diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml
index 848c321..0ec3fcb 100644
--- a/.github/workflows/publish.yml
+++ b/.github/workflows/publish.yml
@@ -10,6 +10,9 @@ jobs:
     name: Test
     uses: ./.github/workflows/tests.yml
     secrets: inherit
+    permissions:
+      contents: read
+      id-token: write
   release:
     name: Release
     needs: test
@@ -23,8 +26,6 @@ jobs:
       - uses: actions/checkout@v4
         with:
           fetch-depth: 0
-      - name: Install Deno
-        uses: denoland/setup-deno@v1
       - name: Install jq
         uses: dcarbone/install-jq-action@v2
       - name: Setup pnpm
@@ -40,12 +41,12 @@ jobs:
         run: pnpm --package conventional-changelog-conventionalcommits --package semantic-release dlx semantic-release
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-      - name: Update version in deno.json
+      - name: Update version for JSR registry
         run: |
           VERSION=$(node -p "require('./package.json').version")
-          jq --arg version "$VERSION" '.version = $version' deno.json > deno.json.tmp
-          mv deno.json.tmp deno.json
+          jq --arg version "$VERSION" '.version = $version' jsr.json > jsr.json.tmp
+          mv jsr.json.tmp jsr.json
           echo "VERSION=$VERSION" >> $GITHUB_ENV
       - name: Publish package to JSR
         if: env.VERSION != '0.0.0-development'
-        run: deno publish
+        run: pnpm dlx jsr publish
diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml
index cb67039..84c8042 100644
--- a/.github/workflows/tests.yml
+++ b/.github/workflows/tests.yml
@@ -10,6 +10,9 @@ jobs:
   lints:
     name: Lints
     runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      id-token: write
     steps:
       - uses: actions/checkout@v4
       - name: Setup pnpm
@@ -28,6 +31,8 @@ jobs:
         run: pnpm audit
       - name: Verify the integrity of provenance attestations and registry signatures for installed dependencies
         run: pnpm npm audit signatures
+      - name: Verify the package for publishing performing all checks and validations
+        run: pnpm dlx jsr publish --dry-run
   node:
     name: Node
     needs: lints
diff --git a/deno.json b/jsr.json
similarity index 93%
rename from deno.json
rename to jsr.json
index 1af6529..a39351a 100644
--- a/deno.json
+++ b/jsr.json
@@ -12,6 +12,7 @@
     "*.yaml",
     "*.config.ts",
     ".*rc.json",
+    "package.json",
     "renovate.json",
     "tsconfig.json"
   ]