build: use tokenless release #1

	name: Release

	on:
	push:
	branches:
	- main
	- release/*
	- next

	jobs:
	release:
	runs-on: ubuntu-latest
	permissions:
	id-token: write # to enable use of OIDC for npm provenance
	steps:
	- uses: actions/checkout@v5
	with:
	fetch-depth: 0 # semantic-release needs this
	token: ${{ secrets.ELEMENT_BOT_GITHUB_TOKEN }} # Otherwise, branch protection rules are not bypassed.
	- uses: actions/setup-node@v6
	with:
	node-version: 24.x
	cache: 'npm'
	- run: npm ci
	- run: npm run build
	- name: Semantic Release
	run: npx semantic-release
	env:
	GIT_AUTHOR_NAME: 'Siemens Element Bot'
	GIT_AUTHOR_EMAIL: '[email protected]'
	GIT_COMMITTER_NAME: 'Siemens Element Bot'
	GIT_COMMITTER_EMAIL: '[email protected]'
	GITHUB_TOKEN: ${{ secrets.ELEMENT_BOT_GITHUB_TOKEN }}

Provide feedback