Switch to trusted publishing

[Cito]

We should switch to Trusted Publishing for our releases. Trusted publishing replaces a persistent secret that can leak with a cryptographically scoped, ephemeral token that requires zero maintenance.

However, only a project owner on PyPI can do that and it seems that Syrus is currently the sole owner.

Pinging @syrusakbary - can you make the switch or increase the bus factor by adding me as owner (I'm only registered as maintainer, but that is not sufficient to make the switch)?

[syrusakbary]

Hey @Cito, thanks for the ping, I will switch trusted publishing on 👍

[syrusakbary]

Just added the Trusted publishing in PyPI @Cito

[Cito]

Thank you @syrusakbary. To make it more secure, you can also add an environment name - I suggest "pypi". I will then create the environment on GitHub, change the publish.yml accordingly, and later remove the token from GitHub when everything works.