diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 626a457..e3ed4d6 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -59,6 +59,11 @@ jobs:
     name: Release
     runs-on: ubuntu-latest
     needs: verify
+    permissions:
+      contents: write # to be able to publish a GitHub release
+      issues: write # to be able to comment on released issues
+      pull-requests: write # to be able to comment on released pull requests
+      id-token: write # to enable use of OIDC for npm provenance
     steps:
       - name: Checkout
         uses: actions/checkout@v3
@@ -88,16 +93,7 @@ jobs:
       - name: Build
         run: pnpm build
       - name: Semantic Release
-        uses: cycjimmy/semantic-release-action@v3
-        with:
-          extra_plugins: |
-            @semantic-release/changelog
-            @semantic-release/commit-analyzer
-            @semantic-release/exec
-            @semantic-release/git
-            @semantic-release/github
-            @semantic-release/npm
-            @semantic-release/release-notes-generator
+        run: pnpm run release
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
           NPM_TOKEN: ${{ secrets.NPM_TOKEN }}