feat(release): move npm publish to github actions

.github/workflows/release.yml

@@ -0,0 +1,84 @@
+name: Manual Release
+
+on:
+    workflow_dispatch:
+        inputs:
+            bump:
+                description: 'Version bump type (used if release_version is empty)'
+                type: choice
+                options:
+                    - major
+                    - minor
+                    - patch
+                    - prerelease
+                required: false
+            release_version:
+                description: 'Semver version to release (must be > current root version)'
+                required: false
+
+permissions:
+    contents: write
+    pull-requests: write
+    id-token: write
+    packages: write
+
+jobs:
+    release:
+        # Allow only on master, spring*, summer*, winter*;
+        if: ${{ github.repository_owner == 'salesforce' && (github.ref_name == 'master' || startsWith(github.ref_name, 'spring') || startsWith(github.ref_name, 'summer') || startsWith(github.ref_name, 'winter')) }}
+        environment: release
+        runs-on: ubuntu-latest
+        steps:
+            - name: Checkout
+              uses: actions/checkout@v4
+              with:
+                  fetch-depth: 0
+
+            - name: Setup Node
+              uses: actions/setup-node@v4
+              with:
+                  node-version: '20'
+                  registry-url: 'https://registry.npmjs.org'
+                  cache: 'yarn'
+
+            - name: Install dependencies
+              run: yarn install --frozen-lockfile
+
+            - name: Resolve version input
+              id: resolve_version
+              run: |
+                  RELEASE_VERSION='${{ inputs.release_version }}'
+                  if [ -z "$RELEASE_VERSION" ]; then
+                    RELEASE_VERSION='${{ inputs.bump }}'
+                  fi
+                  echo "resolved=$RELEASE_VERSION" >> "$GITHUB_OUTPUT"
+
+            - name: Bump versions and commit
+              env:
+                  INPUT_VERSION: ${{ steps.resolve_version.outputs.resolved }}
+              run: |
+                  git config user.name "github-actions[bot]"
+                  git config user.email "41898282+github-actions[bot]@users.noreply.github.com"
+                  node ./scripts/release/version.js "$INPUT_VERSION"
+                  RESOLVED_VERSION=$(jq -r .version package.json)
+                  git commit -am "chore: release v$RESOLVED_VERSION"
+                  git push origin HEAD
+
+            - name: Build
+              run: yarn build
+
+            - name: Tag and create GitHub release
+              env:
+                  GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+              run: |
+                  VERSION=$(jq -r .version package.json)
+                  git tag -a "v$VERSION" -m "Release v$VERSION"
+                  git push origin tag "v$VERSION"
+                  gh release create "v$VERSION" --title "v$VERSION" --generate-notes
+
+            - name: Publish to npm
+              env:
+                  NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
+              run: |
+                  TAG=$([ "$GITHUB_REF_NAME" = "master" ] && echo latest || echo "$GITHUB_REF_NAME")
+                  yarn nx release publish --yes --registry https://registry.npmjs.org --tag "$TAG"