release #22

	name: release

	on:
	schedule:
	- cron: '0 0 * * *' # daily at 00:00
	workflow_dispatch:

	permissions:
	contents: read

	jobs:
	release:
	name: release
	runs-on: ubuntu-latest

	permissions:
	contents: write

	steps:
	- name: Harden Runner
	uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
	with:
	egress-policy: audit

	- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
	- name: Check if any changes since last tag
	id: check
	run: \|
	git fetch --tags
	if [ -z "$(git tag --points-at HEAD)" ]; then
	echo "Nothing points at HEAD, bump a new tag"
	echo "bump=yes" >> $GITHUB_OUTPUT
	else
	echo "A tag already points to head, don't bump"
	echo "bump=no" >> $GITHUB_OUTPUT
	fi
	- name: Bump patch version and push tag
	uses: mathieudutour/github-tag-action@a22cf08638b34d5badda920f9daf6e72c477b07b # v6.2
	if: steps.check.outputs.bump == 'yes'
	with:
	github_token: ${{ secrets.GITHUB_TOKEN }}

Provide feedback