FlowGraph — local-first knowledge-graph canvas + AI planner, run securely on your own machine.
Project description
FlowGraph — local server (flowgraphapp)
Run FlowGraph — the local-first knowledge-graph canvas + AI planner — on your own machine. Same app as flow-graph.com, served from a hardened localhost server; your data stays in your browser, and (optionally) your AI key stays in your OS keychain instead of the browser.
Install
From PyPI (once published):
pip install flowgraphapp # or, isolated: pipx install flowgraphapp
flowgraph # serves http://127.0.0.1:8765 and opens your browser
From source (works today, before the PyPI release):
# 1. build the frontend once
cd app && npm run build && cd ..
# 2. install the local server (use a venv or pipx to keep it isolated)
cd server && pip install .
# 3. run it
flowgraph
Stop with Ctrl-C. Options: flowgraph --port 0 (auto-pick a free port),
--no-open (don't open the browser), flowgraph --help.
Why local
- Offline / air-gapped — no Cloudflare, no network required for the app itself.
- Privacy / data locality — your graph lives in the browser's IndexedDB on this machine.
- On-device models — point at Ollama / LM Studio for zero-key, zero-cost AI.
- No size ceiling — not bound by hosting per-file limits as the app grows.
AI
Local-model-first: if a local runtime (Ollama :11434, LM Studio :1234) is reachable,
it's used with no key. Otherwise bring your own provider key — stored in the OS
keychain, used server-side, never sent to the browser:
flowgraph keys set anthropic # or openrouter / openai / google / deepseek
flowgraph keys list # shows source, never the key
Security (safe by default)
Binds loopback only (127.0.0.1); a per-session token is required (delivered via the
terminal + a 0600 file; the auto-opened URL carries a one-time ticket, never the token).
Host-header allow-listing blocks DNS-rebinding from websites you visit; Origin checks,
strict CSP, and security headers apply to every route. Exposing beyond loopback
(--allow-lan) requires TLS. See docs/18-local-server.md for the full threat model.
Updates
pip install -U flowgraphapp (or flowgraph upgrade) updates the app and server together;
your data is untouched. A calm one-line "update available" notice appears at startup —
disable with FLOWGRAPH_NO_UPDATE_CHECK=1.
Project details
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distributions
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file flowgraphapp-0.1.1-py3-none-any.whl.
File metadata
- Download URL: flowgraphapp-0.1.1-py3-none-any.whl
- Upload date:
- Size: 1.4 MB
- Tags: Python 3
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.13
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
b6f94013f09ce702269916230d7e51b51d9d87c853ddc13f17b6da1566ccd90f
|
|
| MD5 |
b60e2393e4a6885fea63572461e7dac5
|
|
| BLAKE2b-256 |
93aad9fd2f30df910f2485927c40dce71c797014d0b29f6d368266e5c9ae0b90
|
Provenance
The following attestation bundles were made for flowgraphapp-0.1.1-py3-none-any.whl:
Publisher:
publish.yml on ndsolaz/flowgraph
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
flowgraphapp-0.1.1-py3-none-any.whl -
Subject digest:
b6f94013f09ce702269916230d7e51b51d9d87c853ddc13f17b6da1566ccd90f - Sigstore transparency entry: 2014712429
- Sigstore integration time:
-
Permalink:
ndsolaz/flowgraph@10ef652979e0b1be7c6c095e6396da57c900015e -
Branch / Tag:
refs/tags/v0.1.1 - Owner: https://github.com/ndsolaz
-
Access:
private
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
publish.yml@10ef652979e0b1be7c6c095e6396da57c900015e -
Trigger Event:
release
-
Statement type: