pando-ai 0.2.6 → 0.2.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (5) hide show
  1. package/README.md +7 -6
  2. package/dist/cli.js +125 -125
  3. package/package.json +1 -1
  4. package/tools/clojure-editor/lib/pando-clojure-editor-standalone.jar +0 -0
  5. package/tools/clojure-indexer/lib/pando-clojure-indexer-standalone.jar +0 -0
package/README.md CHANGED
@@ -76,7 +76,7 @@ Legacy completion APIs, including OpenAI chat/completions and Anthropic
76
76
  | Capability | Claude Code | Codex |
77
77
  | --- | --- | --- |
78
78
  | Disable native tools | ✅ `--tools ""` (MCP stays available) + gateway/hook block | ⚠️ read-only sandbox + web search disabled + request/response gateway block |
79
- | Install Pando MCP, root-scoped | ✅ dynamic `--mcp-config` + `--strict-mcp-config` | ✅ dynamic required `-c mcp_servers.pando.*` |
79
+ | Install Pando MCP, root-scoped | ✅ dynamic `--mcp-config` + `--strict-mcp-config` | ✅ dynamic required `-c mcp_servers.pando.*` with Pando tools pre-approved |
80
80
  | `other_mcp: deny_all` | ✅ `--strict-mcp-config` (Pando only) + gateway/hook block | ✅ request/response gateway block |
81
81
  | `other_mcp: allow_list` | ✅ strict config with Pando + named servers + gateway/hook block | ✅ request/response gateway block |
82
82
  | `other_mcp: deny_list` | ✅ `--disallowedTools` removes denied names + gateway/hook block | ✅ request/response gateway block |
@@ -84,11 +84,12 @@ Legacy completion APIs, including OpenAI chat/completions and Anthropic
84
84
 
85
85
  - **Codex** has no documented strict-MCP switch and no exact `--tools ""`
86
86
  equivalent, so launch-time stripping is best-effort. Pando marks its MCP
87
- server required, disables Codex web search when native tools are denied,
88
- strips off-policy tool definitions from `/v1/responses` requests, blocks
89
- provider-bound off-policy tool call/result transcript items before they reach
90
- the model provider, and blocks off-policy tool calls in model responses before
91
- Codex can execute them.
87
+ server required, sets `default_tools_approval_mode="approve"` for Pando's own
88
+ MCP tools so non-interactive Codex launches can use them, disables Codex web
89
+ search when native tools are denied, strips off-policy tool definitions from
90
+ `/v1/responses` requests, blocks provider-bound off-policy tool call/result
91
+ transcript items before they reach the model provider, and blocks off-policy
92
+ tool calls in model responses before Codex can execute them.
92
93
  - **Claude Code** always gets Pando hook settings for tool-call/tool-result
93
94
  enforcement. API-key, auth-token, or Claude Code `apiKeyHelper` auth also
94
95
  enables gateway mode through `ANTHROPIC_BASE_URL`. Subscription-only launches