diff --git a/.asf-release/.gitkeep b/.asf-release/.gitkeep
new file mode 100644
index 0000000..a926db8
--- /dev/null
+++ b/.asf-release/.gitkeep
@@ -0,0 +1,22 @@
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied.  See the License for the
+# specific language governing permissions and limitations
+# under the License.
+
+# ---
+# This directory is used as apart of the release process.
+# Package tarballs will be generated in stored temporarily
+# within this directory and should not be commited to repo.
+# ---
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index bcc5647..b952fff 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -74,8 +74,7 @@ jobs:
 
       - uses: github/codeql-action/analyze@9e0d7b8d25671d64c341c19c0152d693099fb5ba # v4.35.5
 
-      # v4.6.0
-      - uses: codecov/codecov-action@b9fd7d16f6d7d1b5d2bec1a2887e65ceed900238
+      - uses: codecov/codecov-action@b9fd7d16f6d7d1b5d2bec1a2887e65ceed900238 # v4.6.0
         if: success()
         with:
           name: ${{ runner.os }} node.js ${{ matrix.node.version }}
diff --git a/.github/workflows/draft-release.yml b/.github/workflows/draft-release.yml
new file mode 100644
index 0000000..d98bbc3
--- /dev/null
+++ b/.github/workflows/draft-release.yml
@@ -0,0 +1,155 @@
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied.  See the License for the
+# specific language governing permissions and limitations
+# under the License.
+
+name: Draft Release
+
+on:
+  push:
+    tags:
+      - 'draft/**'
+
+permissions:
+  contents: read
+  id-token: write
+
+jobs:
+  upload-to-atr:
+    runs-on: ubuntu-latest
+
+    steps:
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
+        with:
+          persist-credentials: false
+          fetch-depth: 1
+
+      - uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0
+        with:
+          node-version: 24
+          package-manager-cache: false
+          cache: ''
+
+      - name: Setup environment variables
+        run: |
+          REPO_NAME="${GITHUB_REPOSITORY#*/}"
+          TAG_NAME="${GITHUB_REF#refs/tags/}"
+          TARGET_RELEASE_VERSION="${TAG_NAME#draft/}"
+          SRC_PACKAGE_NAME=${REPO_NAME}-source-${TARGET_RELEASE_VERSION}
+          SRC_PACKAGE_TAR=${SRC_PACKAGE_NAME}.tar
+          SRC_PACKAGE_TAR_GZ=${SRC_PACKAGE_NAME}.tar.gz
+          SRC_PACKAGE_ZIP=${SRC_PACKAGE_NAME}.zip
+          NPM_PACKAGE_NAME=${REPO_NAME}-npm-${TARGET_RELEASE_VERSION}
+
+          echo "REPO_NAME=$REPO_NAME" >> $GITHUB_ENV
+          echo "TAG_NAME=$TAG_NAME" >> $GITHUB_ENV
+          echo "TARGET_RELEASE_VERSION=$TARGET_RELEASE_VERSION" >> $GITHUB_ENV
+          echo "SRC_PACKAGE_NAME=$SRC_PACKAGE_NAME" >> $GITHUB_ENV
+          echo "SRC_PACKAGE_TAR=$SRC_PACKAGE_TAR" >> $GITHUB_ENV
+          echo "SRC_PACKAGE_TAR_GZ=$SRC_PACKAGE_TAR_GZ" >> $GITHUB_ENV
+          echo "SRC_PACKAGE_ZIP=$SRC_PACKAGE_ZIP" >> $GITHUB_ENV
+          echo "NPM_PACKAGE_NAME=$NPM_PACKAGE_NAME" >> $GITHUB_ENV
+
+          echo "REPO_NAME=$REPO_NAME"
+          echo "TAG_NAME=$TAG_NAME"
+          echo "TARGET_RELEASE_VERSION=$TARGET_RELEASE_VERSION"
+          echo "SRC_PACKAGE_NAME=$SRC_PACKAGE_NAME"
+          echo "SRC_PACKAGE_TAR=$SRC_PACKAGE_TAR"
+          echo "SRC_PACKAGE_TAR_GZ=$SRC_PACKAGE_TAR_GZ"
+          echo "SRC_PACKAGE_ZIP=$SRC_PACKAGE_ZIP"
+          echo "NPM_PACKAGE_NAME=$NPM_PACKAGE_NAME"
+
+      - name: Verify Target Release Version
+        run: |
+          PACKAGE_VERSION=$(jq -r '.version' package.json)
+          if [ "$PACKAGE_VERSION" != "$TARGET_RELEASE_VERSION" ]; then
+            echo "Mismatch version detected between tag version ($TARGET_RELEASE_VERSION) and package version ($PACKAGE_VERSION)"
+            exit 1
+          fi
+
+          if [ -f "plugin.xml" ]; then
+            PLUGIN_VERSION=$(yq -p=xml -o=json '.plugin.+@version' plugin.xml | jq -r .)
+            if [ "$PLUGIN_VERSION" != "$TARGET_RELEASE_VERSION" ]; then
+              echo "Mismatch version detected between tag version ($TARGET_RELEASE_VERSION) and plugin version ($PLUGIN_VERSION)"
+              exit 1
+            fi
+          fi
+
+      - name: Generate "tgz" npm convenience package
+        run: |-
+          npm ci
+          NPM_PKG_NAME=$(npm pack --json | jq -r '.[0].filename')
+          mv ./.asf-release/$NPM_PKG_NAME ./.asf-release/${NPM_PACKAGE_NAME}.tgz
+        env:
+          TZ: UTC
+
+      - name: Generate "tar" source package
+        run: |-
+          export SRC_LAST_COMMIT_EPOCH=$(git log -1 --format=%ct "$TAG_NAME")
+
+          git archive \
+            --prefix=$SRC_PACKAGE_NAME/ \
+            --mtime=$SRC_LAST_COMMIT_EPOCH \
+            -o ./.asf-release/${SRC_PACKAGE_TAR} \
+            $TAG_NAME
+        env:
+          TZ: UTC
+
+      - name: Generate "tar.gz" source archive
+        working-directory: ./.asf-release
+        run: |-
+          gzip -n -9 -c "$SRC_PACKAGE_TAR" > "$SRC_PACKAGE_TAR_GZ"
+        env:
+          TZ: UTC
+
+      - name: Generate "zip" source archive
+        working-directory: ./.asf-release
+        run: |-
+          export ASF_RELEASE_DIR=$(pwd)
+          export TMP_DIR=$(mktemp -d)
+
+          tar -xf "$SRC_PACKAGE_TAR" -C "$TMP_DIR"
+          (
+            cd "$TMP_DIR"
+            find . -type f | LC_ALL=C sort | zip -X -q "$ASF_RELEASE_DIR/$SRC_PACKAGE_ZIP" -@
+          )
+          rm -rf $TMP_DIR
+        env:
+          TZ: UTC
+
+      - name: Cleanup Process
+        working-directory: ./.asf-release
+        run: |-
+          rm -rf $SRC_PACKAGE_TAR
+          rm -rf .gitkeep
+
+      - name: Create Sign and Checksum
+        working-directory: .asf-release
+        run: |-
+          for f in *.tar.gz *.tgz *.zip; do
+            [ -e "$f" ] || continue
+            echo "$CORDOVA_GPG_SECRET_KEY" | gpg --batch --import --import-options import-show
+            gpg --armor --detach-sign "$f"
+            sha512sum "$f" > "${f}.sha512"
+          done
+        env:
+          CORDOVA_GPG_SECRET_KEY: ${{ secrets.CORDOVA_GPG_SECRET_KEY }}
+
+      - name: Upload to Apache Trusted Release (ATR)
+        uses: apache/tooling-actions/upload-to-atr@f5f4c0e7ddfbde6b1f8288cef36324c6def68051
+        with:
+          project: ${{ env.REPO_NAME }}
+          version: ${{ env.TARGET_RELEASE_VERSION }}
+          src: .asf-release
diff --git a/.github/workflows/release-audit.yml b/.github/workflows/release-audit.yml
index ceddd08..28a6b87 100644
--- a/.github/workflows/release-audit.yml
+++ b/.github/workflows/release-audit.yml
@@ -39,8 +39,8 @@ jobs:
           persist-credentials: false
           fetch-depth: 1
 
-      # Check license headers (v3.0.0)
-      - uses: erisu/apache-rat-action@30c94d10ed21e6f6fd5590dc5c158f58cae7a0dd
+      # Check license headers
+      - uses: erisu/apache-rat-action@30c94d10ed21e6f6fd5590dc5c158f58cae7a0dd # v3.0.0
 
       # Setup environment with node
       - uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0
@@ -51,8 +51,8 @@ jobs:
       - name: npm install packages
         run: npm ci
 
-      # Check node package licenses (v2.1.0)
-      - uses: erisu/license-checker-action@04511f4c052b5773f11e1c65b42cda88235c62ae
+      # Check node package licenses
+      - uses: erisu/license-checker-action@04511f4c052b5773f11e1c65b42cda88235c62ae # v2.1.0
         with:
           license-config: 'licence_checker.yml'
           include-asf-category-a: true
diff --git a/.gitignore b/.gitignore
index 665b3be..54c853c 100644
--- a/.gitignore
+++ b/.gitignore
@@ -21,3 +21,7 @@ npm-debug.log
 coverage
 .nyc_output
 lcov.info
+
+# ASF release workspace
+.asf-release/
+!.asf-release/.gitkeep
diff --git a/.npmignore b/.npmignore
index 9f655bf..58ea548 100644
--- a/.npmignore
+++ b/.npmignore
@@ -20,3 +20,6 @@ coverage
 test
 eslint.config.js
 licence_checker.yml
+
+# ASF release workspace
+.asf-release/
diff --git a/.npmrc b/.npmrc
index 7cff323..6f982f7 100644
--- a/.npmrc
+++ b/.npmrc
@@ -16,3 +16,8 @@
 # under the License.
 
 registry=https://registry.npmjs.org
+
+# ASF release settings
+git-tag-version=false
+preid=dev
+pack-destination=./.asf-release
diff --git a/.ratignore b/.rat-excludes
similarity index 100%
rename from .ratignore
rename to .rat-excludes