From 465974101ff8ec40fd1767e2918859eec6fc8604 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jos=C3=A9=20Ignacio=20Escribano?=
 <jiep@users.noreply.github.com>
Date: Sun, 22 Mar 2026 15:37:27 +0000
Subject: [PATCH 1/3] Add inmutable releases

---
 .github/workflows/release.yml | 28 +++++++++++++++-------------
 1 file changed, 15 insertions(+), 13 deletions(-)

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 030c12e..06a5a87 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -27,22 +27,24 @@ jobs:
       attestations: write
     needs: build
     steps:
-    - name: Checkout repository
-      uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-
-    - name: Python Setup and Install Dependencies
-      uses: ./.github/actions/python-setup-action
+    - name: Download built wheel artifact
+      uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
       with:
-        python-version: "3.12"
-
-    - name: Build the package
-      run: python -m build
+        name: wheel-package
+        path: dist
 
     - name: Create GitHub Release
-      uses: ncipollo/release-action@339a81892b84b4eeb0f6e744e4574d79d0d9b8dd # v1.21.0
-      with:
-        artifacts: "dist/*"
-        generateReleaseNotes: true
+      env:
+        GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        REPO: ${{ github.repository }}
+        TAG: ${{ github.ref_name }}
+      run: |
+        if gh release view "$TAG" --repo "$REPO" >/dev/null 2>&1; then
+          echo "Release $TAG already exists. Skipping."
+          exit 0
+        fi
+
+        gh release create "$TAG" dist/* --repo "$REPO" --verify-tag --title "$TAG" --generate-notes
 
     - name: Generate attestation
       uses: actions/attest-build-provenance@a2bbfa25375fe432b6a289bc6b6cd05ecd0c4c32 # v4.1.0

From e8cf22b6b064ca3265c3c09776bbcf7c743f145a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jos=C3=A9=20Ignacio=20Escribano?=
 <jiep@users.noreply.github.com>
Date: Sun, 22 Mar 2026 15:43:09 +0000
Subject: [PATCH 2/3] Fix error

---
 .github/workflows/release.yml | 24 ++++++++++++++++++------
 1 file changed, 18 insertions(+), 6 deletions(-)

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 06a5a87..46d788a 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -27,26 +27,38 @@ jobs:
       attestations: write
     needs: build
     steps:
+    - name: Check if release exists
+      id: release_check
+      env:
+        GH_TOKEN: ${{ github.token }}
+        REPO: ${{ github.repository }}
+        TAG: ${{ github.ref_name }}
+      run: |
+        if gh release view "$TAG" --repo "$REPO" >/dev/null 2>&1; then
+          echo "Release $TAG already exists. Skipping."
+          echo "create_release=false" >> "$GITHUB_OUTPUT"
+        else
+          echo "create_release=true" >> "$GITHUB_OUTPUT"
+        fi
+
     - name: Download built wheel artifact
+      if: steps.release_check.outputs.create_release == 'true'
       uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
       with:
         name: wheel-package
         path: dist
 
     - name: Create GitHub Release
+      if: steps.release_check.outputs.create_release == 'true'
       env:
-        GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        GH_TOKEN: ${{ github.token }}
         REPO: ${{ github.repository }}
         TAG: ${{ github.ref_name }}
       run: |
-        if gh release view "$TAG" --repo "$REPO" >/dev/null 2>&1; then
-          echo "Release $TAG already exists. Skipping."
-          exit 0
-        fi
-
         gh release create "$TAG" dist/* --repo "$REPO" --verify-tag --title "$TAG" --generate-notes
 
     - name: Generate attestation
+      if: steps.release_check.outputs.create_release == 'true'
       uses: actions/attest-build-provenance@a2bbfa25375fe432b6a289bc6b6cd05ecd0c4c32 # v4.1.0
       with:
         subject-path: "dist/*"

From ba0344be324bd82df0038b8e7643721c86f7cb7d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jos=C3=A9=20Ignacio=20Escribano?=
 <jiep@users.noreply.github.com>
Date: Sun, 22 Mar 2026 15:48:57 +0000
Subject: [PATCH 3/3] Improve release workflow

---
 .github/workflows/release.yml | 53 ++++++++++++++++++++++-------------
 1 file changed, 33 insertions(+), 20 deletions(-)

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 46d788a..c561104 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -8,48 +8,62 @@ on:
       - "v*"
 
 jobs:
+  precheck:
+    runs-on: ubuntu-latest
+    outputs:
+      create_release: ${{ steps.release_check.outputs.create_release }}
+    steps:
+    - name: Check if release exists
+      id: release_check
+      env:
+        GH_TOKEN: ${{ github.token }}
+        REPO: ${{ github.repository }}
+        TAG: ${{ github.ref_name }}
+      run: |
+        if gh release view "$TAG" --repo "$REPO" >/dev/null 2>&1; then
+          echo "Release $TAG already exists. Skipping expensive jobs."
+          echo "create_release=false" >> "$GITHUB_OUTPUT"
+        else
+          echo "create_release=true" >> "$GITHUB_OUTPUT"
+        fi
+
   test:
+    needs: precheck
+    if: needs.precheck.outputs.create_release == 'true'
     uses: ./.github/workflows/test.yml
 
   lint:
+    if: needs.precheck.outputs.create_release == 'true'
     uses: ./.github/workflows/lint.yml
-    needs: test
+    needs:
+      - precheck
+      - test
 
   build:
+    if: needs.precheck.outputs.create_release == 'true'
     uses: ./.github/workflows/wheel.yml
-    needs: lint
+    needs:
+      - precheck
+      - lint
 
   release:
+    if: needs.precheck.outputs.create_release == 'true'
     runs-on: ubuntu-latest
     permissions:
       contents: write
       id-token: write
       attestations: write
-    needs: build
+    needs:
+      - precheck
+      - build
     steps:
-    - name: Check if release exists
-      id: release_check
-      env:
-        GH_TOKEN: ${{ github.token }}
-        REPO: ${{ github.repository }}
-        TAG: ${{ github.ref_name }}
-      run: |
-        if gh release view "$TAG" --repo "$REPO" >/dev/null 2>&1; then
-          echo "Release $TAG already exists. Skipping."
-          echo "create_release=false" >> "$GITHUB_OUTPUT"
-        else
-          echo "create_release=true" >> "$GITHUB_OUTPUT"
-        fi
-
     - name: Download built wheel artifact
-      if: steps.release_check.outputs.create_release == 'true'
       uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
       with:
         name: wheel-package
         path: dist
 
     - name: Create GitHub Release
-      if: steps.release_check.outputs.create_release == 'true'
       env:
         GH_TOKEN: ${{ github.token }}
         REPO: ${{ github.repository }}
@@ -58,7 +72,6 @@ jobs:
         gh release create "$TAG" dist/* --repo "$REPO" --verify-tag --title "$TAG" --generate-notes
 
     - name: Generate attestation
-      if: steps.release_check.outputs.create_release == 'true'
       uses: actions/attest-build-provenance@a2bbfa25375fe432b6a289bc6b6cd05ecd0c4c32 # v4.1.0
       with:
         subject-path: "dist/*"