From ca92595afafc573108bc82ae44d252db57208171 Mon Sep 17 00:00:00 2001
From: Cody <cody@dkdc.dev>
Date: Fri, 3 Apr 2026 20:18:14 -0400
Subject: [PATCH] fix(ci): add local PyPI publish step

PyPI doesn't support reusable workflows for trusted publishing.
Build stays in org workflow, publish must be local.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---
 .github/workflows/release-python.yml | 17 ++++++++++++++++-
 1 file changed, 16 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/release-python.yml b/.github/workflows/release-python.yml
index 88b6f8c..7c19c0d 100644
--- a/.github/workflows/release-python.yml
+++ b/.github/workflows/release-python.yml
@@ -13,8 +13,23 @@ permissions:
   contents: read
 
 jobs:
-  release:
+  build:
     uses: dkdc-io/.github/.github/workflows/release-python.yml@v1
     permissions:
       contents: read
+
+  publish:
+    name: Publish to PyPI
+    needs: build
+    runs-on: ubuntu-latest
+    environment: pypi
+    permissions:
       id-token: write
+    steps:
+      - uses: actions/download-artifact@v4
+        with:
+          path: dist
+          merge-multiple: true
+      - uses: pypa/gh-action-pypi-publish@release/v1
+        with:
+          packages-dir: dist/