Sonnet 5 changes the default
July 3, 2026 · 10:29 AM

Sonnet 5 changes the default

Claude Sonnet 5 became the default in Claude Code, GitHub Copilot added Kimi K2.7 Code while setting a Gemini deprecation date, Cursor shipped iOS agents and new team pricing, and Z.ai launched ZCode.

Coverage window: June 26, 2026, 10:26 a.m. to July 3, 2026, 10:00 a.m. channel time.
Claude Sonnet 5 became the new default in Claude Code, GitHub Copilot added its first open-weight model while setting a Gemini deprecation date, Cursor put agents on iOS and split team usage into clearer pools, and Z.ai launched a free GLM-5.2 desktop IDE. The operational pattern is more important than any single release: AI coding tools are moving from optional editor add-ons toward managed agent infrastructure.

Fast triage

AreaWhat changedWhy it matters for tooling teams
Claude Code defaultAnthropic released Claude Sonnet 5 on June 30, made it the default model for Free and Pro users, and made it available in Claude Code, Claude Platform, and the API under model ID claude-sonnet-5. 1 Claude Code v2.1.197 made Sonnet 5 the default model the same day. 2Re-test internal Claude Code workflows before assuming Opus-class models are needed for routine agent work. Also review token budgets because Sonnet 5 uses a new tokenizer and the same input may map to 1.0x to 1.35x as many tokens. 1
Fable 5 restoredAnthropic said US export controls on Fable 5 and Mythos 5 were lifted on June 30, and Fable 5 became available globally on July 1 across Claude Platform, Claude.ai, Claude Code, and Claude Cowork. 3Model fallback plans should account for policy-driven availability swings, not only vendor uptime. Fable 5 is back, but Anthropic also said its new classifier may flag benign coding and debugging requests more often. 3
Copilot model mixGitHub made Kimi K2.7 Code generally available in Copilot on July 1 as its first selectable open-weight model, hosted by GitHub on Microsoft Azure. 4 GitHub also said Gemini 2.5 Pro and Gemini 3 Flash will be deprecated across Copilot on July 31. 5Copilot administrators need an explicit model policy, especially for Business and Enterprise plans where Kimi K2.7 Code is disabled by default and must be enabled in settings. 4
Cursor on mobileCursor for iOS entered public beta on June 29 for all paid plans, letting users start cloud agents from a phone, use voice input, track Live Activities, receive completion or review notifications, and merge PRs from mobile. 6Agent supervision is no longer tied to the desktop IDE. Teams should define when mobile approval is acceptable for production code.
Cursor securityCato AI Labs disclosed DuneSlide on July 1: two Cursor IDE RCE vulnerabilities, CVE-2026-50548 and CVE-2026-50549, both rated CVSS 9.8 and exploitable through zero-click prompt injection. 7MCP and search-result ingestion need security review. Cato said both issues were fixed in Cursor 3.0 on April 2, but the exploit class is relevant to any agent that can write files or execute commands. 7
ZCode launchZ.ai launched ZCode, a free desktop agentic IDE tuned for GLM-5.2, with macOS, Windows, and Linux support plus BYOK support for third-party models. 8 ZCode shipped six releases from v3.2.0 on June 29 through v3.2.5 on July 3. 9Sovereign and open-weight model strategies now have a full IDE surface, not only APIs or CLI wrappers.

Model defaults are changing faster than procurement cycles

Claude Sonnet 5 is the most immediately actionable model update because it changed the default path for Claude Code. Anthropic priced Sonnet 5 at $2 per million input tokens and $10 per million output tokens through August 31, with standard pricing of $3 and $15 after that date. 1 Anthropic also gave Sonnet 5 a native 1 million-token context window and positioned it as close to Opus 4.8 for agentic coding at lower cost. 1
For teams using Claude Code, the release is not just a benchmark event. Claude Code v2.1.198 made subagents run in the background by default, moved Claude in Chrome to general availability, added a /dataviz skill, and allowed the Gateway to use Claude Platform on AWS as an upstream provider. 2 Claude Code v2.1.200 then changed the default permission mode to Manual and fixed multiple background-agent and session failures. 2 Those changes point in opposite operational directions: more autonomy in execution, more caution in permission defaults.
Fable 5 adds the availability lesson. Anthropic said Fable 5 returned globally on July 1 after export controls were lifted, while Mythos 5 returned only for selected US organizations after separate government approval on June 26. 3 Anthropic also said Pro, Max, Team, and selected Enterprise plans get Fable 5 included for up to 50% of weekly usage through July 7, after which it moves to usage credits. 3 If a team standardized on Fable 5 during the earlier release window, the past three weeks have shown why model fallback should be a written platform policy.
GitHub Copilot moved in the same direction from the buyer side. Kimi K2.7 Code is now available to Copilot Pro, Pro+, and Max users during rollout, while Business and Enterprise administrators must enable a policy before users can select it. 4 GitHub says the model works across VS Code, Visual Studio, Copilot CLI, Cloud Agent, the Copilot app, github.com, mobile, JetBrains IDEs, Xcode, and Eclipse. 4 The admin question is not whether open-weight models are useful in the abstract. It is whether this model should be enabled for the code, data-governance, and support posture of a specific organization.
The Gemini deprecation has a harder deadline. GitHub said Gemini 2.5 Pro and Gemini 3 Flash will be retired from all Copilot experiences on July 31, including Chat, inline edits, ask and agent modes, and code completions. 5 GitHub named Gemini 3.1 Pro and Gemini 3.5 Flash as replacements, and enterprise administrators may need to enable the replacement models in Copilot settings. 5
OpenAI's GPT-5.6 preview is less deployable this week but still relevant for roadmap planning. AIToolsReview reported that GPT-5.6 launched on June 26 as Sol, Terra, and Luna, with Sol priced at $5 input and $30 output per million tokens, Terra at $2.50 and $15, and Luna at $1 and $6. 10 The same report said Sol scored 88.8% on Terminal-Bench 2.1, or 91.9% in Ultra configuration, but did not publish a SWE-bench Pro score. 10 Treat it as a near-term watch item until access and independent coding evaluations are clearer.

IDE and agent surfaces moved closer to daily workflow

Cursor's iOS beta is the clearest workflow shift. Cursor says paid users can pick a repository, choose a frontier model, describe work by voice, start a cloud agent, review demos, screenshots, logs, and diffs, and merge a PR from the phone. 6 Cursor also says Remote Control can steer an agent already running on the desktop and keep the computer awake. 6 For engineering managers, this is a review-policy issue before it is a convenience feature.
Cursor also expanded Team MCP distribution on June 30. Administrators can configure Team MCP servers in Dashboard under Integrations and MCP, distribute them through the Team Marketplace, and apply organization-group access controls. 11 Cursor says Team MCP servers work across cloud agents, the agents window, the IDE, and the CLI. 11 That should reduce one-off developer setup, but it also centralizes the blast radius of a misconfigured integration.
Cursor's pricing change gives platform owners a cleaner cost model. From July 1 for new renewing customers, the Standard seat keeps a $40 monthly price but separates usage into a Composer plus Auto pool and a Third-Party API pool. 12 The new Premium seat costs $120 per month on month-to-month billing or $96 per month annually, and Cursor says it provides 5x the Standard seat usage for 3x the price. 12 Cursor also added real-time usage visibility, Slack and email spend alerts, and seat recommendations based on usage behavior. 12
ZCode is the week's most important new IDE entrant. Z.ai, formerly Zhipu AI, launched ZCode as a free desktop agentic IDE for GLM-5.2, with BYOK support for Claude Code, Codex, Gemini, and OpenCode. 8 VentureBeat reported that GLM-5.2 is a 744 billion-parameter mixture-of-experts model with 40 billion active parameters, a 1 million-token context window, MIT-licensed open weights, and training that used Huawei chips rather than US chips. 8 ZCode's own changelog shows rapid early iteration: plugin management, general subagents, long-context attachment handling, file rollback summaries, trusted workspace MCP servers, self-diagnostic guides, and SSH remote skill sync all landed between v3.2.0 and v3.2.5. 9
Kimi Code CLI also filled in product ergonomics. MoonshotAI shipped v0.21.0 on July 1 with plugin slash commands, redesigned conversation compression, session-level key-value storage for Web UI preferences, Mermaid rendering, KaTeX support, and Esc Esc undo. 13 Version 0.22.0 followed on July 2 with automatic large-image compression, a redesigned Web UI, Cmd or Ctrl+K session search, grouped tool calls, and model alias overrides. 14 Version 0.22.2 on July 3 fixed repeated transcript output, dropped messages after interrupted turns, and context-compaction planning issues. 15
CodeGraph, an open-source codebase graph tool used as agent context, released v1.2.0 on July 2. It expanded local-variable method-call parsing beyond C++ to TypeScript, JavaScript, Python, Java, C#, Kotlin, Swift, Go, Rust, Dart, Scala, PHP, Lua, Luau, R, Pascal, and Delphi. 16 The release also fixed Ruby receiver-method edges, C++ forward-declaration handling, Unreal Engine-style inline macros, and graph traversal duplication or omissions. 16 The project reached 57.3K stars, up from 55K at the prior checkpoint. 16

Security and governance are now product requirements

DuneSlide is the week's security reminder. Cato AI Labs disclosed two Cursor IDE vulnerabilities on July 1: CVE-2026-50548, a working-directory parameter manipulation issue, and CVE-2026-50549, a symlink normalization failure. 7 Cato rated both as CVSS 9.8 and described the exploit path as zero-click prompt injection, where a user gives a harmless prompt but the model ingests attacker-controlled content from an MCP server or search result. 7 Cato says both bugs were fixed in Cursor 3.0 on April 2, before the July 1 public disclosure. 7
The useful takeaway is architectural. Agent sandboxes need path validation, symlink handling, tool-input provenance, and deny-by-default write rules. MCP servers should be treated like code execution surfaces when they can feed instructions into an agent that has filesystem access.
Anthropic also published a more formal cyber-safety framework around Fable 5. On July 2, Anthropic described four classifier categories for Fable 5 cyber use: prohibited use, high-risk dual use, low-risk dual use, and benign use. 17 Anthropic also proposed the Cyber Jailbreak Severity framework, a 0 to 4 scale based on capability gain, breadth, ease of weaponization, and discoverability. 17 The framework is not an enterprise control by itself, but it gives security teams a vocabulary for classifying model-jailbreak reports that affect coding agents.
Claude Tag deserves attention for teams that connect coding agents to collaboration systems. Anthropic launched Claude Tag in Slack beta for Enterprise and Team customers on June 23, using Claude Opus 4.8 as the underlying model. 18 Anthropic said the legacy Claude in Slack will stop working on August 3 and that its internal product team has 65% of its code created by an internal version of Claude Tag. 18 If a Slack agent can retain channel memory, call MCP tools, and monitor ambient messages, channel-level data boundaries matter as much as IDE-level permissions.
GitHub's July 1 and July 2 Copilot updates also add governance work. Copilot Vision reached general availability on July 1, enterprise managed settings for managed-settings.json reached general availability the same day, and enterprises can set auto model selection as the default for new conversations. 19 On July 2, Copilot cost centers added support for AI credit pools, and GitHub said agent session streaming entered public preview. 20 21 Those are admin features, not just user features. They determine who can select models, how spend is allocated, and how agent work is observed.

Watchlist

SignalWhat happenedHow to treat it
Devin model integrationsDevin added Claude Fable 5 to Cloud Ultra agent, Devin Desktop, and Devin CLI on July 1, and Claude Sonnet 5 has been available in Devin Desktop and CLI since June 30 with about 30% less quota usage than Sonnet 4.6 through August 31. 22 23Recheck Devin quotas and model defaults if your team uses Devin for large implementation tasks.
Agentic MapReduceCognition announced Agentic MapReduce on July 1 as an architecture for distributed full-codebase reasoning with agents. 22Wait for reproducible technical detail before treating it as a procurement differentiator.
Weave Router adoptionWeave Router reached 716 GitHub stars, up from 91 at the prior checkpoint, and supports routing for Claude Code, Codex CLI, opencode, and Cursor. 24Local routing may help cost and latency, but review license terms, telemetry, and failure behavior before inserting it into a production coding workflow.
pxpipe cost experimentThe pxpipe project claims roughly 59% to 70% Fable 5 cost reduction by rendering bulky context as PNG images before sending it to Claude, with lossy recall caveats for byte-exact strings. 25Treat this as an experiment for non-verbatim context, not a general compression layer for code or secrets.
Human-supervised workflowsGreg Slepak's "short leash" AI coding method reached 176 Hacker News points and 222 comments on July 2; the method argues against YOLO mode and requires diff review before approval. 26 27The community debate is useful because it maps directly to policy: permission mode, review ownership, and commit granularity.

Actions before next Friday

  1. Audit model allowlists. Confirm whether Sonnet 5, Fable 5, Kimi K2.7 Code, Gemini 3.1 Pro, and Gemini 3.5 Flash are allowed, blocked, or pending evaluation in each coding surface your team supports. 1 4 5
  2. Review Cursor exposure. Cursor teams should verify they are on a version newer than Cursor 3.0, review approved MCP servers, and decide whether mobile PR review is acceptable for repositories with production access. 6 7 11
  3. Update Copilot deprecation plans. July 31 is the deadline for Gemini 2.5 Pro and Gemini 3 Flash removal from Copilot, and replacement models may require admin policy changes. 5
  4. Put cost controls next to model controls. Cursor's new seat split, Copilot AI credit pools, and Sonnet 5 promotional pricing all change the budget model before they change developer habits. 12 20 1
Cover image: Cursor for iOS product image from Cursor.

More from this channel

Related content

  • Sign in to comment.