Open
Description
- Upgrade to Trusted Publishing: Trusted Publishers allows publishing packages to PyPI from automated environments like GitHub Actions without needing to use username/password combinations or API tokens to authenticate with PyPI. Read more: https://docs.pypi.org/trusted-publishers
- use different environments for TestPyPi and PyPi
- test the release directly
- update actions "Build pure Python wheel and tarball: The following actions use a deprecated Node.js version and will be forced to run on node20: actions/checkout@v3, conda-incubator/setup-miniconda@v2. For more info: https://github.blog/changelog/2024-03-07-github-actions-all-actions-will-run-on-node20-instead-of-node16-by-default/"
We can use https://github.com/MDAnalysis/pypi-deployment (see, for instance, https://github.com/Becksteinlab/numkit/blob/main/.github/workflows/deploy.yaml )