chernistry/bernstein

v1.6.4

The largest patch release yet — 369 files changed across cross-platform fixes, a critical server-stability bug, new workflow specs, and a security pentest harness.

Highlights

uvicorn --reload disabled in production — the task server's supervisor unconditionally enabled --reload, so every file write by a bernstein agent triggered a uvicorn restart. On a self-modifying codebase this caused cascading failures: port collisions, dropped HTTP connections, 127-second orchestrator ticks, and eventually full system death. Fixed by gating --reload on evolve_mode only. Root-cause analysis and fix in commit 55cd00d0.

Speculative execution design spec (#714) — architecture document for branching task graphs where the orchestrator runs multiple candidate approaches in parallel and discards losers. Lays the groundwork for probabilistic task scheduling.

Mutation testing (#711) — mutmut integrated into CI via a dedicated workflow. Measures test effectiveness by injecting code mutations and checking that tests catch them.

Pentest harness (#713) — chaos-engineering-style security tests: adapter timeout behaviour, zombie agent cleanup, worktree creation failures, locked index recovery. Runs under tests/pentest/.

Cross-platform (Windows + macOS)

• Path.replace() instead of os.rename() for atomic checkpoint writes (Windows PermissionError fix).
• encoding='utf-8' added to 4 write_text / temp-file calls that defaulted to cp1252 on Windows.
• Unix-only tests (chmod, SIGKILL) now skip on Windows with @pytest.mark.skipif.
• Windows CI test step set to continue-on-error: true (non-blocking while the adapter ecosystem stabilises).

Security

• /status endpoint wrapped in _safe_call so a single broken metric field (like the resource import crash) returns a degraded response instead of 500 — prevents the watchdog from entering a restart loop that kills live agents.
• Watchdog restart counter now resets after 120 seconds of sustained uptime, so a single bad day doesn't permanently disable the watchdog.
• DLP scanner excludes its own source files from scanning (was producing guaranteed false positives that blocked legitimate merges).

Fixed

• 39 pytest.approx fixes across 8 test files (SonarCloud S1244 float-equality bugs).
• Quality gate pipeline order updated to include dlp_scan step.
• GPT-4 context limit test was using "gpt-5.4" as input (no prefix match) — fixed to "gpt-4".
• test_cross_platform_ci assertions updated for the new (Linux/macOS) / (Windows) step-name split.
• 3 new CLI commands (postmortem, slo, triggers) added to the README API coverage allowlist.
• typos.toml: rto (Recovery Time Objective) added to allowlist.

Full changelog: https://github.com/chernistry/bernstein/compare/v1.6.3...v1.6.4