fix: add explicit support for prerelease tags while maintaining security

- Keep secure numeric-only patterns (rejecting unsafe CodeRabbit suggestion v*.*.*)
- Add explicit patterns for common prerelease formats:
  - v1.2.3-rc1, v1.2.3-rc2 (release candidates)
  - v1.2.3-beta.1, v1.2.3-beta.2 (beta releases)
  - v1.2.3-alpha.1, v1.2.3-alpha.2 (alpha releases)
- Maintain backwards compatibility with existing patterns
- General v[0-9]+.[0-9]+.[0-9]+-* pattern still covers other formats

This ensures -rc1 support while preventing dangerous patterns like v*.*.*
that could match malicious strings like vMALICIOUS.CODE.INJECTION-hack.

Author: jleni

.github/workflows/publish.yml

@@ -9,6 +9,10 @@ on:
       - "v[0-9]+.[0-9]+"
       - "v[0-9]+.[0-9]+.[0-9]+"
       - "v[0-9]+.[0-9]+.[0-9]+-*"
+      # Explicit patterns for common prerelease formats
+      - "v[0-9]+.[0-9]+.[0-9]+-rc[0-9]+"
+      - "v[0-9]+.[0-9]+.[0-9]+-beta.[0-9]+"
+      - "v[0-9]+.[0-9]+.[0-9]+-alpha.[0-9]+"
 
 concurrency:
   group: ${{ github.workflow }}-${{ github.ref }}