From 0405eb80e019302e435d14cebb13965910870fdd Mon Sep 17 00:00:00 2001
From: Fabio Caccamo <fabio.caccamo@gmail.com>
Date: Mon, 18 Dec 2023 19:00:55 +0100
Subject: [PATCH] Update `create-release.yml` workflow: publish releases with a
 Trusted Publisher.

---
 .github/workflows/create-release.yml | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/create-release.yml b/.github/workflows/create-release.yml
index 74e9ff9..fd6a210 100644
--- a/.github/workflows/create-release.yml
+++ b/.github/workflows/create-release.yml
@@ -8,6 +8,9 @@ on:
 jobs:
   build:
     runs-on: ubuntu-latest
+    # environment: release
+    permissions:
+      id-token: write
 
     steps:
       - name: Checkout
@@ -38,5 +41,5 @@ jobs:
       - name: Publish on PyPI
         uses: pypa/gh-action-pypi-publish@release/v1
         with:
-          packages_dir: dist/
-          password: ${{ secrets.WORKFLOWS_PUBLISH_TO_PYPI_TOKEN }}
+          packages-dir: dist/
+          # password: ${{ secrets.WORKFLOWS_PUBLISH_TO_PYPI_TOKEN }}