Claude Code Fixes Prompt Cache Bug for Privacy Users

Claude Code quietly penalized developers who cared about privacy — and most of them never knew it. Setting DISABLE_TELEMETRY (an environment flag that turns off usage reporting to Anthropic) was supposed to protect your data. Instead, it silently downgraded your prompt cache from 1 hour to just 5 minutes, making every long coding session noticeably slower and burning extra tokens. That bug is now fixed in the latest changelog.

The Hidden Prompt Caching Penalty Inside Claude Code's Privacy Setting

Prompt caching is one of Claude Code's most important behind-the-scenes features. It works like a bookmark for your conversation: instead of re-reading every single message from scratch on each new request, Claude saves (or "caches") your session context so it can pick up where it left off. This cache has a TTL — time-to-live (how long the saved context stays valid before it expires and must be rebuilt from scratch) — set at 1 hour by default.

The actual bug: if you had set DISABLE_TELEMETRY=1 in your environment, Claude Code silently fell back to a 5-minute TTL — a 12× shorter window. In a 20-minute coding session, your cache would expire and rebuild itself multiple times, burning extra tokens (the units of text the AI processes, which directly determine both response speed and billing cost) and adding latency on every re-read of your open files and context.

The performance difference matters more than it sounds. A 1-hour cache means Claude remembers your full session context — your open files, your instructions, your conversation history — across an extended work block. A 5-minute cache means anything discussed more than 5 minutes ago gets silently re-processed on the next request. For a developer working with a 2,000-line file, that re-processing happens invisibly, at your expense, every few minutes.

There was no warning, no documentation note, and no startup message flagging the degradation. Enterprise teams with compliance reasons for disabling telemetry were hit especially hard — the very users most likely to disable reporting are the ones who got punished for it.

How to Enable 1-Hour Prompt Caching in Claude Code Right Now

With the fix deployed, all users get the full 1-hour TTL regardless of telemetry settings. Anthropic also added explicit, configurable controls for teams that need finer-grained management:

• ENABLE_PROMPT_CACHING_1H — explicitly forces 1-hour TTL across all supported platforms: Anthropic API, Bedrock (Amazon's cloud platform for running AI models), Vertex, and Foundry
• FORCE_PROMPT_CACHING_5M — forces 5-minute TTL for workflows that need faster context turnover on short tasks
• DISABLE_PROMPT_CACHING_* — disables caching entirely, but now triggers a visible startup warning so you know caching is off before you start a session

Note: The older ENABLE_PROMPT_CACHING_1H_BEDROCK flag — specific to Amazon Bedrock — is now deprecated. It still works for backward compatibility, but Anthropic recommends migrating to the unified flag at your next opportunity.

To explicitly enable 1-hour caching, add this to your shell profile (~/.zshrc or ~/.bashrc):

# Enable 1-hour prompt cache (recommended for most users)
export ENABLE_PROMPT_CACHING_1H=1

# Or force 5-minute cache for short sessions:
export FORCE_PROMPT_CACHING_5M=1

# Enterprise TLS proxy fix — use OS certificate store (now the default):
# export CLAUDE_CODE_CERT_STORE=bundled  # only if you need bundled CAs only

# Perforce users — enable p4 edit hints on read-only files:
# export CLAUDE_CODE_PERFORCE_MODE=1

After updating, Claude Code will display a startup warning if any DISABLE_PROMPT_CACHING* variable is set, so you always know your cache state before beginning work.

20+ Other Claude Code Fixes Shipping in This Update

The cache patch ships alongside a dense set of quality-of-life improvements. Here are the ones most developers will notice day-to-day:

Session Flow Gets Smarter

• /recap is now a real command — When you return to a suspended session, Claude automatically provides a summary of what was in progress. Trigger it manually with /recap or configure the behavior in /config. Essential for picking up work after a break.
• /undo now works as expected — The /undo command is now a direct alias for /rewind, which rolls back recent actions. No more hunting for the less-intuitive syntax.
• /resume defaults to your current directory — The session picker now shows sessions from your current folder first. Press Ctrl+A to see all projects across every directory on your machine.
• /model warns before switching mid-conversation — Switching AI models mid-session forces a full history re-read, since the new model can't use the existing cache. Claude Code now shows an explicit warning before this happens — preventing accidental token burns on an uncached re-read.

Security, Reliability, and Enterprise Fixes

• Bash tool permission bypass patched — A security hole allowed backslash-escaped flags to bypass read-only restrictions in the Bash tool (the component that lets Claude run terminal commands on your behalf). The bypass has been closed.
• Stalled API streams now auto-abort after 5 minutes — When the server stopped sending data mid-response, Claude Code previously hung indefinitely. Now it times out after 5 minutes and automatically retries using a non-streaming fallback, so sessions recover instead of freeze.
• Memory leak fixed in long sessions — Claude Code was quietly retaining dozens of historical message copies in RAM across long sessions. That accumulation is now cleaned up, reducing memory footprint during extended use.
• Error messages now distinguish two different limits — Previously, hitting Anthropic's server-side rate limit (a temporary slow-down when too many requests arrive at once) and exhausting your subscription's monthly token cap produced the same vague error. Now they're distinct, and server-side 5xx/529 errors include a direct link to status.claude.com so you can check for ongoing incidents.
• OS certificate store trusted by default — Claude Code now trusts your operating system's CA certificate store (the list of trusted security certificates your OS maintains) by default. This eliminates manual TLS proxy configuration for enterprise deployments. Set CLAUDE_CODE_CERT_STORE=bundled if you prefer Anthropic's bundled certificates only.
• Skill descriptions expanded from 250 to 1,536 characters — The internal description field Claude uses to decide which built-in slash commands to invoke has grown 6× in capacity, with a startup warning if any description would be truncated. This improves how reliably Claude selects the right tool for your request.

Three Groups Who Should Update Claude Code Today

This release matters most to three specific audiences — but upgrading is worthwhile for everyone:

• Privacy-conscious developers — If you've been running Claude Code with DISABLE_TELEMETRY=1, you've been getting 5-minute cache this whole time. After updating, your existing privacy setting still works, and the 1-hour cache is restored automatically. No extra configuration needed.
• Enterprise and infrastructure teams — The OS CA certificate fix removes a friction point for corporate TLS proxy setups that previously required manual workarounds. The new CLAUDE_CODE_PERFORCE_MODE variable adds first-class support for Perforce-based version control workflows, where files must be checked out before edits.
• Long-session power users — The memory leak fix, stream auto-recovery, and clearer error messages compound into a meaningfully smoother experience when you're running Claude Code for hours at a stretch. These are exactly the sessions where the 5-minute cache bug hurt most.

You can review the full changelog at code.claude.com/docs/en/changelog. No reinstall is required — the fixes ship in the latest version of Claude Code. If you're getting started, the Claude Code setup guide covers the key environment variables worth adding to your shell profile today.

Related Content — Get Started | Guides | More News