From 7a7432877964f07ddddda3e51015c3dfb9458095 Mon Sep 17 00:00:00 2001
From: Kartik Singhal <kartik.singhal@quantinuum.com>
Date: Fri, 20 Oct 2023 11:00:57 -0500
Subject: [PATCH] ci: Switch to trusted publishing for PyPI

---
 .github/workflows/python-publish.yml | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/python-publish.yml b/.github/workflows/python-publish.yml
index 8f2f6c3..9cdb788 100644
--- a/.github/workflows/python-publish.yml
+++ b/.github/workflows/python-publish.yml
@@ -15,6 +15,9 @@ jobs:
   deploy:
 
     runs-on: ubuntu-latest
+    permissions:
+      # IMPORTANT: this permission is mandatory for trusted publishing
+      id-token: write
 
     steps:
     - uses: actions/checkout@v4
@@ -30,6 +33,3 @@ jobs:
       run: python -m build
     - name: Publish package
       uses: pypa/gh-action-pypi-publish@release/v1
-      with:
-        user: __token__
-        password: ${{ secrets.PYPI_API_TOKEN }}