npm publishing via github action and trusted publishing

[tnkuehne]

Hey, thanks for the package, good work. Following recent hacks on npm packages, I would greatly appreciate it if we could automate the release process of this package and utilize trusted publishing, as recommended by npm. This would increase the trust level of this package, which is particularly handy when combined with pnpm, as it can check if a package loses trust, for example, when it gets compromised.

Of course, if this is something you agree on, I could contribute the release pipeline.