diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 9885366..9b85d71 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -1,14 +1,19 @@
-name: release
+name: Release (tag)
 
 on:
-  release:
-    types: [created]
+  push:
+    tags:
+      - 'v*'
+
+permissions:
+  contents: write
 
-concurrency: ${{ github.workflow }}-${{ github.ref }}
+concurrency:
+  group: release-${{ github.ref_name }}
+  cancel-in-progress: false
 
 jobs:
   release:
-    name: Publish to npm
     runs-on: ubuntu-latest
 
     steps:
@@ -20,10 +25,34 @@ jobs:
       - name: Setup repo
         uses: ./.github/actions
 
-      - name: Build
-        run: npm run build
+      - name: Read package.json
+        id: pkg
+        run: |
+          NAME=$(node -p "require('./package.json').name")
+          VERSION=$(node -p "require('./package.json').version")
+          echo "name=$NAME" >> $GITHUB_OUTPUT
+          echo "version=$VERSION" >> $GITHUB_OUTPUT
+
+      - name: Verify tag matches package.json version
+        run: |
+          TAG=${GITHUB_REF_NAME#v}
+          if [ "$TAG" != "${{ steps.pkg.outputs.version }}" ]; then
+            echo "❌ Tag ($TAG) does not match package.json version (${{ steps.pkg.outputs.version }})"
+            exit 1
+          fi
 
-      - name: Publish
+      - name: Publish to npm
         run: npm publish --access public
         env:
           NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
+
+      - name: Publish release 🚀
+        uses: softprops/action-gh-release@v2
+        with:
+          tag_name: ${{ github.ref_name }}
+          name: ${{ steps.pkg.outputs.name }}@${{ steps.pkg.outputs.version }}
+          draft: false
+          prerelease: false
+          generate_release_notes: true
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
\ No newline at end of file