fix: manual release workflow

.github/workflows/manual-release.yml

@@ -0,0 +1,43 @@
+name: Manual Release
+
+on:
+  workflow_dispatch:
+    inputs:
+      version:
+        description: 'Version to release (e.g., 0.4.1, 1.0.0)'
+        required: true
+        type: string
+
+permissions:
+  contents: write
+  id-token: write # required for npm trusted publishing
+
+jobs:
+  manual-release:
+    runs-on: ubuntu-latest
+
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+
+      - uses: pnpm/action-setup@v4
+        with:
+          version: 9
+
+      - uses: actions/setup-node@v5
+        with:
+          node-version: 20
+          registry-url: 'https://registry.npmjs.org'
+
+      - name: Install dependencies
+        run: pnpm install --frozen-lockfile
+
+      - name: Update version in package.json
+        run: npm version ${{ inputs.version }} --no-git-tag-version
+
+      - name: Build
+        run: pnpm build
+
+      - name: Publish to npm (trusted publishing)
+        run: npm publish --access public --provenance

.github/workflows/release.yml

@@ -27,7 +27,6 @@ jobs:
         with:
           version: 9
 
-      # 🔥 MUST use v5 to get npm 11.6+ which fixes the provenance/404 issue
       - uses: actions/setup-node@v5
         if: ${{ steps.release.outputs.release_created }}
         with:
@@ -42,7 +41,7 @@ jobs:
         if: ${{ steps.release.outputs.release_created }}
         run: pnpm build
 
-      # 🔥 Use npm for publish (pnpm cannot handle trusted publishing reliably)
+      # Use npm for publish (pnpm cannot handle trusted publishing reliably)
       - name: Publish to npm (trusted publishing)
         if: ${{ steps.release.outputs.release_created }}
         run: npm publish --access public --provenance