name: Publish to PyPI on: release: types: [published] jobs: build-release: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - name: Set up Python uses: actions/setup-python@v5 with: python-version: '3.x' - name: Build distributions run: | python -m pip install --upgrade pip python -m pip install build python -m build - name: Upload distributions uses: actions/upload-artifact@v4 with: name: slither-dists path: dist/ publish: runs-on: ubuntu-latest environment: release permissions: id-token: write # For trusted publishing + codesigning. contents: write # For attaching signing artifacts to the release. needs: - build-release steps: - name: fetch dists uses: actions/download-artifact@v4 with: name: slither-dists path: dist/ - name: publish uses: pypa/gh-action-pypi-publish@v1.12.2 - name: sign uses: sigstore/gh-action-sigstore-python@v3.0.0 with: inputs: ./dist/*.tar.gz ./dist/*.whl release-signing-artifacts: true