From e2ca36cdec35f744dee043210bfa299379bb9385 Mon Sep 17 00:00:00 2001
From: Phillip Schanely <pschanely@gmail.com>
Date: Wed, 1 Jan 2025 12:27:56 -0500
Subject: [PATCH] Move to trusted publishing

---
 .github/workflows/buildwheels.yml | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/.github/workflows/buildwheels.yml b/.github/workflows/buildwheels.yml
index b0f11537..52446a28 100644
--- a/.github/workflows/buildwheels.yml
+++ b/.github/workflows/buildwheels.yml
@@ -60,9 +60,14 @@ jobs:
           path: dist/*.tar.gz
 
   upload_pypi:
+    # Publish when a GitHub Release is created:
     needs: [build_wheels, build_sdist]
     runs-on: ubuntu-latest
-    # Publish when a GitHub Release is created:
+    environment:
+      name: release
+      url: https://pypi.org/p/crosshair-tool
+    permissions:
+      id-token: write
     if: (github.event_name == 'workflow_dispatch') || (github.event_name == 'release' && github.event.action == 'published')
     steps:
       - uses: actions/download-artifact@v4
@@ -72,6 +77,3 @@ jobs:
           merge-multiple: true
 
       - uses: pypa/gh-action-pypi-publish@v1.5.0
-        with:
-          user: __token__
-          password: ${{ secrets.PYPI_TOKEN }}