From 2a57e9d342fd1c28ed1fba32d8f0dfb199c4fa02 Mon Sep 17 00:00:00 2001
From: Cuong Duong <cuong.duong242@gmail.com>
Date: Thu, 3 Oct 2024 09:54:25 +1000
Subject: [PATCH] wheel.yml uses Trusted Publisher pattern

---
 .github/workflows/wheel.yml | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/wheel.yml b/.github/workflows/wheel.yml
index 469b5dcbe..981b7ec3b 100644
--- a/.github/workflows/wheel.yml
+++ b/.github/workflows/wheel.yml
@@ -93,6 +93,9 @@ jobs:
     needs: [make-wheels, make-sdist]
     runs-on: ubuntu-latest
     if: github.event_name == 'release' && github.event.action == 'published'
+    environment: release
+    permissions:
+      id-token: write
     steps:
     - name: Download all artifacts
       uses: actions/download-artifact@v4
@@ -106,6 +109,3 @@ jobs:
 
     - name: Upload
       uses: pypa/gh-action-pypi-publish@v1.10.2
-      with:
-        user: ${{ secrets.PYPI_USERNAME }}
-        password: ${{ secrets.PYPI_PASSWORD }}