From 4d0190354da5502c19bf08b0b31a4b21d52c5340 Mon Sep 17 00:00:00 2001
From: ndilalla <niccolo.dilalla@stanford.edu>
Date: Mon, 13 May 2024 14:59:35 -0700
Subject: [PATCH] Switched upload to pypi to trusted publisher

---
 .github/workflows/deploy.yml | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml
index 81d4063a..6f1cc34f 100644
--- a/.github/workflows/deploy.yml
+++ b/.github/workflows/deploy.yml
@@ -19,6 +19,9 @@ jobs:
         name: Publish to PyPi
         if: github.event_name == 'push' && startsWith(github.event.ref, 'refs/tags')
         runs-on: ubuntu-latest
+        permissions:
+          # IMPORTANT: this permission is mandatory for trusted publishing
+          id-token: write
         steps:
             - name: Checkout source
               uses: actions/checkout@v4
@@ -31,10 +34,8 @@ jobs:
                   pip install wheel setuptools -U
                   python setup.py sdist
             - name: Publish
-              uses: pypa/gh-action-pypi-publish@v1.1.0
+              uses: pypa/gh-action-pypi-publish@release/v1
               with:
-                  user: __token__
-                  password: ${{ secrets.PYPI_TOKEN }}
                   skip-existing: true
 
     test-publish-pypi:
@@ -173,7 +174,7 @@ jobs:
         runs-on: ${{ matrix.os }}
         strategy:
             matrix:
-                os: [ubuntu-latest, macos-latest, macos-12]
+                os: [ubuntu-latest, macos-latest]
                 python-version: [3.9]
 
         steps: