🔐 update workflow permissions #11

	name: 'Publish NPM Package'

	on:
	push:
	branches:
	- main

	jobs:
	publish:
	runs-on: ubuntu-latest
	steps:
	- uses: actions/checkout@v2
	with:
	fetch-depth: 0

	- name: Setup Node.js
	uses: actions/setup-node@v2
	with:
	node-version: '20'
	registry-url: 'https://registry.npmjs.org'

	- name: Install Dependencies
	run: npm install

	- name: Run Tests
	run: npm test

	- name: Check the version
	id: check
	run: \|
	CURRENT_VERSION=$(jq -r .version package.json)
	LATEST_TAG=$(git describe --tags --abbrev=0 2>\dev\null \|\| echo "v0.0.0")
	echo "Latest Tag: $LATEST_TAG"

	LATEST_VERSION=${LATEST_TAG#v}

	if [ "$LATEST_VERSION" != "$CURRENT_VERSION" ]; then
	echo "version_changed=true" >> $GITHUB_OUTPUT
	echo "new_version=$CURRENT_VERSION" >> $GITHUB_OUTPUT
	else
	echo "version_changed=false" >> $GITHUB_OUTPUT
	fi

	- name: Build
	run: npm run build
	if: steps.check.outputs.version_changed == 'true'

	- name: Publish
	run: npm publish --access public --no-git-checks
	if: steps.check.outputs.version_changed == 'true'
	env:
	NODE_AUTH_TOKEN: ${{secrets.NPM_AUTH_TOKEN}}

	- name: Create Release
	if: steps.check.outputs.version_changed == 'true'
	run: \|
	git config --local user.email "github-actions[bot]@users.noreply.github.com"
	git config --local user.name "github-actions[bot]"
	git tag -a "v${{ steps.check.outputs.new_version }}" -m "Release v${{ steps.check.outputs.new_version }}"
	git push origin "v${{ steps.check.outputs.new_version }}"

Provide feedback