From 0a03ae2ce4f51fe44ffb2f0b3c34aaf695f0e4ab Mon Sep 17 00:00:00 2001 From: Mickey Scherrer <5324300+iicky@users.noreply.github.com> Date: Fri, 27 Mar 2026 23:17:27 -0400 Subject: [PATCH 01/10] bump to v0.4.1 --- Cargo.lock | 2 +- Cargo.toml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 8b882fa..75fe5e0 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -1303,7 +1303,7 @@ dependencies = [ [[package]] name = "murk-cli" -version = "0.4.0" +version = "0.4.1" dependencies = [ "age", "assert_cmd", diff --git a/Cargo.toml b/Cargo.toml index a962f93..cbd99a6 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "murk-cli" -version = "0.4.0" +version = "0.4.1" edition = "2024" rust-version = "1.89" description = "Encrypted secrets manager for developers — one file, age encryption, git-friendly" From 6b0256dc8227e611d4a25dd54e98ceb1aa7687eb Mon Sep 17 00:00:00 2001 From: Mickey Scherrer <5324300+iicky@users.noreply.github.com> Date: Fri, 27 Mar 2026 23:22:07 -0400 Subject: [PATCH 02/10] run wheel builds on PRs, keep publish tag-gated --- .github/workflows/python.yaml | 2 -- 1 file changed, 2 deletions(-) diff --git a/.github/workflows/python.yaml b/.github/workflows/python.yaml index 393dbc4..32c664f 100644 --- a/.github/workflows/python.yaml +++ b/.github/workflows/python.yaml @@ -47,7 +47,6 @@ jobs: wheels: name: Build wheels (${{ matrix.os }}) - if: startsWith(github.ref, 'refs/tags/v') needs: [lint, test] runs-on: ${{ matrix.os }} strategy: @@ -90,7 +89,6 @@ jobs: sdist: name: Build sdist - if: startsWith(github.ref, 'refs/tags/v') needs: [lint, test] runs-on: ubuntu-latest steps: From 5897ccbfeb033953149c412db7825c794c4974bc Mon Sep 17 00:00:00 2001 From: Mickey Scherrer <5324300+iicky@users.noreply.github.com> Date: Fri, 27 Mar 2026 23:28:39 -0400 Subject: [PATCH 03/10] fix aarch64 wheel build: add --find-interpreter, disable fail-fast --- .github/workflows/python.yaml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/python.yaml b/.github/workflows/python.yaml index 32c664f..85dd4a5 100644 --- a/.github/workflows/python.yaml +++ b/.github/workflows/python.yaml @@ -50,6 +50,7 @@ jobs: needs: [lint, test] runs-on: ${{ matrix.os }} strategy: + fail-fast: false matrix: include: - os: ubuntu-latest @@ -79,7 +80,7 @@ jobs: uses: PyO3/maturin-action@04ac600d27cdf7a9a280dadf7147097c42b757ad # v1 with: target: ${{ matrix.target }} - args: --release --out dist --features python + args: --release --out dist --features python --find-interpreter manylinux: auto - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 From 54f5189e3d1cb29a714fabec0314e64b6318db7d Mon Sep 17 00:00:00 2001 From: Mickey Scherrer <5324300+iicky@users.noreply.github.com> Date: Fri, 27 Mar 2026 23:44:25 -0400 Subject: [PATCH 04/10] add target to wheel build job names for clarity --- .github/workflows/python.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/python.yaml b/.github/workflows/python.yaml index 85dd4a5..0038159 100644 --- a/.github/workflows/python.yaml +++ b/.github/workflows/python.yaml @@ -46,7 +46,7 @@ jobs: pytest python/tests -v wheels: - name: Build wheels (${{ matrix.os }}) + name: Build wheels (${{ matrix.os }}, ${{ matrix.target }}) needs: [lint, test] runs-on: ${{ matrix.os }} strategy: From 76a8469740edc30f7e527d1052eaedcc1dbefef0 Mon Sep 17 00:00:00 2001 From: Mickey Scherrer <5324300+iicky@users.noreply.github.com> Date: Fri, 27 Mar 2026 23:54:16 -0400 Subject: [PATCH 05/10] use manylinux_2_28 for aarch64 to fix ring cross-compilation --- .github/workflows/python.yaml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/python.yaml b/.github/workflows/python.yaml index 0038159..de47294 100644 --- a/.github/workflows/python.yaml +++ b/.github/workflows/python.yaml @@ -57,6 +57,7 @@ jobs: target: x86_64 - os: ubuntu-latest target: aarch64 + manylinux: manylinux_2_28 - os: macos-14 target: x86_64 - os: macos-latest @@ -81,7 +82,7 @@ jobs: with: target: ${{ matrix.target }} args: --release --out dist --features python --find-interpreter - manylinux: auto + manylinux: ${{ matrix.manylinux || 'auto' }} - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 with: From de4efc8612a9f8cdc04315b84caa63c523841111 Mon Sep 17 00:00:00 2001 From: Mickey Scherrer <5324300+iicky@users.noreply.github.com> Date: Fri, 27 Mar 2026 23:55:56 -0400 Subject: [PATCH 06/10] trigger python workflow on workflow file changes --- .github/workflows/python.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/python.yaml b/.github/workflows/python.yaml index de47294..97268d4 100644 --- a/.github/workflows/python.yaml +++ b/.github/workflows/python.yaml @@ -10,6 +10,7 @@ on: - "pyproject.toml" - "murk.pyi" - "Cargo.toml" + - ".github/workflows/python.yaml" env: PYO3_USE_ABI3_FORWARD_COMPATIBILITY: "1" From fc86271fdc3c6535e2293d92f884e6e2d0f2ab61 Mon Sep 17 00:00:00 2001 From: Mickey Scherrer <5324300+iicky@users.noreply.github.com> Date: Fri, 27 Mar 2026 23:56:56 -0400 Subject: [PATCH 07/10] trigger CI From 06a1adfce54fd8e460933468e187bf88677329b6 Mon Sep 17 00:00:00 2001 From: Mickey Scherrer <5324300+iicky@users.noreply.github.com> Date: Fri, 27 Mar 2026 23:58:56 -0400 Subject: [PATCH 08/10] add PyPI badge to Python README --- python/README.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/python/README.md b/python/README.md index 0116e5e..e3e3da2 100644 --- a/python/README.md +++ b/python/README.md @@ -1,5 +1,7 @@ # murk-secrets +[![PyPI](https://img.shields.io/pypi/v/murk-secrets)](https://pypi.org/project/murk-secrets/) + Python bindings for [murk](https://github.com/iicky/murk) — an encrypted secrets manager for developers. murk stores encrypted secrets in a single `.murk` file safe to commit to git. This package lets Python apps read those secrets at runtime. From 3cec1ccf2f0c94f5a7e65cac2931367c16eeb049 Mon Sep 17 00:00:00 2001 From: Mickey Scherrer <5324300+iicky@users.noreply.github.com> Date: Sat, 28 Mar 2026 00:11:45 -0400 Subject: [PATCH 09/10] pass PYO3_USE_ABI3_FORWARD_COMPATIBILITY into Docker for aarch64 builds --- .github/workflows/python.yaml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/python.yaml b/.github/workflows/python.yaml index 97268d4..99debec 100644 --- a/.github/workflows/python.yaml +++ b/.github/workflows/python.yaml @@ -80,10 +80,13 @@ jobs: - name: Build wheels uses: PyO3/maturin-action@04ac600d27cdf7a9a280dadf7147097c42b757ad # v1 + env: + PYO3_USE_ABI3_FORWARD_COMPATIBILITY: "1" with: target: ${{ matrix.target }} args: --release --out dist --features python --find-interpreter manylinux: ${{ matrix.manylinux || 'auto' }} + docker-options: -e PYO3_USE_ABI3_FORWARD_COMPATIBILITY=1 - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 with: From 068aaf8dd2d99c0300e49e7ed2d6886b6d09b464 Mon Sep 17 00:00:00 2001 From: Mickey Scherrer <5324300+iicky@users.noreply.github.com> Date: Sat, 28 Mar 2026 00:17:48 -0400 Subject: [PATCH 10/10] pin python3.12 interpreter for wheel builds instead of auto-detect --- .github/workflows/python.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/python.yaml b/.github/workflows/python.yaml index 99debec..b257597 100644 --- a/.github/workflows/python.yaml +++ b/.github/workflows/python.yaml @@ -84,7 +84,7 @@ jobs: PYO3_USE_ABI3_FORWARD_COMPATIBILITY: "1" with: target: ${{ matrix.target }} - args: --release --out dist --features python --find-interpreter + args: --release --out dist --features python -i python3.12 manylinux: ${{ matrix.manylinux || 'auto' }} docker-options: -e PYO3_USE_ABI3_FORWARD_COMPATIBILITY=1