From 636494cff5f4555156c2d9a885d1c3d345a2da0d Mon Sep 17 00:00:00 2001
From: Tom Piccirello <8296030+Piccirello@users.noreply.github.com>
Date: Thu, 11 Dec 2025 12:47:36 -0800
Subject: [PATCH] Publish to PyPI using Trusted Publisher

Twine [supports Trusted Publisher](https://github.com/pypa/twine/pull/1194/), but their documentation is a bit sparse.
---
 .github/workflows/release.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 15ff9da4..98562f9e 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -14,6 +14,7 @@ jobs:
     runs-on: ubuntu-latest
     permissions:
       contents: write
+      id-token: write
     steps:
       - name: Checkout the repository
         uses: actions/checkout@85e6279cec87321a52edac9c87bce653a07cf6c2
@@ -40,7 +41,6 @@ jobs:
       - name: Push releases to PyPI
         env:
           TWINE_USERNAME: __token__
-          TWINE_PASSWORD: ${{ secrets.PYPI_API_TOKEN }}
         run: uv run make release && uv run make release_analytics
 
       - name: Create GitHub release