chiragmak10
diff --git a/‎.github/workflows/ci.yml‎
Lines changed: 12 additions & 13 deletions b/‎.github/workflows/ci.yml‎
Lines changed: 12 additions & 13 deletions
diff --git a/‎.github/workflows/codeql.yml‎
Lines changed: 40 additions & 0 deletions b/‎.github/workflows/codeql.yml‎
Lines changed: 40 additions & 0 deletions
diff --git a/‎.github/workflows/dependency-review.yml‎
Lines changed: 27 additions & 0 deletions b/‎.github/workflows/dependency-review.yml‎
Lines changed: 27 additions & 0 deletions
diff --git a/‎.github/workflows/release.yml‎
Lines changed: 41 additions & 10 deletions b/‎.github/workflows/release.yml‎
Lines changed: 41 additions & 10 deletions
@@ -3,7 +3,7 @@ name: CI
 on:
   push:
     branches: [master]
-  pull_request+:
+  pull_request:
     branches: [master]
 
 jobs:
@@ -24,20 +24,19 @@ jobs:
       - name: Install dependencies
         run: npm ci
 
-      - name: Check Types
-        run: npm run build
-
-      - name: Test Build
-        run: npm run build
-
 
-      - name: Test Build
-        run: npm run lint
-
-
-      - name: Test Build
+      - name: Run tests
         run: npm run test
 
-      - name: Test Build
+      - name: Build project
         run: npm run build
 
+      - name: Run tests with coverage
+        run: npm run test:coverage
+
+      - name: Upload coverage reports
+        uses: codecov/codecov-action@v4
+        if: always()
+        with:
+          token: ${{ secrets.CODECOV_TOKEN }}
+          fail_ci_if_error: false
@@ -0,0 +1,40 @@
+name: CodeQL Security Analysis
+
+on:
+  push:
+    branches: [master]
+  pull_request:
+    branches: [master]
+ 
+permissions:
+  actions: read
+  contents: read
+  security-events: write
+
+jobs:
+  analyze:
+    name: Analyze Code
+    runs-on: ubuntu-latest
+
+    strategy:
+      fail-fast: false
+      matrix:
+        language: ['javascript']
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Initialize CodeQL
+        uses: github/codeql-action/init@v3
+        with:
+          languages: ${{ matrix.language }}
+          queries: +security-and-quality
+
+      - name: Autobuild
+        uses: github/codeql-action/autobuild@v3
+
+      - name: Perform CodeQL Analysis
+        uses: github/codeql-action/analyze@v3
+        with:
+          category: "/language:${{ matrix.language }}"
@@ -0,0 +1,27 @@
+name: Dependency Review
+
+on:
+  pull_request:
+    branches: [master]
+
+permissions:
+  contents: read
+  pull-requests: write
+
+jobs:
+  dependency-review:
+    name: Review Dependencies
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Dependency Review
+        uses: actions/dependency-review-action@v4
+        with:
+          # Fail on critical or high severity vulnerabilities
+          fail-on-severity: moderate
+          # Deny these copyleft licenses
+          deny-licenses: GPL-3.0, AGPL-3.0, LGPL-3.0
+          comment-summary-in-pr: always
@@ -1,20 +1,27 @@
 name: Release
 
 on:
-  release:
-    types: [created]
+  push:
+    tags:
+      - 'v*.*.*'           # Matches v1.0.0, v1.2.3, etc.
+      - 'v*.*.*-beta.*'    # Matches v1.0.0-beta.1, etc.
+
+permissions:
+  contents: write
+  issues: write
+  pull-requests: write
+  id-token: write
 
 jobs:
-  publish:
-    name: Publish to npm
+  release:
+    name: Build and Publish Release
     runs-on: ubuntu-latest
-    permissions:
-      contents: read
-      id-token: write
 
     steps:
-      - name: Checkout repository
+      - name: Checkout
         uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
 
       - name: Setup Node.js
         uses: actions/setup-node@v4
@@ -28,8 +35,32 @@ jobs:
       - name: Build
         run: npm run build
 
-      - name: Publish
-        run: npm publish
+      - name: Run tests
+        run: npm test
+
+      - name: Extract version from tag
+        id: get_version
+        run: |
+          echo "VERSION=${GITHUB_REF#refs/tags/v}" >> $GITHUB_OUTPUT
+          echo "TAG=${GITHUB_REF#refs/tags/}" >> $GITHUB_OUTPUT
+
+      - name: Update package.json version
+        run: npm version ${{ steps.get_version.outputs.VERSION }} --no-git-tag-version --allow-same-version
+
+      - name: Publish to NPM
+        run: |
+          if [[ "${{ steps.get_version.outputs.VERSION }}" == *"beta"* ]]; then
+            npm publish --tag beta
+          else
+            npm publish --tag latest
+          fi
         env:
           NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
 
+      - name: Create GitHub Release
+        uses: softprops/action-gh-release@v1
+        with:
+          generate_release_notes: true
+          prerelease: ${{ contains(steps.get_version.outputs.VERSION, 'beta') }}
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}