From 61c1a73cb3b2a42d82a810574bc791bc72232693 Mon Sep 17 00:00:00 2001 From: JSv4 Date: Fri, 22 May 2026 21:13:49 -0500 Subject: [PATCH 1/2] Switch release workflow to PyPI Trusted Publishing (OIDC) Replace twine + PYPI_API_TOKEN with pypa/gh-action-pypi-publish and id-token OIDC exchange. Publish job runs in the `pypi` environment to match the trusted-publisher records configured for all three projects. --- .github/workflows/python-publish.yml | 16 ++++++---------- 1 file changed, 6 insertions(+), 10 deletions(-) diff --git a/.github/workflows/python-publish.yml b/.github/workflows/python-publish.yml index 9b425b5..ff781d7 100644 --- a/.github/workflows/python-publish.yml +++ b/.github/workflows/python-publish.yml @@ -64,19 +64,15 @@ jobs: publish: needs: [build-core, build-engine-wheels] runs-on: ubuntu-latest + environment: pypi + permissions: + id-token: write + contents: read steps: - uses: actions/download-artifact@v4 with: path: dist merge-multiple: true - - uses: actions/setup-python@v5 + - uses: pypa/gh-action-pypi-publish@release/v1 with: - python-version: '3.11' - - run: pip install twine - - name: Check distributions - run: twine check dist/* - - name: Publish to PyPI - env: - TWINE_USERNAME: __token__ - TWINE_PASSWORD: ${{ secrets.PYPI_API_TOKEN }} - run: twine upload dist/* + packages-dir: dist From 8ec50d02ca865c4cc9ed4b9e28e4bde0f7df6acc Mon Sep 17 00:00:00 2001 From: JSv4 Date: Fri, 22 May 2026 21:17:43 -0500 Subject: [PATCH 2/2] Bump version to 0.2.0 --- packages/core/src/python_redlines/__about__.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/core/src/python_redlines/__about__.py b/packages/core/src/python_redlines/__about__.py index dbcffe0..b59154b 100644 --- a/packages/core/src/python_redlines/__about__.py +++ b/packages/core/src/python_redlines/__about__.py @@ -1,4 +1,4 @@ # SPDX-FileCopyrightText: 2024-present U.N. Owen # # SPDX-License-Identifier: MIT -__version__ = "0.1.0" +__version__ = "0.2.0"