Stop Claude Code Session URLs From Landing in Your Public Git History Anthropic's Claude Code tool has been automatically appending session URLs to commits and pull request descriptions since version 2.1.179, exposing internal links in public git history. The company released setting `attribution.sessionUrl: false` in version 2.1.183 to disable this behavior, addressing developer concerns about unintended disclosure of metadata and commit clutter. Stop Claude Code Session URLs From Landing in Your Public Git History You open a teammate’s pull request and there it is, stapled to the bottom of the description: 🔗 https://claude.ai/code/session 01SBzqph11q7ZSHA5QEGgtu5 Nobody typed that. Nobody chose to publish it. But it’s in the PR body now, and on the commits underneath it, sitting in your repo’s history where every contributor — and on a public repo, the whole internet — can read it. If you’ve been running Claude Code from the web or over Remote Control, that line comes from a default you never opted into. As of v2.1.183 June 2026 there’s finally a single setting to turn it off. Here’s that setting, what the link actually exposes less than the panic suggests , and how to decide your team’s policy. The fix Add this to your settings: { "attribution": { "sessionUrl": false } } attribution.sessionUrl is a boolean nested under attribution . It defaults to true . Set it to false and Claude Code stops appending the claude.ai/code/session … link to your commits and PRs. That’s the whole fix. One caveat up front: this only affects web sessions and Remote Control sessions . Local CLI sessions never added the link, so the setting is a no-op there. The v2.1.183 changelog https://github.com/anthropics/claude-code/releases/tag/v2.1.183 puts it plainly — “Added attribution.sessionUrl setting to omit the claude.ai session link from commits and PRs in web and Remote Control sessions.” What’s actually being added Since around v2.1.179, commits Claude makes in a web session carry a Claude-Session: git trailer pointing at the session URL, and PR bodies get the same URL on its own line. It looks like attribution — same neighborhood as the 🤖 Generated with Claude Code line and the Co-Authored-By trailer — but until v2.1.183 it had no off switch of its own. That last part is why people were annoyed. Developers who’d already set attribution.commit: "" for clean commits found the session URL still showed up issue 41873 https://github.com/anthropics/claude-code/issues/41873 . The attribution-text setting didn’t touch it. That issue was closed “not planned,” and a separate request to make the link opt-in 66504 https://github.com/anthropics/claude-code/issues/66504 is where the v2.1.183 setting eventually came from. So if you tried to kill this a while back and failed: you weren’t crazy — the knob didn’t exist yet. Is this a leak? Short answer: no, not in the “you dumped a credential” sense. Be honest with yourself about the actual cost before you treat it like an incident. What the link is: a deep link to your Claude Code session. It’s generally only resolvable by the account that owns the session. A stranger who finds https://claude.ai/code/session 01SB… in your git log can’t open your transcript. It is not a public API key, not a token, not your prompt history exposed to the world. So what is the cost? Three real ones, none of them a CVE: History clutter. On a public or OSS repo, every agent-authored commit now carries an internal SaaS URL that means nothing to outside contributors. It’s noise in git log , forever. Minor information disclosure. The line signals which commits were agent-authored and exposes an internal link surface — the URL pattern, the fact that you’re driving from web or Remote Control. That’s metadata, not secrets, but on a public repo it’s metadata you’re publishing by default. A policy gap. It shipped on-by-default with no opt-in prompt. For a team or an org, “a tool changed our commit format and nobody decided to” is the thing worth fixing — more than the URL itself. Frame it as cleanliness and governance, not breach response. If you sell your team a “we’re leaking secrets” story, the first person who clicks the link, hits an auth wall, and realizes it’s account-scoped will quietly discount your next security call. Get this one right. This is the same config-hygiene muscle as locking down permissions /blog/claude-code-safe-mode/ or picking an auto-review posture /blog/cursor-auto-review-vs-yolo/ — boring settings that decide what your team ships by default. Where to set it Same precedence as every other Claude Code setting — most specific wins: User — ~/.claude/settings.json . Affects only you, across every repo. Good for personal preference. Project — .claude/settings.json , committed to the repo. This is how a team standardizes: one commit, and everyone who runs Claude Code in that repo inherits sessionUrl: false . Enterprise managed settings — org-enforced, overrides the others. Use this when “off” isn’t a suggestion — public repos under a company org, say. For a shared repo, set it at the project level. Relying on every contributor to fix their own ~/.claude is how you end up with half your commits clean and half not. It’s not the only attribution knob While you’re in there, know the rest of the surface so you configure the whole thing, not just the URL: attribution.sessionUrl — the claude.ai/code/session … link this post . includeCoAuthoredBy — the Co-Authored-By: Claude