Skip to content

chore(release): use PyPI Trusted Publisher Management #16

Description

@jkowalleck

Goal

Move the project to PyPI Trusted Publishers so that publishing releases no longer requires long‑lived API tokens or any other stored secrets.

Motivation

Trusted Publishers allow GitHub Actions to authenticate using short‑lived, automatically issued identities. This removes the need for manually managed credentials and strengthens the project’s supply‑chain security.

Documentation

Acceptance Criteria

  • Repository is registered as a Trusted Publisher on PyPI
  • Publishing workflow uses OIDC-based authentication
  • All PyPI tokens or secrets are removed from repository settings
  • A release candidate is successfully published using the new setup

Metadata

Metadata

Assignees

Labels

No labels
No labels

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions