We currently deploy using PYPI_TOKEN. A more secure alternative is the use of Trusted Publishers, which would also enable using pypa/gh-action-pypi-publish@release.
This however entails identifying an alternative to checking if PYPI_TOKEN is defined as a way to activate continuous deployment, as was introduced in #147.
We currently deploy using
PYPI_TOKEN. A more secure alternative is the use of Trusted Publishers, which would also enable usingpypa/gh-action-pypi-publish@release.This however entails identifying an alternative to checking if
PYPI_TOKENis defined as a way to activate continuous deployment, as was introduced in #147.