chernistry/bernstein

v1.10.1

A tightening release: one new adapter, one operator-facing run-time signal, and a handful of bugs that surfaced under less-forgiving conditions (CI on Python 3.12, on-prem evaluation, downstream packaging). 31 adapters now, 1014 tests, multi-OS CI green on Python 3.12 and 3.13.

Adapters

• Devin for Terminal (Cognition). First-class adapter for Cognition's enterprise coding agent. 558 lines of contract tests verify the spawn surface mirrors the long-running adapter pattern — process tracking, env isolation, timeout watchdogs. Drop-in for any plan via cli_agent: devin_terminal.
• Cursor adapter, corrected. The previous code shelled a non-existent cursor agent binary with fictional flags; rewritten against the real cursor-agent CLI surface (-p --workspace --output-format stream-json --trust --approve-mcps --force), 242 lines of new contract tests so it can't regress. Better to fix it loud than ship vapor.

Operator surfaces

• Run savings summary. Each bernstein run summary card now reports estimated savings vs running the same plan single-shot through the most expensive routed model. Cost-aware routing decisions become legible inline instead of needing a follow-up jq over .sdd/runtime/costs.jsonl.

Reliability

• Handoff tokens prefixed with h_. secrets.token_urlsafe() produces a --leading token in roughly 1.5% of issuances; click then misparses bernstein handoff claim TOKEN as if -V were an option. CI flake on 3.12 surfaced it; fix is at the source so every randomly-issued token works.

Documentation

• Enterprise evaluation guide — deployment shapes Bernstein already supports (laptop tool, on-prem cluster, air-gap-clean wheelhouse, MCP server mode behind a corporate egress proxy) and the audit, lineage, and operator surfaces you'd want to interrogate before bringing it inside a regulated perimeter.
• Use-case workflows page (docs/use-cases.md) — four most-asked patterns: continuous codebase audit, stale-PR triage, parallel adapter benchmarking, post-mortem evidence pack. Contributed by @zerone0x via #1048.
• Internal scheduler-LLM example bumped from gemini-2.5-pro to gemini-3.1-pro so the README matches model strings adapters actually accept.
• Author identity surfaces (sameAs / rel=me / twitter:creator) reconciled across bernstein.run, alexchernysh.com, and the SoftwareApplication JSON-LD on the docs site.

Tooling

• README's CodeTrendy banner shrunk from a 104px image strip to an inline shields.io badge.
• --max-agents doc references replaced with the real BERNSTEIN_MAX_AGENTS env var (the public surface since 1.8).

Recent direction

For context if you're discovering Bernstein with this release: the past two weeks have been compounding rather than headline-grabbing.

• clm adapter — wraps OpenAI-compatible LLM gateways (on-prem inference, corporate AI gateways, sovereign-cloud serving) with master-credential filtering at spawn time, scoped per-spawn tokens, and lineage emission shaped like an MLflow run record (#1012).
• Air-gap distribution — wheelhouse build + cosign signing + --allow-network HOST|CIDR|none|any policy + 17 adapters declaring their external endpoints. bernstein verify walks each wheel against a signed MANIFEST.json; --profile airgap is opt-in but enforced default-deny (#1015).
• Regulatory lineage — per-artifact trail extended with regulatory_class and customer-supplied Ed25519 detached signatures; v1 records read back unchanged. Exporter → CSV / JSON-LD / HTML for compliance handoff (#1013).
• AST-aware reviewer chunking — TreeSitter-backed; the reviewer sees a class as one unit instead of three half-classes (#993).
• Lethal-trifecta capability matrix — declarative tool↔surface↔egress checks, enforced before spawn rather than at post-hoc audit (#1002).
• HMAC-chained audit log — append-only JSONL with HMAC chain and rotation; lineage and trifecta gates build on top.

Not all of this is in 1.10.1 itself. Most landed across 1.9.x and 1.10.0. Calling them out so the trajectory is legible if you're triaging the project from a single release page.

Full changelog: https://github.com/sipyourdrink-ltd/bernstein/compare/v1.10.0...v1.10.1