Fix release workflow to use Trusted Publishing

- Add id-token: write permission for OIDC authentication
- Add contents: write permission for releases and commits
- Remove explicit password parameter that was disabling Trusted Publishing

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

Author: timosachsenberg

.github/workflows/release-autowrap.yaml

@@ -13,6 +13,9 @@ on:
 jobs:
   build_publish:
     runs-on: ubuntu-latest
+    permissions:
+      id-token: write  # Required for Trusted Publishing (OIDC)
+      contents: write  # Required for creating releases and committing
     steps:
       - uses: actions/checkout@v4
 
@@ -55,7 +58,6 @@ jobs:
       - name: Publish package to PyPI
         uses: pypa/gh-action-pypi-publish@release/v1
         with:
-          password: ${{ secrets.PYPI_RELEASE_AUTOWRAP }}
           packages-dir: ${{ github.workspace }}/dist
 
       - name: Create github release