Fix PyPI publishing with trusted publishing

- Add id-token: write permission for OIDC authentication
- Remove API token authentication in favor of trusted publishing
- This should resolve the PyPI publishing failure

Author: roman-dvorak

.github/workflows/ci-cd.yml

@@ -51,6 +51,8 @@ jobs:
     needs: test
     runs-on: ubuntu-latest
     if: github.event_name == 'release' && github.event.action == 'published'
+    permissions:
+      id-token: write  # Required for trusted publishing to PyPI
 
     steps:
     - uses: actions/checkout@v4
@@ -72,6 +74,3 @@ jobs:
 
     - name: Publish to PyPI
       uses: pypa/gh-action-pypi-publish@release/v1
-      with:
-        user: __token__
-        password: ${{ secrets.PYPI_API_TOKEN }}