Skip to content

Commit 5c66f46

Browse files
authored
Limit token scope in example (#156)
fixes #151
1 parent ce3665e commit 5c66f46

File tree

1 file changed

+15
-4
lines changed

1 file changed

+15
-4
lines changed

README.md

Lines changed: 15 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -76,18 +76,29 @@ To also upload to PyPI:
7676
7777
```yaml
7878
jobs:
79-
check-publish-package:
80-
name: Build, inspect, and upload our package to PyPI.
79+
build-package:
80+
name: Build and inspect package.
8181
runs-on: ubuntu-latest
8282

8383
steps:
8484
- uses: actions/checkout@v4
8585
- uses: hynek/build-and-inspect-python-package@v2
86-
id: build
86+
87+
88+
upload-to-pypi:
89+
name: Upload prebuilt package to PyPI
90+
needs: build-package
91+
runs-on: ubuntu-latest
92+
permissions:
93+
# IMPORTANT: this permission is mandatory for trusted publishing, but
94+
# should NOT be granted anywhere else!
95+
id-token: write
96+
97+
steps:
8798
- name: Download built artifact to dist/
8899
uses: actions/download-artifact@v4
89100
with:
90-
name: ${{ steps.build.outputs.artifact-name }}
101+
name: Packages
91102
path: dist
92103
- uses: pypa/gh-action-pypi-publish@release/v1
93104
```

0 commit comments

Comments
 (0)