This release adds 2 notable features for engineering teams evaluating rollout.
✓ No known CVEs patched in this version
Topics
+11 more
Summary
AI summaryUpdates Known limitations, CI, and Unix-only across a mixed release.
Changes in this release
| Type | Severity | Summary | CVE |
|---|---|---|---|
| Feature | Medium |
`mureo configure` now uses correct Windows config path `%APPDATA%\ `mureo configure` now uses correct Windows config path `%APPDATA%\ Source: granite4.1:8b-q6_K@2026-05-19 Confidence: low |
— |
| Feature | Low |
New 'windows-latest' CI job verifies real Windows execution and guards against regressions. New 'windows-latest' CI job verifies real Windows execution and guards against regressions. Source: granite4.1:30b@2026-05-19-audit Confidence: low |
— |
| Bugfix | Medium |
`os.fchmod` crash on Windows fixed with `mureo/fsutil.py` secure_fchmod/secure_chmod implementation. `os.fchmod` crash on Windows fixed with `mureo/fsutil.py` secure_fchmod/secure_chmod implementation. Source: granite4.1:8b-q6_K@2026-05-19 Confidence: high |
— |
| Bugfix | Medium |
Interactive setup menu now degrades gracefully on non-Unix platforms (Windows, CI, pipes). Interactive setup menu now degrades gracefully on non-Unix platforms (Windows, CI, pipes). Source: granite4.1:8b-q6_K@2026-05-19 Confidence: high |
— |
| Bugfix | Medium |
CI regression guard added; POSIX-only assertions made platform-aware. CI regression guard added; POSIX-only assertions made platform-aware. Source: granite4.1:30b@2026-05-19-audit Confidence: low |
— |
| Bugfix | Low |
Stop-lifecycle test deflaked by stabilizing event-set race in CI matrix. Stop-lifecycle test deflaked by stabilizing event-set race in CI matrix. Source: granite4.1:30b@2026-05-19-audit Confidence: low |
— |
Full changelog
Fixed — Windows compatibility (#122)
mureo crashed on Windows. This release makes the core (CLI + mureo configure web UI) run on Windows, verified by a new real windows-latest CI job.
os.fchmodcrash (Unix-only) in every credential/config write path → newmureo/fsutil.py(secure_fchmod/secure_chmod): owner-only0o600on POSIX (byte-identical, no Linux/macOS change), best-effort never-raising no-op on Windows. NTFS confidentiality relies on the%USERPROFILE%profile ACL (documented best-effort).- Interactive setup menu (
simple_term_menu) imports Unix-onlytermiosand raisedNotImplementedErroron Windows, making the plain number-input fallback unreachable → both fallbacks nowexcept (ImportError, NotImplementedError)(also degrades gracefully in non-terminal envs: CI, pipes, PyCharm). mureo configureresolved the wrong Claude Desktop config path on Windows →host_pathsnow returns%APPDATA%\Claude\claude_desktop_config.json(macOS unchanged; Linux keeps the Code-style fallback — Claude Desktop has no Linux build).
CI
- Added a
windows-latestCI job — the real-Windows verification + an automatic regression guard. POSIX-only test assertions were made platform-aware. Also deflaked a stop-lifecycle test (event-set race) surfaced by the new matrix.
Known limitations (out of scope; not crashes)
mureo install-desktop(CLI) is still macOS-only by explicit design — a Windows launcher is a separate feature; it errors gracefully off macOS.- Real-desktop UX not exercisable by headless CI (browser auto-open, native file/folder picker dialog) is not yet end-to-end verified on Windows.
Full changelog: CHANGELOG.md
Weekly OSS security release digest.
The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.
No spam, unsubscribe anytime.
Share this release
About logly/mureo
Framework for AI agents (Claude Code, Cursor, Codex, Gemini) to operate Google Ads, Meta Ads, and Search Console. Grounded in a local STRATEGY.md — not metric-chasing. Defense-in-depth security, local-first. Apache 2.0.
Related context
Related tools
Beta — feedback welcome: [email protected]