on: release: types: - published name: release jobs: pypi-publish: name: Upload release to PyPI runs-on: ubuntu-latest environment: name: pypi url: https://pypi.org/p/PyVulnerabilityLookup permissions: id-token: write # IMPORTANT: this permission is mandatory for trusted publishing steps: - uses: actions/checkout@v4 with: fetch-depth: 0 - name: Install Poetry run: python -m pip install --upgrade pip poetry - name: Build artifacts run: poetry build - name: Publish package distributions to PyPI uses: pypa/gh-action-pypi-publish@release/v1