README: replace OIDC with "trusted publishing"

woodruffw · woodruffw · commit 4372cb558524 · 2023-04-03T21:26:53.000+09:00
Also updates the link to reference the public documentation
for trusted publishing, rather than the PyPI short help
section (which also needs to be updated).

Signed-off-by: William Woodruff &lt;william@trailofbits.com&gt;
diff --git a/README.md b/README.md
@@ -65,33 +65,33 @@ settings page of your project on GitHub. See [Creating & using secrets].
 ### Publishing with OpenID Connect
 
 > **IMPORTANT**: This functionality is in beta, and will not work for you
-> unless you're a member of the PyPI OIDC beta testers' group. For more
-> information, see [warehouse#12965].
+> unless you're a member of the PyPI trusted publishing beta testers' group.
+> For more information, see [warehouse#12965].
 
-This action supports PyPI's [OpenID Connect publishing]
+This action supports PyPI's [trusted publishing]
 implementation, which allows authentication to PyPI without a manually
 configured API token or username/password combination. To perform
-[OIDC publishing][OpenID Connect Publishing] with this action, your project's
-OIDC publisher must already be configured on PyPI.
+[trusted publishing] with this action, your project's
+publisher must already be configured on PyPI.
 
-To enter the OIDC flow, configure this action's job with the `id-token: write`
-permission and **without** an explicit username or password:
+To enter the trusted publishing flow, configure this action's job with the
+`id-token: write` permission and **without** an explicit username or password:
 
 ```yaml
 jobs:
   pypi-publish:
     name: Upload release to PyPI
     runs-on: ubuntu-latest
     permissions:
-      id-token: write  # IMPORTANT: this permission is mandatory for OIDC publishing
+      id-token: write  # IMPORTANT: this permission is mandatory for trusted publishing
     steps:
     # retrieve your distributions here
 
     - name: Publish package distributions to PyPI
       uses: pypa/gh-action-pypi-publish@release/v1
 ```
 
-Other indices that support OIDC publishing can also be used, like TestPyPI:
+Other indices that support trusted publishing can also be used, like TestPyPI:
 
 ```yaml
 - name: Publish package distributions to TestPyPI
@@ -268,4 +268,4 @@ https://raw.githubusercontent.com/vshymanskyy/StandWithUkraine/main/banner-direc
 https://github.com/vshymanskyy/StandWithUkraine/blob/main/docs/README.md
 
 [warehouse#12965]: https://github.com/pypi/warehouse/issues/12965
-[OpenID Connect Publishing]: https://pypi.org/help/#openid-connect
+[trusted publishing]: https://docs.pypi.org/trusted-publishers/
