From c7930a87d1cb922800df85f7935587641b874d03 Mon Sep 17 00:00:00 2001
From: krassowski <5832902+krassowski@users.noreply.github.com>
Date: Fri, 2 May 2025 16:03:03 +0100
Subject: [PATCH 1/2] Use trusted publishing for package uploads

---
 .github/workflows/publish.yml | 32 ++++++++++++++++++++++++--------
 1 file changed, 24 insertions(+), 8 deletions(-)

diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml
index bd46cb7..0f5aeb8 100644
--- a/.github/workflows/publish.yml
+++ b/.github/workflows/publish.yml
@@ -5,23 +5,39 @@ on:
     types: [created]
 
 jobs:
-  deploy:
+  build:
     runs-on: ubuntu-latest
     steps:
     - uses: actions/checkout@v4
-    - name: Set up Python 3.8
+    - name: Set up Python 3.9
       uses: actions/setup-python@v5
       with:
-        python-version: 3.8
+        python-version: 3.9
     - name: Install build dependencies
       run: |
         python -m pip install --upgrade pip wheel build
     - name: Build package
       run: |
         python -m build
-    - name: Publish a Python distribution to PyPI
-      uses: pypa/gh-action-pypi-publish@v1.4.1
+    - name: Upload Artifact
+      uses: actions/upload-artifact@v4
       with:
-        user: __token__
-        password: ${{ secrets.PYPI_UPLOAD_API_TOKEN }}
-
+        name: docstring-to-markdown dist ${{ github.run_number }}
+        path: ./dist
+  pypi-publish:
+    name: Upload release to PyPI
+    runs-on: ubuntu-latest
+    needs: [build]
+    environment:
+      name: pypi
+      url: https://pypi.org/p/docstring-to-markdown
+    permissions:
+      id-token: write
+    steps:
+    - name: Download artifacts
+    - uses: actions/download-artifact@v4
+      with:
+        name: docstring-to-markdown dist ${{ github.run_number }}
+        path: ./dist
+    - name: Publish package distributions to PyPI
+      uses: pypa/gh-action-pypi-publish@release/v1

From f1d781b213c85d3b48ded92b0d5956940c081bac Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Micha=C5=82=20Krassowski?=
 <5832902+krassowski@users.noreply.github.com>
Date: Fri, 2 May 2025 16:06:28 +0100
Subject: [PATCH 2/2] Fix typo

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
---
 .github/workflows/publish.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml
index 0f5aeb8..9ad7f68 100644
--- a/.github/workflows/publish.yml
+++ b/.github/workflows/publish.yml
@@ -35,7 +35,7 @@ jobs:
       id-token: write
     steps:
     - name: Download artifacts
-    - uses: actions/download-artifact@v4
+      uses: actions/download-artifact@v4
       with:
         name: docstring-to-markdown dist ${{ github.run_number }}
         path: ./dist