v7.4.0 #42

	# use PyPI trusted publishing, as described here:
	# https://blog.trailofbits.com/2023/05/23/trusted-publishing-a-new-benchmark-for-packaging-security/
	name: publish to pypi

	on:
	release:
	types: [published]

	permissions:
	contents: write

	jobs:
	pypi-publish:
	runs-on: ubuntu-latest
	environment:
	name: release
	permissions:
	id-token: write
	steps:
	- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
	- name: Set up Python
	uses: actions/setup-python@0a5c61591373683505ea898e09a3ea4f39ef2b9c # v5.0.0
	with:
	python-version: '3.8'
	- name: Install dependencies
	run: \|
	python -m pip install --upgrade pip
	pip install -r requirements.txt
	pip install -e .[build]
	- name: build package
	run: \|
	python -m build
	- name: upload package artifacts
	uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
	with:
	path: dist/*
	- name: publish package
	uses: pypa/gh-action-pypi-publish@f5622bde02b04381239da3573277701ceca8f6a0 # release/v1
	with:
	skip-existing: true
	verbose: true
	print-hash: true

Provide feedback