You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The workflow uploads with TWINE_USERNAME: __token__ and TWINE_PASSWORD: "pypi-${{ secrets.PYPI_API_TOKEN }}", which requires a long-lived secret; using PyPI Trusted Publishing (OIDC) would avoid secret injection and reduce exposure/rotation burden.
The workflow uploads with
TWINE_USERNAME: __token__andTWINE_PASSWORD: "pypi-${{ secrets.PYPI_API_TOKEN }}", which requires a long-lived secret; using PyPI Trusted Publishing (OIDC) would avoid secret injection and reduce exposure/rotation burden.