diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml
index ab239bd..819744b 100755
--- a/.github/workflows/publish.yml
+++ b/.github/workflows/publish.yml
@@ -1,4 +1,7 @@
-name: Publish to GitHub pages
+name: Publish to git to static pages
+
+permissions:
+    contents: none
 
 on:
     push:
@@ -15,11 +18,13 @@ jobs:
             - name: Checkout
               uses: actions/checkout@v4
               with:
-                  fetch-depth: 0
-                  ssh-key: ${{ secrets.SSH_KEY_DEPLOY }}
+                  fetch-depth: 1
+                  token: ${{ secrets.SUDO_BOT_TOKEN }}
+                  # Already the default value, but so you understand the push command will have creds
+                  persist-credentials: true
             - name: Import GPG key
-              # v5.2.0 - 111c56156bcc6918c056dbef52164cfa583dc549
-              uses: crazy-max/ghaction-import-gpg@111c56156bcc6918c056dbef52164cfa583dc549
+              # v6.1.0 - 01dd5d3ca463c7f10f7f4f7b4f177225ac661ee4
+              uses: crazy-max/ghaction-import-gpg@01dd5d3ca463c7f10f7f4f7b4f177225ac661ee4
               with:
                   gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }}
                   passphrase: ${{ secrets.GPG_PASSPHRASE }}
@@ -31,12 +36,11 @@ jobs:
                   make build
                   TEMP_DIR="$(mktemp -d --suffix=_website_williamdes)"
                   cp -rp williamdes.eu/public "${TEMP_DIR}"
-                  git checkout gh-pages
-                  git ls-files | xargs -r -n 1 rm
+                  git checkout static-pages
+                  git ls-files | xargs -r -n 1 rm -vf
                   rm -rfd ./*
                   mv "${TEMP_DIR}"/public/* ./
                   rm -rf "${TEMP_DIR}"
-                  echo 'williamdes.eu' > CNAME
                   git add -A
                   git commit --allow-empty -m "Content update ($(date --utc))"
                   git push