From 467a7e6522535228e9182e5a17063acb40271a02 Mon Sep 17 00:00:00 2001
From: Tambe Tabitha Achere <tambetachere@gmail.com>
Date: Wed, 12 Jun 2024 14:57:05 +0000
Subject: [PATCH] remove token. enable trusted publishing only

---
 .github/workflows/python-publish.yml | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/.github/workflows/python-publish.yml b/.github/workflows/python-publish.yml
index 0c28c941..112d2f32 100644
--- a/.github/workflows/python-publish.yml
+++ b/.github/workflows/python-publish.yml
@@ -8,7 +8,9 @@ jobs:
   deploy:
 
     runs-on: ubuntu-latest
-    environment: pypi-release
+    permissions:
++     # IMPORTANT: this permission is mandatory for trusted publishing
++     id-token: write
 
     steps:
     - uses: actions/checkout@v2
@@ -24,7 +26,5 @@ jobs:
     - name: Build package
       run: poetry build
       
-    - name: Publish package
-      run: poetry publish
-      env:
-        POETRY_PYPI_TOKEN_PYPI: ${{ secrets.PYPI_API_TOKEN }}
+    - name: Publish package to PyPI
+      uses: pypa/gh-action-pypi-publish@release/v1