chernistry/bernstein

v1.9.0 — IDE-native orchestration, self-supervising runs, credential vault

Ten features bundled in one release. The recurring theme: every one used to be glue you wrote yourself.

bernstein acp serve --stdio

Native Agent Client Protocol bridge — Bernstein is now a drop-in backend for Zed and any other ACP-aware editor. Same task store, same audit chain, same approval gates as the CLI; one block in your editor's settings.

bernstein autofix

Daemon that watches your Bernstein-opened PRs, pulls failing CI logs via gh run view --log-failed, and dispatches a fresh repair run scoped to the failure. Three-attempt cap per push SHA; flaky tests route to Sonnet, config bugs to Haiku, security to Opus. Every attempt HMAC-audited.

bernstein review-responder

GitHub review comments turn into Bernstein tasks scoped to the cited file/line. Comments arriving inside a configurable quiet window collapse into one round; one round = one commit + one summary reply. Always-allow gate is consulted before any commit lands.

bernstein preview start

Boots the agent's dev server inside the originating sandbox, captures the bound port, exposes it through the existing tunnel wrapper, and prints a shareable HTTPS URL with --expire and --auth basic|token|none. One command from "agent finished" to "send the link."

bernstein connect <provider> + bernstein creds

OS-keychain credential vault — macOS Keychain, Linux Secret Service, Windows Credential Manager. Provider registry covers GitHub PAT, Linear OAuth, Jira, Slack, Telegram. Existing from-ticket / chat serve / pr commands resolve via vault first with env-var fallback. Headless Linux gets an explicit AES-GCM --backend file opt-in.

bernstein fleet

Multi-project supervisor — TUI by default, web dashboard with --web :PORT. Reads ~/.config/bernstein/projects.toml, attaches to each project's task server over SSE, folds active runs / pending approvals / 7-day cost rollups into one screen. Bulk actions route through each project's CLI for audit parity.

bernstein notify + NotificationSink protocol

First-party drivers for Telegram, Slack, Discord, Email/SMTP, Webhook, Shell. Wired through the v1.8.15 lifecycle hooks — pre_task / post_task / pre_merge / post_merge / pre_spawn events fan out to any configured sink. Retry, dedup, dead-letter file, audit chain.

bernstein mcp catalog

Discoverable registry of installable MCP servers. Manifest fetched from https://bernstein.run/mcp-catalog.json with GitHub mirror fallback and ETag caching. The install command runs inside a sandbox first as a safety preview before touching your MCP config.

bernstein review --pipeline review.yaml

YAML-driven multi-phase review pipeline DSL. Declare ordered stages, each running N agents in parallel with their own role/model/adapter, with aggregator strategies per stage (any/all/majority/weighted) and a configurable final gatekeeper. Built-in templates ship under templates/review/. A 1-stage / 1-agent pipeline reproduces the previous single-pass verifier byte-for-byte.

Plan lifecycle

plans/active/ → plans/completed/ or plans/blocked/. On success the YAML moves with a generated ## Run summary block prepended (PR link, gate-result table, per-model cost breakdown, wall-clock + agent-time). Failures land in blocked/ with the failing stage and last error excerpt.

Install

pip install --upgrade 'bernstein>=1.9.0'

Container: ghcr.io/sipyourdrink-ltd/bernstein:1.9.0.

Full changelog: https://github.com/sipyourdrink-ltd/bernstein/compare/v1.8.15...v1.9.0