From 868275ba6f32b4a5a52ee0d8975006eb0a3e098a Mon Sep 17 00:00:00 2001
From: David Brochart <david.brochart@gmail.com>
Date: Thu, 23 Jan 2025 11:49:19 +0100
Subject: [PATCH] Use PyPI's trusted publishing (#224)

---
 .github/workflows/publish.yml | 13 +++++++------
 1 file changed, 7 insertions(+), 6 deletions(-)

diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml
index 6e0ace5..d317c81 100644
--- a/.github/workflows/publish.yml
+++ b/.github/workflows/publish.yml
@@ -162,12 +162,13 @@ jobs:
           merge-multiple: true
       - uses: actions/setup-python@v5
       - name: Publish to PyPI
-        env:
-          TWINE_USERNAME: ${{ secrets.PYPI_USERNAME }}
-          TWINE_PASSWORD: ${{ secrets.PYPI_PASSWORD }}
-        run: |
-          pip install --upgrade twine
-          twine upload --skip-existing dist/*
+        uses: PyO3/maturin-action@v1
+        environment: release
+        permissions:
+          id-token: write
+        with:
+          command: upload
+          args: --non-interactive --skip-existing dist/*
 
   github-release:
     name: Create GitHub release