From eb08372bb02e7dd33d4d1e0e4d35b735ebbd0575 Mon Sep 17 00:00:00 2001
From: phi <phi.friday@gmail.com>
Date: Mon, 2 Sep 2024 14:33:47 +0900
Subject: [PATCH] chore: apply Trusted Publisher

---
 .github/workflows/publish.yaml | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/.github/workflows/publish.yaml b/.github/workflows/publish.yaml
index 363fe65..09e2634 100644
--- a/.github/workflows/publish.yaml
+++ b/.github/workflows/publish.yaml
@@ -8,6 +8,9 @@ jobs:
   publish:
     runs-on: ubuntu-latest
     name: "Publish library"
+    environment: publish
+    permissions: 
+      id-token: write
 
     steps:
       - name: Check out
@@ -26,7 +29,6 @@ jobs:
           sed -i'' -E "s/version = \"0.0.0\"/version = \"$VERSION\"/g" pyproject.toml
           uvx --from build pyproject-build --installer uv
 
-      - name: Release to PyPI
-        run: |
-          uvx twine upload dist/* --non-interactive \
-          --username __token__ --password ${{ secrets.PYPI_API_TOKEN }}
\ No newline at end of file
+      - name: Publish package distributions to PyPI
+        id: publish-pypi
+        uses: pypa/gh-action-pypi-publish@release/v1
\ No newline at end of file