From 8ad0812fee6da6027f3a31dfc167a7ec538ed7e6 Mon Sep 17 00:00:00 2001
From: ObserverOfTime <chronobserver@disroot.org>
Date: Sun, 28 Sep 2025 11:04:44 +0300
Subject: [PATCH] ci(pypi): enable trusted publishing

---
 .github/workflows/pypi.yml | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/pypi.yml b/.github/workflows/pypi.yml
index 17e7dce..59e7d5a 100644
--- a/.github/workflows/pypi.yml
+++ b/.github/workflows/pypi.yml
@@ -60,6 +60,9 @@ jobs:
   release:
     runs-on: ubuntu-latest
     needs: [build-sdist, build-wheels]
+    environment: pypi
+    permissions:
+      id-token: write
     steps:
       - name: Download artifacts
         uses: actions/download-artifact@v5
@@ -71,8 +74,6 @@ jobs:
         run: ls -l dist
       - name: Upload to pypi
         uses: pypa/gh-action-pypi-publish@release/v1
-        with:
-          password: ${{secrets.PYPI_API_TOKEN}}
       - name: Create GitHub release
         run: gh release create "$GITHUB_REF_NAME" --generate-notes
         env: