pando-ai 0.8.9 → 0.9.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (6) hide show
  1. package/README.md +15 -9
  2. package/dist/cli.js +206 -206
  3. package/dist/security-daemon.js +257 -258
  4. package/package.json +1 -1
  5. package/tools/clojure-editor/lib/pando-clojure-editor-standalone.jar +0 -0
  6. package/tools/clojure-indexer/lib/pando-clojure-indexer-standalone.jar +0 -0
package/README.md CHANGED
@@ -105,11 +105,17 @@ and the minimal runtime/toolchain paths needed to start common commands. Network
105
105
  is denied by default. There is no silent unsandboxed fallback for workspace
106
106
  mutation.
107
107
 
108
- Install-time security setup also provisions dedicated local users
109
- (`pando-workspace` and `pando-core`) and a root-owned helper daemon. The helper
110
- is intentionally narrow: it can only launch Pando's known roles for validated
111
- project roots over stdio. It is not a general command runner and does not accept
112
- custom argv, shells, or arbitrary commands.
108
+ Install-time security setup provisions dedicated local users (`pando-ai-ws` and
109
+ `pando-ai-core`), grants access to Pando's data root, and installs a root-owned
110
+ helper daemon. It does not recursively ACL the shell's current directory, so the
111
+ installer can be run from anywhere.
112
+
113
+ On the first supervised launch from a project, Pando automatically configures
114
+ that repo's tracked ACLs before starting Codex or Claude. There is no older
115
+ direct MCP fallback in supervised mode: role-scoped MCP servers always start via
116
+ the security helper. The helper is intentionally narrow: it can only launch
117
+ Pando's known roles for validated project roots over stdio. It is not a general
118
+ command runner and does not accept custom argv, shells, or arbitrary commands.
113
119
 
114
120
  The helper entrypoint is:
115
121
 
@@ -123,11 +129,11 @@ selects the role's dedicated user when privilege is available, starts the fixed
123
129
  Pando MCP server invocation, and lets the normal workspace sandbox apply before
124
130
  mutating tools are served.
125
131
 
126
- Security setup is normally invoked by install/uninstall, but can be run
127
- directly:
132
+ Security setup is normally invoked by install and launch, but can be run
133
+ directly for diagnostics or admin automation:
128
134
 
129
135
  ```bash
130
- pando-ai security setup-users
136
+ pando-ai security setup-users --data-root ~/.pando-data --real-root /path/to/repo
131
137
  ```
132
138
 
133
139
  Diagnostics use the same JSONL log as the gateway and installer:
@@ -285,7 +291,7 @@ pando-ai serve [path] # stdio MCP server for MCP clients
285
291
  pando-ai serve-http # explicit HTTP MCP server for debugging/integrations
286
292
  pando-ai gateway # run the firewall gateway in the foreground (debug)
287
293
  pando-ai proxy status|enable|disable [codex|claude]
288
- pando-ai security setup-users
294
+ pando-ai security setup-users [--data-root <path>] [--real-root <path>]
289
295
  pando-ai security launch --role <core|workspace> --project-root <path> --stdio
290
296
  pando-ai login|logout|whoami
291
297
  pando-ai config set telemetry false