Independent release process

[DisaPadla]

Hi
In my repository, I have several applications. I want to set up an independent release process using GitHub Actions. I would like to make the release process similar to how release-please works. My plan looks like this:

1. We merge each PR into the master branch.
2. A GitHub Action automatically runs that creates a new PR (nx-release-please).
   2.1 We update the versions of the applications and their changelog files (using a programmatic API), BUT we do not create new tags for the applications.
   2.2 We create a new PR (nx-release-please) with the aforementioned changes.
3. Before the release PR is merged into the master branch, I would like to run nx release again, but this time with the creation of tags.

Problems I Have Encountered:

For some reason, after each run of nx release --skip-publish, it tries to update my .npmrc file and place a token there. Is it possible to prevent this?
I am trying to use the following approach to update the version in package.json and changelog files, but the tag is still being created. What am I doing wrong?

const options = await yargs
    .version(false) // don't use the default meaning of version in yargs
    .option('version', {
      description:
        'Explicit version specifier to use, if overriding conventional commits',
      type: 'string',
    })
    .option('dryRun', {
      alias: 'd',
      description:
        'Whether or not to perform a dry-run of the release process, defaults to true',
      type: 'boolean',
      default: false,
    })
    .option('verbose', {
      description:
        'Whether or not to enable verbose logging, defaults to false',
      type: 'boolean',
      default: false,
    })
    .parseAsync();

    const { workspaceVersion, projectsVersionData } = await releaseVersion({
      specifier: options.version,
      dryRun: options.dryRun,
      verbose: options.verbose,
      gitTag: false,
      gitCommit: false,
    });

    await releaseChangelog({
      versionData: projectsVersionData,
      version: workspaceVersion,
      dryRun: options.dryRun,
      verbose: options.verbose,
      gitTag: false,
      gitCommit: false,
    });

Is there a way to create application tags before the release PR gets merged into master (but probably this is more of a question for GitHub Actions)?