From 0061668c9fbbaf7795b2213c0501d2022d78ed95 Mon Sep 17 00:00:00 2001 From: Teemu R Date: Sun, 29 Oct 2023 16:30:37 +0100 Subject: [PATCH] Use trusted publisher for publishing to pypi (#531) --- .github/workflows/publish.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index 2f7ec9ca..e48066bb 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -7,13 +7,15 @@ jobs: build-n-publish: name: Build release packages runs-on: ubuntu-latest + permissions: # for trusted publishing + id-token: write steps: - uses: actions/checkout@master - name: Setup python - uses: actions/setup-python@v1 + uses: actions/setup-python@v4 with: - python-version: 3.9 + python-version: "3.x" - name: Install pypa/build run: >- @@ -30,6 +32,4 @@ jobs: --outdir dist/ . - name: Publish release on pypi - uses: pypa/gh-action-pypi-publish@master - with: - password: ${{ secrets.PYPI_API_TOKEN }} + uses: pypa/gh-action-pypi-publish@release/v1