diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index a496e17..f797248 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -10,8 +10,9 @@ jobs:
   build:
     runs-on: ubuntu-latest
     permissions:
-      contents: read
+      contents: write
       packages: write
+      issues: write
     steps:
       - id: checkout
         uses: actions/checkout@v3
@@ -23,3 +24,9 @@ jobs:
           scope: '@nemerosa'
       - id: npm-ci
         run: npm ci
+      - id: npm-publish
+        if: ${{ github.ref == 'refs/heads/main' }}
+        run: npx semantic-release
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
deleted file mode 100644
index 95485d9..0000000
--- a/.github/workflows/release.yml
+++ /dev/null
@@ -1,28 +0,0 @@
-name: release
-
-on:
-  workflow_dispatch:
-
-jobs:
-  release:
-    runs-on: ubuntu-latest
-    permissions:
-      contents: write
-      packages: write
-      issues: write
-    steps:
-      - id: checkout
-        uses: actions/checkout@v3
-      - id: setup-node
-        uses: actions/setup-node@v3
-        with:
-          node-version: '16.x'
-          registry-url: 'https://npm.pkg.github.com'
-          scope: '@nemerosa'
-      - id: npm-ci
-        run: npm ci
-      - id: npm-publish
-        run: npx semantic-release
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-          NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}