diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml
index 529effd..5f14554 100644
--- a/.github/workflows/publish.yml
+++ b/.github/workflows/publish.yml
@@ -65,48 +65,52 @@ jobs:
   #     - name: Publish distribution 📦 to PyPI
   #       uses: pypa/gh-action-pypi-publish@release/v1
 
-  # github-release:
-  #   name: >-
-  #     Sign the Python 🐍 distribution 📦 with Sigstore
-  #     and upload them to GitHub Release
-  #   needs:
-  #     - publish-to-pypi
-  #   runs-on: ubuntu-latest
+  github-release:
+    name: >-
+      Sign the Python 🐍 distribution 📦 with Sigstore
+      and upload them to GitHub Release
+    needs:
+      - build
+    runs-on: ubuntu-latest
 
-  #   permissions:
-  #     contents: write  # IMPORTANT: mandatory for making GitHub Releases
-  #     id-token: write  # IMPORTANT: mandatory for sigstore
+    # make release on any tag
+    if: startsWith(github.ref, 'refs/tags/')
 
-  #   steps:
-  #     - name: Download all the dists
-  #       uses: actions/download-artifact@v4
-  #       with:
-  #         name: python-package-distributions
-  #         path: dist/
-  #     - name: Sign the dists with Sigstore
-  #       uses: sigstore/gh-action-sigstore-python@v1.2.3
-  #       with:
-  #         inputs: >-
-  #           ./dist/*.tar.gz
-  #           ./dist/*.whl
-  #     - name: Create GitHub Release
-  #       env:
-  #         GITHUB_TOKEN: ${{ github.token }}
-  #       run: >-
-  #         gh release create
-  #         '${{ github.ref_name }}'
-  #         --repo '${{ github.repository }}'
-  #         --notes ""
-  #     - name: Upload artifact signatures to GitHub Release
-  #       env:
-  #         GITHUB_TOKEN: ${{ github.token }}
-  #       # Upload to GitHub Release using the `gh` CLI.
-  #       # `dist/` contains the built packages, and the
-  #       # sigstore-produced signatures and certificates.
-  #       run: >-
-  #         gh release upload
-  #         '${{ github.ref_name }}' dist/**
-  #         --repo '${{ github.repository }}'
+    permissions:
+      contents: write  # IMPORTANT: mandatory for making GitHub Releases
+      id-token: write  # IMPORTANT: mandatory for sigstore
+
+    steps:
+      - name: Download all the dists
+        uses: actions/download-artifact@v4
+        with:
+          name: python-package-distributions
+          path: dist/
+      - name: Sign the dists with Sigstore
+        uses: sigstore/gh-action-sigstore-python@v1.2.3
+        with:
+          inputs: >-
+            ./dist/*.tar.gz
+            ./dist/*.whl
+      - name: Create GitHub Release (draft)
+        env:
+          GITHUB_TOKEN: ${{ github.token }}
+        run: >-
+          gh release create
+          '${{ github.ref_name }}'
+          --repo '${{ github.repository }}'
+          --draft
+          --notes ""
+      - name: Upload artifact signatures to GitHub Release
+        env:
+          GITHUB_TOKEN: ${{ github.token }}
+        # Upload to GitHub Release using the `gh` CLI.
+        # `dist/` contains the built packages, and the
+        # sigstore-produced signatures and certificates.
+        run: >-
+          gh release upload
+          '${{ github.ref_name }}' dist/**
+          --repo '${{ github.repository }}'
 
   publish-to-testpypi:
     name: Publish Python 🐍 distribution 📦 to TestPyPI