# Stop Claude Code Session URLs From Landing in Your Public Git History

> Source: <https://outofcontext.dev/blog/claude-code-session-url-attribution/>
> Published: 2026-06-30 00:00:00+00:00

# Stop Claude Code Session URLs From Landing in Your Public Git History

You open a teammate’s pull request and there it is, stapled to the bottom of the description:

```
🔗 https://claude.ai/code/session_01SBzqph11q7ZSHA5QEGgtu5
```

Nobody typed that. Nobody chose to publish it. But it’s in the PR body now, and on the commits underneath it, sitting in your repo’s history where every contributor — and on a public repo, the whole internet — can read it.

If you’ve been running Claude Code from the web or over Remote Control, that line comes from a default you never opted into. As of **v2.1.183 (June 2026)** there’s finally a single setting to turn it off. Here’s that setting, what the link actually exposes (less than the panic suggests), and how to decide your team’s policy.

## The fix

Add this to your settings:

```
{
  "attribution": {
    "sessionUrl": false
  }
}
```

`attribution.sessionUrl`

is a boolean nested under `attribution`

. It defaults to `true`

. Set it to `false`

and Claude Code stops appending the `claude.ai/code/session_…`

link to your commits and PRs. That’s the whole fix.

One caveat up front: this only affects **web sessions and Remote Control sessions**. Local CLI sessions never added the link, so the setting is a no-op there. The [v2.1.183 changelog](https://github.com/anthropics/claude-code/releases/tag/v2.1.183) puts it plainly — “Added `attribution.sessionUrl`

setting to omit the claude.ai session link from commits and PRs in web and Remote Control sessions.”

## What’s actually being added

Since around v2.1.179, commits Claude makes in a web session carry a `Claude-Session:`

git trailer pointing at the session URL, and PR bodies get the same URL on its own line. It looks like attribution — same neighborhood as the `🤖 Generated with Claude Code`

line and the `Co-Authored-By`

trailer — but until v2.1.183 it had no off switch of its own.

That last part is why people were annoyed. Developers who’d already set `attribution.commit: ""`

for clean commits found the session URL *still* showed up ([issue #41873](https://github.com/anthropics/claude-code/issues/41873)). The attribution-text setting didn’t touch it. That issue was closed “not planned,” and a separate request to make the link opt-in ([#66504](https://github.com/anthropics/claude-code/issues/66504)) is where the v2.1.183 setting eventually came from. So if you tried to kill this a while back and failed: you weren’t crazy — the knob didn’t exist yet.

## Is this a leak?

Short answer: no, not in the “you dumped a credential” sense. Be honest with yourself about the actual cost before you treat it like an incident.

What the link is: a deep link to your Claude Code session. **It’s generally only resolvable by the account that owns the session.** A stranger who finds `https://claude.ai/code/session_01SB…`

in your git log can’t open your transcript. It is not a public API key, not a token, not your prompt history exposed to the world.

So what *is* the cost? Three real ones, none of them a CVE:

**History clutter.** On a public or OSS repo, every agent-authored commit now carries an internal SaaS URL that means nothing to outside contributors. It’s noise in`git log`

, forever.**Minor information disclosure.** The line signals*which*commits were agent-authored and exposes an internal link surface — the URL pattern, the fact that you’re driving from web or Remote Control. That’s metadata, not secrets, but on a public repo it’s metadata you’re publishing by default.**A policy gap.** It shipped on-by-default with no opt-in prompt. For a team or an org, “a tool changed our commit format and nobody decided to” is the thing worth fixing — more than the URL itself.

Frame it as cleanliness and governance, not breach response. If you sell your team a “we’re leaking secrets” story, the first person who clicks the link, hits an auth wall, and realizes it’s account-scoped will quietly discount your next security call. Get this one right. (This is the same config-hygiene muscle as [locking down permissions](/blog/claude-code-safe-mode/) or [picking an auto-review posture](/blog/cursor-auto-review-vs-yolo/) — boring settings that decide what your team ships by default.)

## Where to set it

Same precedence as every other Claude Code setting — most specific wins:

**User**—`~/.claude/settings.json`

. Affects only you, across every repo. Good for personal preference.**Project**—`.claude/settings.json`

, committed to the repo.**This is how a team standardizes:** one commit, and everyone who runs Claude Code in that repo inherits`sessionUrl: false`

.**Enterprise managed settings**— org-enforced, overrides the others. Use this when “off” isn’t a suggestion — public repos under a company org, say.

For a shared repo, set it at the project level. Relying on every contributor to fix their own `~/.claude`

is how you end up with half your commits clean and half not.

## It’s not the only attribution knob

While you’re in there, know the rest of the surface so you configure the whole thing, not just the URL:

`attribution.sessionUrl`

— the`claude.ai/code/session_…`

link (this post).`includeCoAuthoredBy`

— the`Co-Authored-By: Claude <noreply@anthropic.com>`

trailer. Boolean, default`true`

; set`false`

to drop it.`attribution.commit`

/`attribution.pr`

— the human-readable “Generated with Claude Code” text on commits and PRs. Set to`""`

to remove.

These are independent. Turning off the session URL leaves the co-author trailer in place, and vice versa. Decide all three in one sitting, or you’ll be back here next month for the one you missed.

## A team policy in three tiers

**Solo / private repo:** leave`sessionUrl`

on. The link is a genuinely useful audit trail — click a commit, land back in the session that produced it. Nobody outside sees it. Keep the signal.**Shared team repo:** set`sessionUrl: false`

at the project level, and settle your`Co-Authored-By`

policy in the same PR. Standardize once so the history stays consistent.**Public / OSS repo:**`sessionUrl: false`

, enforced via managed settings if you have an org that can. External contributors don’t need your internal links in the canonical history.

## Bottom line

The session link is an audit feature wearing a privacy scare’s clothing. **On a repo where you’re the only reader, it’s useful; on a repo strangers read, it’s clutter you didn’t choose — and now it’s one boolean to remove.** Default-on with no prompt was the real miss; `attribution.sessionUrl: false`

is the fix. Set it at the level that matches who can see your history.

In your repos — is the session link useful audit signal, or noise you turned off the day you found it?
