name: Release and Publish
on:
  push:
    branches:
      - main
permissions:
  contents: write
  issues: write
  pull-requests: write
  id-token: write  # Required for npm provenance
jobs:
  release:
    name: Release
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
        uses: actions/checkout@v4
        with:
          fetch-depth: 0
          persist-credentials: false
      - name: Setup Node.js
        uses: actions/setup-node@v4
        with:
          node-version: 'lts/*'
      - name: Install dependencies
        run: npm ci
      - name: Build
        run: npm run res:build
      - name: Run tests
        run: npm run test:ci
      - name: Release
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        run: npx semantic-release