# Bernstein > Deterministic Python scheduler that orchestrates multiple CLI coding agents in parallel git worktrees, with an HMAC-signed audit chain and lint/type/test merge gates. Bernstein is an open-source, Apache 2.0-licensed Python tool built by Alex Chernysh that runs a crew of CLI coding agents—Claude Code, Codex, Gemini CLI, and 40+ more—against a single goal in parallel git worktrees. The scheduler itself contains no LLM; every routing and merge decision is deterministic Python, replayable from an HMAC-SHA256-chained audit log. As of v2.7.0 (May 2026), the project reports over 157,000 installs and 577 GitHub stars. ## What It Is Bernstein sits in the multi-agent orchestration category, specifically targeting CLI coding agents rather than generic LLM workflows. You give it a goal; it decomposes that goal into tasks (one LLM call), spawns each task into an isolated git worktree, runs agents in parallel, then gates every merge on lint, type checks, and tests. Only verified diffs land in main. The orchestrator is plain Python—no LLM tokens spent on scheduling, no SaaS hop, no third-party data plane. ## Four-Stage Pipeline Every Bernstein run follows the same four stages: - **Decompose** — the manager breaks the goal into tasks with roles, owned files, and completion signals via a single LLM call. - **Spawn** — each task gets its own isolated git worktree; agents run in parallel without touching each other's branches. - **Verify** — the janitor checks concrete signals: tests pass, files exist, lint clean, types correct. - **Merge** — only verified diffs land in main; failed tasks are retried or routed to a different model via an epsilon-greedy contextual bandit. ## Audit and Security Architecture The audit surface is a core design goal. Bernstein writes one HMAC-SHA256 record per scheduling decision to `.sdd/audit/YYYY-MM-DD.jsonl` per RFC 2104; each entry references the previous hash, making tampering detectable. Signed agent cards use detached JWS (RFC 7515) over RFC 8785 canonicalization with Ed25519 keys. Per-artefact lineage records every file write linked back to producer, inputs, prompt SHA, model, and cost. The project maps these controls to EU AI Act Article 12, SOC 2 CC4/CC7, DORA/NIS2, and OWASP ASI06—described as mappings, not certifications. ## Adapter Coverage and Deployment Flexibility The project ships 46 CLI adapters (as of the homepage stat), including Claude Code, Codex CLI, Gemini CLI, GitHub Copilot CLI, Cursor, Aider, Devin Terminal, OpenHands, Plandex, AWS Q Developer, Ollama+Aider, and a generic `--prompt` wrapper for any CLI tool. Deployment targets include a local laptop, on-prem behind a firewall, Cloudflare Workers (via `bernstein cloud`), Kubernetes multi-node clusters, and air-gapped environments installable from a signed wheelhouse with `--profile airgap`. Sandbox backends are pluggable: git worktree, Docker, E2B microVMs, and Modal. ## Update: v2.7.0 and the 2.x Series The latest release is v2.7.0, published May 24, 2026. A May 2026 blog recap of the 2.x series describes thirteen releases consolidated into nine themes: a per-artefact transparency log with Ed25519 signatures, ten tracker adapters (Jira to Plane), A2A capability cards, MCP client and server hardening, a Playwright sandbox for UI agents, a secrets broker, SBOM and OSSF Scorecard supply-chain coverage, calibrated cost guards, and a web UI plus PWA shipped in the wheel. The web UI (`bernstein gui serve`) runs at `http://127.0.0.1:8052/ui/` with a Vite bundle committed to the wheel so no Node toolchain is required at runtime. The project also ships a VS Code extension on the VS Marketplace and Open VSX. ## Who It Is and Is Not For The README explicitly scopes the audience: engineering teams running three or more CLI coding agents in parallel, operators with compliance-sensitive workflows who need a tamper-evident audit log without a SaaS data plane, and platform teams that need per-decision auditability. It explicitly excludes single-agent pair-programming use cases, non-coding tasks (research, writing, data pipelines), teams that want a SaaS wrapper, and research-style emergent-collaboration scenarios where the deterministic scheduler would be a constraint rather than a feature. ## Features - 46 CLI agent adapters (Claude Code, Codex, Gemini CLI, Aider, and 40+ more) - Parallel execution in isolated git worktrees - Deterministic Python scheduler — no LLM in the coordination loop - HMAC-SHA256 chained audit log per RFC 2104 - Signed agent cards with Ed25519/EdDSA keys (RFC 7515, RFC 8785) - Per-artefact lineage records (producer, inputs, prompt SHA, model, cost) - Lint, type check, and test merge gates via janitor - Epsilon-greedy contextual bandit for model routing and cost optimization - YAML workflow manifests with DAG support - Web UI (bernstein gui serve) with PWA, shipped in the wheel - Cloudflare Workers cloud execution backend - Air-gap deployment with signed wheelhouse and --profile airgap - Pluggable sandbox backends: worktree, Docker, E2B, Modal - Pluggable artifact sinks: local, S3, GCS, Azure Blob, R2 - MCP server mode - Bearer-token task server with per-session zero-trust JWT - 10 tracker adapters (Jira, Linear, GitHub Issues, Plane, and more) - bernstein autofix daemon for CI failure remediation - Chat-driven runs via Telegram, Discord, Slack - VS Code extension (VS Marketplace and Open VSX) ## Integrations Claude Code (Anthropic), Codex CLI (OpenAI), Gemini CLI (Google), GitHub Copilot CLI, Cursor, Aider, Devin Terminal (Cognition), Amp (Sourcegraph), Cody (Sourcegraph), Continue, Goose (Block), OpenHands, Open Interpreter, Plandex, AWS Q Developer, Ollama, Junie (JetBrains), Kilo, Kiro, OpenCode, Qwen Code, AIChat, Letta Code, gptme, Cloudflare Workers, Cloudflare Durable Objects, Cloudflare R2, Cloudflare D1, Docker, E2B, Modal, Kubernetes, S3 (boto3), Google Cloud Storage, Azure Blob Storage, Jira, Linear, GitHub Issues, Plane, Playwright, OpenTelemetry (OTEL), Datadog, Splunk, Terraform, Pulumi ## Platforms WINDOWS, MACOS, LINUX, WEB, API, VSC_EXTENSION, JETBRAINS_PLUGIN, CLI ## Pricing Open Source ## Version v2.7.0 ## Links - Website: https://bernstein.run - Documentation: https://bernstein.readthedocs.io/ - Repository: https://github.com/sipyourdrink-ltd/bernstein - EveryDev.ai: https://www.everydev.ai/tools/bernstein