From f8c0db7502f708d4b385d358961464a3bad39a31 Mon Sep 17 00:00:00 2001
From: Kevin Klein <7267523+kklein@users.noreply.github.com>
Date: Mon, 8 Jul 2024 18:01:08 +0200
Subject: [PATCH] Specify OIDC permissions and GitHub environment. (#56)

---
 .github/workflows/package.yml | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/.github/workflows/package.yml b/.github/workflows/package.yml
index ce17abb7..2fcfa4dd 100644
--- a/.github/workflows/package.yml
+++ b/.github/workflows/package.yml
@@ -30,6 +30,10 @@ jobs:
     name: Upload to PyPI
     needs: [build]
     runs-on: ubuntu-latest
+    permissions:
+      id-token: write
+      contents: write
+    environment: pypi
     if: github.event_name == 'release' && github.event.action == 'published'
     steps:
       - uses: actions/download-artifact@v4