4.3.0 #9

	name: CI

	on:
	push:
	branches: ['main']
	tags: ['v*']
	pull_request:
	branches: ['*']

	workflow_dispatch:

	concurrency:
	group: ${{ github.ref }}
	cancel-in-progress: true

	jobs:
	validate:
	runs-on: ubuntu-latest
	steps:
	- uses: actions/checkout@v6

	- uses: pnpm/action-setup@v5
	with:
	version: 10
	run_install: false

	- uses: actions/setup-node@v6
	with:
	node-version: 24
	cache: pnpm

	- run: pnpm install

	- run: pnpm validate

	- uses: SonarSource/sonarqube-scan-action@v7.0.0
	if: "!startsWith(github.ref, 'refs/tags/')"
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}

	publish:
	runs-on: ubuntu-latest
	if: startsWith(github.ref, 'refs/tags/v')
	needs: validate
	permissions:
	id-token: write
	contents: read
	steps:
	- uses: actions/checkout@v6

	- uses: pnpm/action-setup@v5
	with:
	version: 10
	run_install: false

	- uses: actions/setup-node@v6
	with:
	node-version: 24
	cache: pnpm
	registry-url: https://registry.npmjs.org

	- run: pnpm install

	- run: pnpm build

	- run: npm install -g npm@11

	- run: npm publish --provenance

Provide feedback