Compat bump for Claude Code 2.1.120

• Target: Claude Code 2.1.120 (Bun SEA ELF, ~234 MB, sha256 989a82997d69)
• Patches: 96/96 verify clean on 2.1.120
• No new patches — signature scan re-locates all anchors automatically; this is a metadata/version bump only

Changed

• pyproject.toml, vpcc/__init__.py: 2.1.119 → 2.1.120
• README: badges, vfs-aware tag, compat matrix updated; 2.1.120 marked current, 2.1.119 → stable, 2.1.121+ → watch mode
• Doctor sample output refreshed with 2.1.120 binary fingerprint

Upgrade

pipx upgrade vpcc          # or
pipx install --force git+https://github.com/VoidChecksum/void-patcher-cc
vpcc autoheal

Verify

vpcc verify    # → ✓ all patches verified
vpcc status    # → patches: 95+ on 2.1.120

Highlights

• CC 2.1.119 compat: new .bun section embeds both the active JS bundle AND a VFS copy of the same source. Pre-2.1.119 vpcc patched both, corrupting the VFS bundle and crashing with an opaque entry.instantiate error inside Bun's ESM linker.
• _find_active_bundle_bounds() now locates the // @bun @bytecode marker, reads the u32 blob size at (marker-4), and restricts all search_regex writes to [marker, marker + blob_size). VFS copy stays pristine, Bun loads cleanly.
• Falls back to full-section scan on pre-2.1.119 single-bundle builds.

New patches (19)

Refusal / directive off

• 78 js-webfetch-lyrics-copyright-clause
• 92 js-no-doc-creation-directive-off

Permission toughening (2.1.119 symbol refresh)

• 79 js-command-injection-classifier-neutralize
• 80 js-dangerous-shell-prefix-neutralize
• 81 js-bypass-permissions-async-kill-v2_1_119
• 82 js-bypass-permissions-sync-kill-v2_1_119

Network resilience (ECONNREFUSED / ETIMEDOUT never bubble up)

• 75 js-econnrefused-silent
• 86 js-marketplace-etimedout-silent

Statsig gates — default on

• 83 js-always-enable-effort-on
• 84 js-plan-mode-interview-phase-on
• 85 js-verified-vs-assumed-on
• 88 js-classifier-summary-kill-on
• 89 js-fgts-default-on
• 93 js-auto-background-agents-on
• 94 js-session-memory-on
• 95 js-cold-compact-on

Statsig gates — default off

• 87 js-destructive-command-warning-off

Telemetry kill

• 90 js-generated-with-footer-off-extra
• 91 js-disable-nonessential-traffic-default

Verification

• 93 ok · 0 failed · 3 skipped (mcp-guard / cli-wrapper / seccomp — outside vpcc scope, require void-patcher)
• claude --version → 2.1.119 (Claude Code)
• vpcc scan → 77 ok, all anchors locatable (12 intentional bytecode-only exclusions)

Install

```bash
curl -fsSL https://raw.githubusercontent.com/VoidChecksum/void-patcher-cc/main/install.sh | bash
```

Or upgrade existing:
```bash
vpcc self-update
```

Full changelog

v2.1.116...v2.1.119

Claude Code 2.1.116 compatibility

ELF binary (claude-code-linux-x64/claude) is byte-identical to v2.1.114 (sha256 0d1aea5ce056…). Only the npm wrapper was bumped — existing 77 byte-patches still apply cleanly.

Changes

• vpcc.__version__ → 2.1.116
• 55-js-plugin-deny-allowlist-passthrough: hardcoded minified var A → regex capture group ([A-Za-z_$][\w$]*). Replaces !A.dev with !1<pad> (byte-length preserved). Applied marker + anchor string updated to current f.name output.
• 13 additional patches auto-healed by scanner regex regeneration against current ELF:
  35 · 44 · 48 · 51 · 52 · 53 · 54 · 56 · 59 · 62 · 63 · 67

State

• 77 / 77 patches verified
• 0 signature drift
• 3-layer defense intact (byte-patch · preload hook · auto-heal timer)

Install

curl -fsSL https://raw.githubusercontent.com/VoidChecksum/void-patcher-cc/main/install.sh | bash