Address review comments

Signed-off-by: Varun Sharma <varunsh@stepsecurity.io>

Author: varunsh-coder

.github/workflows/npm-publish.yml

@@ -19,30 +19,22 @@ jobs:
         with:
           ref: ${{ github.event.inputs.tag }}
 
+      - name: Validate semver pattern
+        run: npx semver ${{ inputs.tag }}
+
       - name: Check package version
         id: cpv
         uses: PostHog/check-package-version@v2
 
-      - run: npm install semver
-
-      - name: Validate tag
+      - name: Validate package version
         uses: actions/github-script@v6
         with:
           script: |
-            const semver = require('semver')
-
-            const tag = `${context.payload.inputs.tag}`;
-            const version = tag.substring(1);
-
-            if (semver.valid(version)) {
-              const isNewVersion = `${{ steps.cpv.outputs.is-new-version }}`;
-              if (isNewVersion === 'true') {
+            const isNewVersion = `${{ steps.cpv.outputs.is-new-version }}`;
+            if (isNewVersion === 'true') {
                 console.log(`Version ${context.payload.inputs.tag} has not been published yet`);
-              } else {
-                core.setFailed(`Version ${context.payload.inputs.tag} is already published`);
-              }
             } else {
-              core.setFailed(`Tag ${context.payload.inputs.tag} does not match semver pattern`);
+                core.setFailed(`Version ${context.payload.inputs.tag} is already published`);
             }
   check-status:
     needs: check-version
@@ -105,7 +97,6 @@ jobs:
           egress-policy: block
           allowed-endpoints: >
             github.com:443
-            hooks.slack.com:443
             nodejs.org:443
             prod.api.stepsecurity.io:443
             registry.npmjs.org:443