From 26c0ef3445aabf75e73b27faa4651a32d456b541 Mon Sep 17 00:00:00 2001
From: Mattt Zmuda <mattt@replicate.com>
Date: Mon, 24 Apr 2023 13:23:02 -0700
Subject: [PATCH] Update release workflow to use PyPI trusted publishing

Signed-off-by: Mattt Zmuda <mattt@replicate.com>
---
 .github/workflows/release.yaml | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml
index 41b5260e..c2e793ea 100644
--- a/.github/workflows/release.yaml
+++ b/.github/workflows/release.yaml
@@ -9,6 +9,8 @@ jobs:
     runs-on: ubuntu-latest
 
     name: "Publish to PyPI"
+    permissions:
+      id-token: write # IMPORTANT: this permission is mandatory for trusted publishing
 
     steps:
       - uses: actions/checkout@v3
@@ -28,7 +30,5 @@ jobs:
           --sdist
           --outdir dist/
           .
-      - name: Publish distribution 📦 to PyPI
+      - name: Publish package distributions to PyPI
         uses: pypa/gh-action-pypi-publish@release/v1
-        with:
-          password: ${{ secrets.PYPI_API_TOKEN }}