OpenTimelineIO · JeanChristopheMorinPerso · Jul 7, 2023 · Jul 7, 2023
diff --git a/.github/workflows/deploy_package.yaml b/.github/workflows/deploy_package.yaml
@@ -8,23 +8,27 @@ on:
 jobs:
   deploy:
     runs-on: ubuntu-latest
+    permissions:
+      id-token: write  # IMPORTANT: this permission is mandatory for trusted publishing
     steps:
-    - uses: actions/checkout@v2
+    - uses: actions/checkout@v3
     - name: Set up Python
-      uses: actions/setup-python@v2
+      uses: actions/setup-python@v4
       with:
         python-version: '3.x'
     - name: Install dependencies
       run: |
-        python -m pip install --upgrade pip build twine
-    - name: Build and publish
-      env:
-        TWINE_USERNAME: __token__
-        # You need to add a token to your repo's secrets
-        # Make sure you match the name of your secret to the token name below.
-        TWINE_PASSWORD: ${{ secrets.PYPI_TOKEN }}
+        python -m pip install build
+    - name: Build dist package
       run: |
         python -m build
+    - name: Upload Built Artifacts
+      uses: actions/upload-artifact@v3
+      with:
+        name: dist
+        path: |
+          ./dist/*.whl
+          ./dist/*.gz
+    - name: Publish package distributions to PyPI
+      uses: pypa/gh-action-pypi-publish@release/v1
 
-        # Make sure everything works on testpypi before releasing on pypi
-        twine upload --repository pypi dist/*