From 10ecbb6152832953510ad8193dfb870b76c4e265 Mon Sep 17 00:00:00 2001
From: messense <messense@icloud.com>
Date: Tue, 9 May 2023 23:55:41 +0800
Subject: [PATCH] Publish maturin itself using trusted publisher

---
 .github/workflows/release.yml | 9 ++++-----
 1 file changed, 4 insertions(+), 5 deletions(-)

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 032ccf9e0..da311d67e 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -240,7 +240,8 @@ jobs:
 
   release-pypi:
     permissions:
-      # Used to sign the release's artifacts with sigstore-python.
+      # Used to sign the release's artifacts with sigstore-python
+      # and upload to PyPI using trusted publisher.
       id-token: write
       # Used to upload release artifacts.
       contents: write
@@ -257,13 +258,11 @@ jobs:
           name: wheels
       - uses: actions/setup-python@v4
         with:
-          python-version: 3.9
+          python-version: '3.10'
       - name: Publish
-        env:
-          MATURIN_PASSWORD: ${{ secrets.MATURIN_PASSWORD }}
         run: |
           pip install maturin
-          maturin upload -u __token__ --skip-existing *
+          maturin upload --skip-existing *
       - name: Set environment url
         id: set_url
         run: |