From a0ab0b3a764209badb486234a859088e49654849 Mon Sep 17 00:00:00 2001
From: Stefano Pigozzi <me@steffo.eu>
Date: Sun, 19 Nov 2023 04:42:20 +0100
Subject: [PATCH] Configure Trusted Publishing explicitly

---
 .github/workflows/release.yml | 15 ++++++++++++++-
 1 file changed, 14 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 94d4024..da47789 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -19,10 +19,23 @@ jobs:
       - test
       - build
 
+  # Must be explicit due to how Trusted Publishing works on PyPI!
   pypi:
-    uses: Steffo99/.github/.github/workflows/release-poetry-pypi.yml@main
+    name: "Publish release on PyPI"
+    runs-on: ubuntu-latest
+
     permissions:
       id-token: write
+
     needs:
       - test
       - build
+    steps:
+      - name: "Download built packages from artifacts"
+        uses: actions/download-artifact@v3
+        with:
+          name: "Build"
+          path: dist/
+
+      - name: "Upload package"
+        uses: pypa/gh-action-pypi-publish@release/v1