From 362c2674b3c59b9f06e2b4865d34a22490f2527f Mon Sep 17 00:00:00 2001
From: Fergus Cooper <fcooper8472@gmail.com>
Date: Thu, 5 Mar 2026 18:03:26 +0000
Subject: [PATCH 1/2] Switch to modern build directive, and trusted publishing

---
 .github/workflows/upload-to-pypi.yml | 54 ++++++++++++++++++++++------
 1 file changed, 43 insertions(+), 11 deletions(-)

diff --git a/.github/workflows/upload-to-pypi.yml b/.github/workflows/upload-to-pypi.yml
index f55b0cd3f..4f772e849 100644
--- a/.github/workflows/upload-to-pypi.yml
+++ b/.github/workflows/upload-to-pypi.yml
@@ -1,21 +1,28 @@
-name: Upload to PyPi
+name: Build release distributions
 
 on:
+  push:
+    branches:
+      - main
+  pull_request:
+    branches:
+      - main
   release:
     types:
       - published
+  workflow_dispatch:
 
 jobs:
 
-  upload-to-pypi:
-    name: Upload to Pypi
+  build-dist:
+    name: Build distribution files
     runs-on: ubuntu-latest
 
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v6
 
       - name: Set up Python
-        uses: actions/setup-python@v5
+        uses: actions/setup-python@v6
         with:
           python-version: '3.14'
 
@@ -23,14 +30,39 @@ jobs:
         run: |
           python --version
           python -m pip install --upgrade pip setuptools wheel
-          python -m pip install --upgrade twine
+          python -m pip install --upgrade build
 
       - name: create release binaries
         run: |
-          python setup.py sdist bdist_wheel
+          python -m build
 
-      - name: publish to PyPI
-        uses: pypa/gh-action-pypi-publish@master
+      - uses: actions/upload-artifact@v7
         with:
-          user: __token__
-          password: ${{ secrets.PYPI_TOKEN }}
+          name: dist-files
+          path: ./dist/*
+
+
+  upload_to_pypi:
+    name: Upload to PyPI
+    needs: [build-dist]
+    runs-on: ubuntu-latest
+    permissions:
+      id-token: write  # this permission is mandatory for trusted publishing
+    # if: ${{ github.event_name == 'release' && github.event.action == 'published' }}
+
+    steps:
+      - name: Download wheels from cloud runners
+        uses: actions/download-artifact@v8
+        with:
+          name: dist-files
+          path: dist
+      
+      - name: check...
+        run: |
+          ls -la
+          cd dist
+          ls -la
+
+      # - uses: pypa/gh-action-pypi-publish@v1.13.0
+      #   with:
+      #     packages_dir: dist/

From cf4cb7ad34d73b46911e604e347f09b8f17faa38 Mon Sep 17 00:00:00 2001
From: Fergus Cooper <fcooper8472@gmail.com>
Date: Thu, 5 Mar 2026 18:09:50 +0000
Subject: [PATCH 2/2] Remove checks and add publish action back in

---
 .github/workflows/upload-to-pypi.yml | 14 ++++----------
 1 file changed, 4 insertions(+), 10 deletions(-)

diff --git a/.github/workflows/upload-to-pypi.yml b/.github/workflows/upload-to-pypi.yml
index 4f772e849..50cc16092 100644
--- a/.github/workflows/upload-to-pypi.yml
+++ b/.github/workflows/upload-to-pypi.yml
@@ -48,7 +48,7 @@ jobs:
     runs-on: ubuntu-latest
     permissions:
       id-token: write  # this permission is mandatory for trusted publishing
-    # if: ${{ github.event_name == 'release' && github.event.action == 'published' }}
+    if: ${{ github.event_name == 'release' && github.event.action == 'published' }}
 
     steps:
       - name: Download wheels from cloud runners
@@ -56,13 +56,7 @@ jobs:
         with:
           name: dist-files
           path: dist
-      
-      - name: check...
-        run: |
-          ls -la
-          cd dist
-          ls -la
 
-      # - uses: pypa/gh-action-pypi-publish@v1.13.0
-      #   with:
-      #     packages_dir: dist/
+      - uses: pypa/gh-action-pypi-publish@v1.13.0
+        with:
+          packages_dir: dist/