Claude Code v2.1.79 — 3 New Environment Variables: Subprocess Sandboxing and Startup Optimization#
Published on March 18, 2026
Part of the Claude Code Version Tracker series. | Official Changelog
Claude Code v2.1.79 adds 3 new environment variables and removes 2 compared to v2.1.78. The headline numbers are an 18MB reduction in startup memory usage and a new --console flag for Anthropic Console (API billing) authentication — but the environment variable changes point to deeper work on subprocess isolation and initialization architecture.
What Changed#
| v2.1.78 | v2.1.79 | |
|---|---|---|
| Environment variables | 181 | 182 (+3, -2) |
| Model IDs | 16 | 16 (no change) |
| Feature gates | 41 | 41 (no change) |
| Dynamic configs | 29 | 29 (no change) |
| Slash commands | 22 | 22 (no change) |
New Environment Variables (3)#
| Variable | Likely Purpose |
|---|---|
CLAUDE_CODE_SUBPROCESS_ENV_SCRUB | Controls which environment variables are sanitized or removed when Claude Code spawns child processes (Bash tool, hooks, subagents). This is a security-hardening measure — when Claude Code runs with sensitive variables like API keys or OAuth tokens, those shouldn't leak into every subprocess. The scrub list likely strips internal variables like CLAUDE_CODE_OAUTH_TOKEN and CLAUDE_CODE_SESSION_ACCESS_TOKEN from the child environment. This complements the existing CLAUDE_CODE_DONT_INHERIT_ENV variable but appears to offer more granular control over exactly which variables are removed rather than a blanket inheritance block. |
CLAUDE_CODE_EXTRA_METADATA | Passes additional metadata to API requests beyond what Claude Code includes by default. This likely attaches custom key-value pairs to the Anthropic API call headers or body — useful for enterprise deployments that need to tag requests with cost centers, team identifiers, or routing metadata for LLM gateway proxies. The --console flag introduced in this version for Anthropic Console authentication may use this internally to distinguish API-billed sessions from subscription-billed ones. |
CLAUDE_CODE_NEW_INIT | Toggles a refactored initialization path that reduces startup memory usage. The changelog explicitly highlights "~18MB" savings across all scenarios, which is a significant reduction for a Node.js CLI tool. This variable likely gates the new init path while the old one remains available as a fallback — a standard feature-flagging pattern for critical-path changes. The improvement benefits CI/CD pipelines and containerized deployments where multiple Claude Code instances may run concurrently and memory overhead compounds. |
What These Tell Us#
Subprocess isolation is becoming a first-class concern. CLAUDE_CODE_SUBPROCESS_ENV_SCRUB addresses a real security gap: Claude Code's process environment accumulates sensitive tokens (OAuth, session access, API keys) that previously passed through to every Bash invocation and hook execution. In enterprise environments where hooks shell out to internal tools or where MCP servers spawn additional processes, this leakage surface is non-trivial. Combined with v2.1.78's sandbox fixes (silent disable warning, protected directory enforcement), Anthropic is systematically closing the gap between Claude Code's default security posture and what enterprise security teams expect. The pattern over the last three releases — sandbox hardening in v2.1.78, deny rule enforcement, and now subprocess env scrubbing — reads like the output of a focused security audit.
The initialization path is being rewritten for scale. CLAUDE_CODE_NEW_INIT and the 18MB memory reduction suggest a meaningful refactoring of how Claude Code bootstraps itself. Startup optimization has been a recurring theme: v2.1.77 shaved 60ms by parallelizing macOS keychain reads, v2.1.78 improved --resume memory for large sessions, and now v2.1.79 cuts baseline memory by 18MB. This matters most for the growing number of orchestration patterns — subagents, cowork teammates, background tasks — where each instance carries that startup cost. The non-streaming API fallback improvement (2-minute per-attempt timeout) also targets reliability at scale, preventing indefinitely hung sessions when streaming endpoints fail.
Feature flag cleanup continues. The removal of CLAUDE_CODE_GB_BASE_URL and CLAUDE_CODE_STREAMING_TEXT follows the same pattern seen in earlier versions: experimental features either graduate to defaults or get pulled. CLAUDE_CODE_STREAMING_TEXT was likely superseded by v2.1.78's line-by-line streaming becoming the standard behavior. CLAUDE_CODE_GB_BASE_URL (possibly an internal routing endpoint) being removed suggests that whatever it pointed to has been consolidated into the main API path.
Removed Environment Variables (2)#
| Variable | Notes |
|---|---|
CLAUDE_CODE_STREAMING_TEXT | Likely controlled an experimental streaming text mode that has now graduated to being the default behavior. v2.1.78 introduced line-by-line response streaming — this flag was probably the gate for that feature during development. |
CLAUDE_CODE_GB_BASE_URL | An internal base URL override, possibly for a "gradebook" or grading service used during internal testing. Its removal suggests the endpoint was consolidated or the feature it pointed to was deprecated. |
This analysis is conducted for independent security research and interoperability purposes under fair use principles. All trademarks belong to their respective owners. The information presented here documents publicly observable behavior of installed software and is not intended to circumvent any technological protection measures, infringe on intellectual property rights, or encourage unauthorized use. Use these findings at your own discretion.
Related Versions#
- Claude Code v2.1.78 — 2 New Environment Variables — plugin persistence, security hardening
- Claude Code v2.1.77 — 1 New Environment Variable — cowork memory guidelines, 25+ bug fixes
- Claude Code v2.1.76 — 3 New Environment Variables — MCP elicitation, workspace host paths
- Claude Code v2.1.75 — 2 New Environment Variables — auto-compact window, plugin options
- Claude Code v2.1.74 — 2 New Environment Variables — frame timing diagnostics, session-end hook timeouts
Related: Context Window Management Guide | Claude Code Productivity Tips | The Agentic Engineering Playbook