ci: fix PyPI publishing workflow to use token authentication

Author: j341nono

.github/workflows/publish.yml

@@ -1,8 +1,6 @@
-name: Publish
+name: Publish to PyPI
 
 on:
-  release:
-    types: [created]
   push:
     tags:
       - "v*"
@@ -11,16 +9,25 @@ jobs:
   pypi-publish:
     name: Upload release to PyPI
     runs-on: ubuntu-latest
-    environment:
-      name: pypi
-      url: https://pypi.org/p/llmembed
     permissions:
-      id-token: write
+      contents: read
+
     steps:
-    - uses: actions/checkout@v4
+    - name: Checkout code
+      uses: actions/checkout@v4
+
     - name: Install uv
-      uses: astral-sh/setup-uv@v3
+      uses: astral-sh/setup-uv@v5
+      with:
+        version: "latest"
+
+    - name: Set up Python
+      uses: actions/setup-python@v5
+      with:
+        python-version: "3.12"
+
     - name: Build package
       run: uv build
-    - name: Publish package distributions to PyPI
-      uses: pypa/gh-action-pypi-publish@release/v1
+
+    - name: Publish package
+      run: uv publish --token ${{ secrets.PYPI_TOKEN }}