v1.0.0
The Brain v1.0 — initial stable release.
The workflow runtime for the MihaiBuilds ecosystem. Self-hosted,
Postgres-backed, open-source.
What's in v1.0
- Workflow runner — Python-defined workflows with named steps,
textual {previous.X} / {trigger.X} substitution, per-step
subprocess isolation for shell and MCP steps. - Four step types — ShellStep, LLMStep (OpenAI-compatible, LM
Studio first-class), MemoryVaultStep (REST), McpToolStep (stdio). - Four trigger types — manual (CLI), cron (scheduler daemon),
webhook (HMAC-signed POST), file (watcher daemon). - HTTP API — FastAPI with THE_BRAIN_API_TOKEN bearer auth,
/health, /runs, /webhooks/{workflow}. - CLI — brain run / history / show / status / migrate / serve /
watch / register-webhook / diagnose / --version. - Structured logging — structlog wired to stdlib, JSON or keyvalue
renderer via LOG_FORMAT, run_id binding via bind_run_id(). - Diagnostic bundler — brain diagnose produces a redacted zip with
recent logs, environment, and Docker state for bug reports.
DB_PASSWORD, LLM_API_KEY, MEMORY_VAULT_TOKEN, and
THE_BRAIN_API_TOKEN are presence-only (name only, no value). - One-command Docker — Compose profiles for api and watcher;
multi-arch images at ghcr.io/mihaibuilds/the-brain. - MIT-licensed.
Getting started
docker compose --profile api up -d
brain register-webhook my-workflow
See the README for the full setup walkthrough and ARCHITECTURE.md
for the design overview.
Security
See SECURITY.md for the threat model, supported versions, the
coordinated disclosure policy, and the trust posture for workflow
inputs flowing through the substitution model.
Verified by 363 tests against a real Postgres, lint + ruff format,
CodeQL security-extended scan, and bandit -r src/ at zero medium-
or high-severity findings.