ci: add changesets, GitHub Actions workflows, and branch protection #1

	name: Publish

	on:
	push:
	branches: [main]
	paths:
	- package.json

	permissions:
	contents: write

	jobs:
	publish:
	runs-on: ubuntu-latest
	steps:
	- uses: actions/checkout@v4

	- uses: pnpm/action-setup@v4
	with:
	version: 9

	- uses: actions/setup-node@v4
	with:
	node-version: 20
	cache: pnpm
	registry-url: https://registry.npmjs.org

	- run: pnpm install --frozen-lockfile

	- name: Get version from package.json
	id: version
	run: echo "version=$(node -p "require('./package.json').version")" >> $GITHUB_OUTPUT

	- name: Check if tag exists
	id: tag_exists
	run: \|
	if git ls-remote --tags origin \| grep -q "refs/tags/v${{ steps.version.outputs.version }}$"; then
	echo "exists=true" >> $GITHUB_OUTPUT
	else
	echo "exists=false" >> $GITHUB_OUTPUT
	fi

	- name: Build
	if: steps.tag_exists.outputs.exists == 'false'
	run: pnpm build && pnpm build:toolbar

	- name: Create and push tag
	if: steps.tag_exists.outputs.exists == 'false'
	run: \|
	git config user.name "github-actions[bot]"
	git config user.email "github-actions[bot]@users.noreply.github.com"
	git tag v${{ steps.version.outputs.version }}
	git push origin v${{ steps.version.outputs.version }}

	- name: Publish to npm
	if: steps.tag_exists.outputs.exists == 'false'
	run: pnpm publish --no-git-checks
	env:
	NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}

	- name: Create GitHub Release
	if: steps.tag_exists.outputs.exists == 'false'
	uses: softprops/action-gh-release@v2
	with:
	tag_name: v${{ steps.version.outputs.version }}
	generate_release_notes: true
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

Provide feedback