configure PyPI 2FA for account and github integration

[michamos]

PyPI are mandating 2FA by the end of the year: https://blog.pypi.org/posts/2023-05-25-securing-pypi-with-2fa/. We need to make sure we enable it correctly and trust github to publish packages on our behalf (for the CI): https://docs.pypi.org/trusted-publishers/

[michamos]

This seems to work without any intervention, so closing it.