent-tool hygiene, keep LinkLoot's AI agent tools guide nearby: /guides/ai-agent-tools. The useful workflow is simple: update the tool, list worktrees, scan for links, then let agents resume work.

What to verify before you act

  • Confirm your local Claude Code version is 2.1.205 or newer with claude --version.
  • On Windows, inspect Claude-managed worktrees for NTFS junctions, directory symlinks, linked log folders, or linked datasets.
  • Check whether any background agents or subagents are configured to create temporary worktrees under a repository-owned path.
  • Review the updated Claude Code worktrees documentation before manually removing old worktrees.
  • Back up irreplaceable local data before deleting any worktree that contains links, mounts, or generated artifacts.

Source check

Confirmed by: Anthropic's Claude Code changelog and GitHub release both list 2.1.205 with the Windows worktree-removal fix. The Claude Code worktrees documentation now explains that nested NTFS junctions and directory symlinks are removed as link entries before worktree deletion.

Early signal / context: A public GitHub issue describes an incident involving stale-worktree cleanup, nested Windows junctions, and data loss outside the worktree. LinkLoot is using that issue as context for urgency, while grounding the fix itself in Anthropic's official changelog and documentation.

FAQ

Claude Code 2.1.205 lists the fix. Update to 2.1.205 or newer and confirm with claude --version.