diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index e38a5d97bc6..7df28804499 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -292,23 +292,25 @@ jobs:
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
 
-  check-release:
+  publish-release:
     name: check-release
 
     runs-on: ubuntu-latest
 
     needs: [ create-release, build-release, build-macos-universal2-release ]
 
+    env:
+      REPOSITORY: ${{ github.repository }}
+      VERSION: ${{ needs.create-release.outputs.version }}
+
     steps:
       - name: Discover assets
         run: |
           gh release --repo="$REPOSITORY" view "$VERSION" --json assets --jq '.assets.[].name' > assets.txt
         env:
-          REPOSITORY: ${{ github.repository }}
-          VERSION: ${{ needs.create-release.outputs.version }}
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
 
-      - name: Show all asset names
+      - name: Show all individual asset names
         run: cat assets.txt
 
       # The `features` array is repeated because GHA doen't support YAML anchors.
@@ -326,34 +328,33 @@ jobs:
           diff -- <(mask aarch64) <(mask universal)
           diff -- <(mask x86_64) <(mask universal)
 
-  publish-release:
-    name: publish-release
-
-    runs-on: ubuntu-latest
-
-    needs: [ create-release, check-release ]
-
-    env:
-      REPOSITORY: ${{ github.repository }}
-      VERSION: ${{ needs.create-release.outputs.version }}
-      GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      - name: Clean up local temporary macOS asset list files
+        run: rm {assets,aarch64,x86_64,universal}.txt
 
-    steps:
-      - name: Retrieve individual checksums
+      - name: Retrieve all individual checksums
         run: gh release --repo="$REPOSITORY" download "$VERSION" --pattern='gitoxide-*.sha256'
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
 
       - name: Concatenate checksums into one file
         run: cat gitoxide-*.sha256 > hashes.sha256
 
       - name: Upload the combined checksum file
         run: gh release --repo="$REPOSITORY" upload "$VERSION" hashes.sha256
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
 
-      - name: Discard the individual checksum files
+      # If any step of any job fails before this, the draft still has the individual checksum files.
+      - name: Remove the individual checksum file assets
         run: |
           for sumfile in gitoxide-*.sha256; do
             gh release --repo="$REPOSITORY" delete-asset "$VERSION" "$sumfile" --yes
           done
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
 
       - name: Publish the release
         if: false
         run: gh release --repo="$REPOSITORY" edit "$VERSION" --draft=false
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}