diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 10b3c8c..8e9497e 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -242,42 +242,40 @@ jobs:
         run: |
           set -euxo pipefail
           sudo apt-get -y update
-          # toolchain needed by bindgen & vendored C builds
           sudo apt-get -y install clang llvm-dev libclang-dev pkg-config cmake make build-essential musl-tools
-          # install the external bindgen that aws-lc-sys can call
-          cargo install --locked bindgen-cli
-          # make libclang discoverable to bindgen
-          echo "LIBCLANG_PATH=$(llvm-config --libdir)" >> "$GITHUB_ENV"
+          # force install to avoid stale cache issues
+          cargo install --force --locked bindgen-cli
           echo "$HOME/.cargo/bin" >> "$GITHUB_PATH"
-          # sanity check (fail early if not visible)
+          # help bindgen find libclang
+          echo "LIBCLANG_PATH=$(llvm-config --libdir)" >> "$GITHUB_ENV"
+          # quick visibility checks (fail early if missing)
+          which bindgen
           bindgen --version
           clang --version
 
-      - name: Configure bindgen target flags (musl)
+      - name: Configure bindgen target flags for musl cross-compile
         if: matrix.job.os == 'ubuntu-latest' && contains(matrix.job.target, 'musl')
         shell: bash
         run: |
-          set -euxo pipefail
-          case "${{ matrix.job.target }}" in
+          set -euo pipefail
+          triple='${{ matrix.job.target }}'
+          # Bindgen needs explicit target to avoid host header confusion
+          echo "BINDGEN_EXTRA_CLANG_ARGS_${triple//-/_}=--target=$triple" >> "$GITHUB_ENV"
+          # CC hints help any C sub-builds in the tree
+          case "$triple" in
             x86_64-unknown-linux-musl)
-              echo "BINDGEN_EXTRA_CLANG_ARGS_x86_64_unknown_linux_musl=--target=x86_64-unknown-linux-musl" >> "$GITHUB_ENV"
               echo "CC_x86_64_unknown_linux_musl=musl-gcc" >> "$GITHUB_ENV"
               ;;
             aarch64-unknown-linux-musl)
-              # provided by your cross toolchain action
-              echo "BINDGEN_EXTRA_CLANG_ARGS_aarch64_unknown_linux_musl=--target=aarch64-unknown-linux-musl" >> "$GITHUB_ENV"
               echo "CC_aarch64_unknown_linux_musl=aarch64-linux-musl-gcc" >> "$GITHUB_ENV"
               ;;
             arm-unknown-linux-musleabihf)
-              echo "BINDGEN_EXTRA_CLANG_ARGS_arm_unknown_linux_musleabihf=--target=arm-unknown-linux-musleabihf" >> "$GITHUB_ENV"
               echo "CC_arm_unknown_linux_musleabihf=arm-linux-musleabihf-gcc" >> "$GITHUB_ENV"
               ;;
             armv7-unknown-linux-musleabihf)
-              echo "BINDGEN_EXTRA_CLANG_ARGS_armv7_unknown_linux_musleabihf=--target=armv7-unknown-linux-musleabihf" >> "$GITHUB_ENV"
               echo "CC_armv7_unknown_linux_musleabihf=armv7-linux-musleabihf-gcc" >> "$GITHUB_ENV"
               ;;
           esac
-          # helpful when linking C sub-builds
           echo "PKG_CONFIG_ALLOW_CROSS=1" >> "$GITHUB_ENV"
 
       - name: OpenSSL (vendored) toolchain for musl
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 9656167..7c55828 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -9,35 +9,3 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ### Other
 - Initial test release of the `gman` project.
-
-## v0.0.2 (2025-09-13)
-
-### Fix
-
-- Revert back hacky stuff so I can test with act now
-- Attempting to use pre-generated bindgens for the aws-lc-sys library
-- Install openSSL differently to make this work
-- Address edge case for unknown_musl targets
-- Install LLVM prereqs for release flow
-- Updated the release flow to install the external bindgen-cli
-
-## v0.0.1 (2025-09-12)
-
-### Feat
-
-- Azure Key Vault support
-- GCP Secret Manager support
-- Full AWS SecretsManager support
-- AWS Secrets Manager support
-- Added two new flags to output where gman writes logs to and where it expects the config file to live
-
-### Fix
-
-- Made the vault file location more fault tolerant
-- Attempting to maybe be a bit more explicit about config file handling to fix MacOS tests
-
-### Refactor
-
-- Refactor configuration structs directly into the provider definition to simplify validation, structs, and future extensions
-- Made the creation of the log directories a bit more fault tolerant
-- Renamed the provider field in a config file to type to make things a little easier to understand; also removed husky
diff --git a/Cargo.lock b/Cargo.lock
index 3bcb79a..e85ede4 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -1576,13 +1576,14 @@ checksum = "0cc23270f6e1808e30a928bdc84dea0b9b4136a8bc82338574f23baf47bbd280"
 
 [[package]]
 name = "gman"
-version = "0.0.2"
+version = "0.0.1"
 dependencies = [
  "anyhow",
  "argon2",
  "assert_cmd",
  "async-trait",
  "aws-config",
+ "aws-lc-sys",
  "aws-sdk-secretsmanager",
  "azure_identity",
  "azure_security_keyvault_secrets",
diff --git a/Cargo.toml b/Cargo.toml
index 9f5ceb0..a7b8868 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "gman"
-version = "0.0.2"
+version = "0.0.1"
 edition = "2024"
 authors = ["Alex Clarke <alex.j.tusa@gmail.com>"]
 description = "Universal secret management and injection tool"
@@ -60,6 +60,7 @@ azure_identity = "0.27.0"
 azure_security_keyvault_secrets = "0.6.0"
 openssl = { version = "0.10", features = ["vendored"] }
 openssl-sys = { version = "0.9", features = ["vendored"] }
+aws-lc-sys = { version = "0.31.0", features = ["bindgen"] }
 
 [dev-dependencies]
 pretty_assertions = "1.4.1"