From 6e53f4dbd51b07bbbc2ee5d2c37436fbda1cc098 Mon Sep 17 00:00:00 2001
From: Joe Rickerby <joerick@mac.com>
Date: Mon, 15 May 2023 22:30:47 +0100
Subject: [PATCH] Use PyPI Trusted Publisher for releases

---
 .github/workflows/release.yml | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 9f0c09c83..c261259ac 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -27,6 +27,9 @@ jobs:
     needs: [dist]
     runs-on: ubuntu-latest
     if: github.event_name == 'release' && github.event.action == 'published'
+    environment: pypi
+    permissions:
+      id-token: write
 
     steps:
     - uses: actions/download-artifact@v3
@@ -35,6 +38,3 @@ jobs:
         path: dist
 
     - uses: pypa/gh-action-pypi-publish@release/v1
-      with:
-        user: __token__
-        password: ${{ secrets.pypi_password }}