From 96c4a3645e54a262d7decb94431d99dcd34ca3a5 Mon Sep 17 00:00:00 2001
From: Dane Hillard <github@danehillard.com>
Date: Mon, 24 Apr 2023 11:41:20 -0400
Subject: [PATCH 1/3] Enable trusted publishing

https://docs.pypi.org/trusted-publishers/adding-a-publisher/
https://docs.pypi.org/trusted-publishers/using-a-publisher/
---
 .github/workflows/main.yml | 6 ++----
 setup.cfg                  | 2 +-
 2 files changed, 3 insertions(+), 5 deletions(-)

diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
index 8053cf9..fc55abd 100644
--- a/.github/workflows/main.yml
+++ b/.github/workflows/main.yml
@@ -89,6 +89,8 @@ jobs:
     needs: [lint, test, typecheck, docs]
     if: startsWith(github.ref, 'refs/tags')
     runs-on: ubuntu-latest
+    permissions:
+      id-token: write
     steps:
       - uses: actions/checkout@v3
 
@@ -105,14 +107,10 @@ jobs:
 
       - name: Publish distribution to Test PyPI
         uses: pypa/gh-action-pypi-publish@release/v1
-        with:
-          password: ${{ secrets.TEST_PYPI_API_TOKEN }}
           repository_url: https://test.pypi.org/legacy/
 
       - name: Publish distribution to PyPI
         uses: pypa/gh-action-pypi-publish@release/v1
-        with:
-          password: ${{ secrets.PYPI_API_TOKEN }}
 
       - name: Publish distribution to GitHub release
         uses: softprops/action-gh-release@v1
diff --git a/setup.cfg b/setup.cfg
index 2d7482a..180877c 100644
--- a/setup.cfg
+++ b/setup.cfg
@@ -1,6 +1,6 @@
 [metadata]
 name = apiron
-version = 7.1.0
+version = 7.1.0-post.1
 description = apiron helps you cook a tasty client for RESTful APIs. Just don't wash it with SOAP.
 author = Ithaka Harbors, Inc.
 author_email = opensource@ithaka.org

From ca930f287a55d0d211ee1b63acc3c91266e0e755 Mon Sep 17 00:00:00 2001
From: Dane Hillard <github@danehillard.com>
Date: Mon, 24 Apr 2023 11:43:09 -0400
Subject: [PATCH 2/3] Update CHANGELOG

---
 CHANGELOG.md | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 475799a..3db9363 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -4,6 +4,10 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## [7.1.0-post.1] - 2023-04-24
+### Changed
+- Use PyPI trusted publishing instead of manual token authentication
+
 ## [7.1.0] - 2023-04-19
 ### Added
 - You can now configure `retry_spec` and `timeout_spec` at the endpoint level. Calls to endpoints may override the endpoint-level configuration when necessary.

From 306c6e5778674f238973951979cba34482e86368 Mon Sep 17 00:00:00 2001
From: Dane Hillard <github@danehillard.com>
Date: Mon, 24 Apr 2023 11:48:06 -0400
Subject: [PATCH 3/3] Re-add deleted key

---
 .github/workflows/main.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
index fc55abd..67790c8 100644
--- a/.github/workflows/main.yml
+++ b/.github/workflows/main.yml
@@ -107,6 +107,7 @@ jobs:
 
       - name: Publish distribution to Test PyPI
         uses: pypa/gh-action-pypi-publish@release/v1
+        with:
           repository_url: https://test.pypi.org/legacy/
 
       - name: Publish distribution to PyPI