🔧 Fix PyPI publishing: Use Trusted Publishing instead of API tokens

- Updated GitHub Actions workflow to use PyPI Trusted Publishing
- Removed dependency on PYPI_API_TOKEN secret
- Added proper permissions and environment for trusted publishing
- This should resolve the PyPI publishing issue

Author: DeepPythonist

.github/workflows/publish.yml

@@ -34,6 +34,10 @@ jobs:
   publish:
     needs: test
     runs-on: ubuntu-latest
+    environment: pypi  # Add environment for trusted publishing
+    permissions:
+      id-token: write  # Required for trusted publishing
+      contents: read
     steps:
     - uses: actions/checkout@v4
 
@@ -45,28 +49,14 @@ jobs:
     - name: Install build dependencies
       run: |
         python -m pip install --upgrade pip
-        pip install build twine
+        pip install build
     
     - name: Build package
       run: |
         python -m build
     
-    - name: Check package
-      run: |
-        twine check dist/*
-    
-    - name: Publish to Test PyPI
-      if: github.event_name == 'push' && startsWith(github.ref, 'refs/tags/v')
-      env:
-        TWINE_USERNAME: __token__
-        TWINE_PASSWORD: ${{ secrets.TEST_PYPI_API_TOKEN }}
-      run: |
-        twine upload --repository testpypi dist/*
-    
-    - name: Publish to PyPI
+    - name: Publish to PyPI (Trusted Publishing)
       if: github.event_name == 'release' && github.event.action == 'published'
-      env:
-        TWINE_USERNAME: __token__
-        TWINE_PASSWORD: ${{ secrets.PYPI_API_TOKEN }}
-      run: |
-        twine upload dist/* 
+      uses: pypa/gh-action-pypi-publish@release/v1
+      with:
+        repository-url: https://upload.pypi.org/legacy/