diff --git a/.github/workflows/publish.yaml b/.github/workflows/publish.yaml
index 9eb25792..d2535252 100644
--- a/.github/workflows/publish.yaml
+++ b/.github/workflows/publish.yaml
@@ -27,26 +27,29 @@ jobs:
           node-version: ${{ github.event.inputs.nodeVersion }}
           registry-url: "https://registry.npmjs.org"
 
-      - name: Bump version and push tag
+      - name: Bump node-vault version
         run: |
-          git config --local user.email "action@github.com"
-          git config --local user.name "GitHub Action"
           npm version ${{ github.event.inputs.semver }}
-          git push && git push --tags
+
+      - name: Push changes
+        uses: EndBug/add-and-commit@1bad3abcf0d6ec49a5857d124b0bfb52dc7bb081 # tag: v9.1.3
+        with:
+          default_author: github-actions
+          add: "package.json package-lock.json"
+          commit: --signoff
+          message: "chore(release): bump version to ${{ github.event.inputs.semver }}"
 
       - name: Publish
         run: npm publish
         env:
           NODE_AUTH_TOKEN: ${{secrets.NPM_TOKEN}}
 
-      - run: |
-          echo VERSION=$(cat package.json | grep version | tr -d " " | cut -d":" -f2 | tr -d "\",") >> $GITHUB_ENV
-        shell: bash
-        name: Set version as env var
+      - name: Set version as env var
+        run: |
+          echo "VERSION=$(node -p "require('./package.json').version")" >> $GITHUB_ENV
 
       - uses: actions/create-release@0cb9c9b65d5d1901c1f53e5e66eaf4afd303e70e
         name: Release
-        id: create_release
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
         with:
diff --git a/.github/workflows/write-features.yaml b/.github/workflows/write-features.yaml
index 62a04b0e..97bd540a 100644
--- a/.github/workflows/write-features.yaml
+++ b/.github/workflows/write-features.yaml
@@ -1,6 +1,6 @@
 name: Extract & write features
 on:
-  pull_request:
+  push:
     branches:
       - master
     paths: