From 9af308158a2c169881cbbf88d7eb053602d99d77 Mon Sep 17 00:00:00 2001
From: Cursor <cursor@proxymesh.com>
Date: Tue, 10 Feb 2026 22:22:48 +0000
Subject: [PATCH] Remove API token secrets, use trusted publishing only

Co-authored-by: Cursor <cursoragent@cursor.com>
---
 .github/workflows/publish.yml | 5 -----
 1 file changed, 5 deletions(-)

diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml
index 1fa81f5..10b4e45 100644
--- a/.github/workflows/publish.yml
+++ b/.github/workflows/publish.yml
@@ -62,10 +62,6 @@ jobs:
       
       - name: Publish to PyPI
         uses: pypa/gh-action-pypi-publish@release/v1
-        with:
-          # Uses trusted publishing (OIDC) - no API token needed if configured
-          # Fallback to API token if trusted publishing not set up
-          password: ${{ secrets.PYPI_API_TOKEN }}
 
   publish-to-testpypi:
     name: Publish to TestPyPI
@@ -91,4 +87,3 @@ jobs:
         uses: pypa/gh-action-pypi-publish@release/v1
         with:
           repository-url: https://test.pypi.org/legacy/
-          password: ${{ secrets.TEST_PYPI_API_TOKEN }}