From f138a577b4982d27aefcadba7acfd4aeb8b9d7b9 Mon Sep 17 00:00:00 2001
From: Abhinand C <abhinandc.ac@gmail.com>
Date: Sat, 9 Dec 2023 15:37:02 +0530
Subject: [PATCH] feat: Use PyPI Trusted Publisher

---
 .github/workflows/publish.yml | 14 ++++++++++----
 1 file changed, 10 insertions(+), 4 deletions(-)

diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml
index 9c4422e0..a62b5e15 100644
--- a/.github/workflows/publish.yml
+++ b/.github/workflows/publish.yml
@@ -38,7 +38,9 @@ jobs:
   publish:
     needs: build
     runs-on: ubuntu-latest
-
+    permissions:
+      # IMPORTANT: this permission is mandatory for trusted publishing
+      id-token: write
     steps:
     - uses: actions/checkout@v3
     - name: Set up Python
@@ -49,7 +51,11 @@ jobs:
       run: |
         python -m pip install --upgrade pip
         pip install poetry
-    - name: Build & Release package
+    - name: Build package
+      run: |
+        poetry build
+    - name: Build package
       run: |
-        poetry config pypi-token.pypi ${{ secrets.PYPI_API_TOKEN }}
-        poetry publish --build
\ No newline at end of file
+        poetry build
+    - name: Publish package distributions to PyPI
+      uses: pypa/gh-action-pypi-publish@release/v1
\ No newline at end of file