From ae1882861b6620bcbe8b6fc84b422557c34990a9 Mon Sep 17 00:00:00 2001
From: Robpol86 <robpol86@gmail.com>
Date: Sat, 6 Jul 2024 15:23:42 -0500
Subject: [PATCH] Avoiding legacy API token for pypi

As per documentation:
https://github.com/marketplace/actions/pypi-publish
---
 .github/workflows/pypi.yml | 12 +++++++-----
 1 file changed, 7 insertions(+), 5 deletions(-)

diff --git a/.github/workflows/pypi.yml b/.github/workflows/pypi.yml
index 570ebe4..bf04998 100644
--- a/.github/workflows/pypi.yml
+++ b/.github/workflows/pypi.yml
@@ -60,17 +60,17 @@ jobs:
   Publish:
     needs: [Build, Docs]
     runs-on: ubuntu-latest
+    environment:
+      name: pypi
+      url: https://pypi.org/p/sphinx-disqus
+    permissions:
+      id-token: write
     steps:
       - name: Download Build Artifact
         uses: actions/download-artifact@v4
         with:
           name: dist
           path: dist
-      - name: Publish to PyPI
-        uses: pypa/gh-action-pypi-publish@release/v1
-        with:
-          user: __token__
-          password: ${{ secrets.PYPI_API_TOKEN }}
       - name: Download Documentation Artifact
         uses: actions/download-artifact@v4
         with:
@@ -83,3 +83,5 @@ jobs:
           file_glob: true
           repo_token: ${{ secrets.GITHUB_TOKEN }}
           tag: ${{ github.ref }}
+      - name: Publish to PyPI
+        uses: pypa/gh-action-pypi-publish@release/v1