build(dependency): ⬆️ bump pypa/gh-action-pypi-publish from 1.8.8 to …

…1.8.10 (#395)

Bumps
[pypa/gh-action-pypi-publish](https://github.com/pypa/gh-action-pypi-publish)
from 1.8.8 to 1.8.10.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/pypa/gh-action-pypi-publish/releases">pypa/gh-action-pypi-publish's
releases</a>.</em></p>
<blockquote>
<h2>v1.8.10</h2>
<h2>:bug: What's Fixed</h2>
<p><a href="https://github.com/woodruffw"><code>@​woodruffw</code></a>
fixed decoding OIDC claims in debug output on failure by applying
correct padding to the encoded payload via <a
href="https://redirect.github.com/pypa/gh-action-pypi-publish/pull/177">pypa/gh-action-pypi-publish#177</a>.</p>
<p><strong>Full Diff</strong>: <a
href="https://github.com/pypa/gh-action-pypi-publish/compare/v1.8.9...v1.8.10">https://github.com/pypa/gh-action-pypi-publish/compare/v1.8.9...v1.8.10</a></p>
<h2>v1.8.9</h2>
<h2>:nail_care: Cosmetic output improvements</h2>
<ul>
<li><a href="https://github.com/woodruffw"><code>@​woodruffw</code></a>
added debug output to the trusted publishing OIDC exchange on failures
in <a
href="https://redirect.github.com/pypa/gh-action-pypi-publish/pull/174">pypa/gh-action-pypi-publish#174</a></li>
<li><a href="https://github.com/woodruffw"><code>@​woodruffw</code></a>
implemented Markdown semantic callouts in README via <a
href="https://redirect.github.com/pypa/gh-action-pypi-publish/pull/175">pypa/gh-action-pypi-publish#175</a></li>
</ul>
<h2>:hammer_and_wrench: Internal dependencies</h2>
<ul>
<li>Certifi was bumped from 2023.5.7 to 2023.7.22 @ <a
href="https://redirect.github.com/pypa/gh-action-pypi-publish/pull/171">pypa/gh-action-pypi-publish#171</a></li>
<li>Cryptography was bumped from 41.0.2 to 41.0.3 @ <a
href="https://redirect.github.com/pypa/gh-action-pypi-publish/pull/172">pypa/gh-action-pypi-publish#172</a></li>
</ul>
<p><strong>Full Diff</strong>: <a
href="https://github.com/pypa/gh-action-pypi-publish/compare/v1.8.8...v1.8.9">https://github.com/pypa/gh-action-pypi-publish/compare/v1.8.8...v1.8.9</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/pypa/gh-action-pypi-publish/commit/b7f401de30cb6434a1e19f805ff006643653240e"><code>b7f401d</code></a>
Merge PR <a
href="https://redirect.github.com/pypa/gh-action-pypi-publish/issues/177">#177</a>
into unstable/v1</li>
<li><a
href="https://github.com/pypa/gh-action-pypi-publish/commit/ba3ecc93555ab33f1172cebde7585a78eca00335"><code>ba3ecc9</code></a>
oidc-exchange: fix padding</li>
<li><a
href="https://github.com/pypa/gh-action-pypi-publish/commit/ade57f54dcc56d4858ca681c80269c26dc7b9149"><code>ade57f5</code></a>
Merge PRs <a
href="https://redirect.github.com/pypa/gh-action-pypi-publish/issues/174">#174</a>
<a
href="https://redirect.github.com/pypa/gh-action-pypi-publish/issues/175">#175</a>
and <a
href="https://redirect.github.com/pypa/gh-action-pypi-publish/issues/172">#172</a>
into unstable/v1</li>
<li><a
href="https://github.com/pypa/gh-action-pypi-publish/commit/637917e5f201407b3d6e3be9df6af349083d0a79"><code>637917e</code></a>
README: re-add &quot;pro tip&quot; language</li>
<li><a
href="https://github.com/pypa/gh-action-pypi-publish/commit/4864f13c38a29318fc09dca6b0258644d80b8e07"><code>4864f13</code></a>
README: use semantic callouts</li>
<li><a
href="https://github.com/pypa/gh-action-pypi-publish/commit/326f9ad1e131f526357a666f008015a0ee96fbcf"><code>326f9ad</code></a>
oidc-exchange: add-trailing-comma</li>
<li><a
href="https://github.com/pypa/gh-action-pypi-publish/commit/e5f0690e9195178c6f53954b1f9059b3d9b11116"><code>e5f0690</code></a>
oidc-exchange: ignore a nested function</li>
<li><a
href="https://github.com/pypa/gh-action-pypi-publish/commit/8bdd0cc2a0ec4a8773b96ddd5bdc4a2dd849cf81"><code>8bdd0cc</code></a>
oidc-exchange: lintage</li>
<li><a
href="https://github.com/pypa/gh-action-pypi-publish/commit/71a0032909f17bb44704d5fc46876cdaee124ca0"><code>71a0032</code></a>
oidc-exchange: render claims if exchange fails</li>
<li><a
href="https://github.com/pypa/gh-action-pypi-publish/commit/adef75a5a62cc4473182a78754a310e4a73d3511"><code>adef75a</code></a>
Bump cryptography from 41.0.2 to 41.0.3 in /requirements</li>
<li>Additional commits viewable in <a
href="https://github.com/pypa/gh-action-pypi-publish/compare/v1.8.8...v1.8.10">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pypa/gh-action-pypi-publish&package-manager=github_actions&previous-version=1.8.8&new-version=1.8.10)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Romain Brault <romain.brault@ssi.gouv.fr>

.github/workflows/release.yml

@@ -70,14 +70,14 @@ jobs:
 
       - name: Publish package on PyPI
         if: steps.check-version.outputs.tag
-        uses: pypa/gh-action-pypi-publish@v1.8.8
+        uses: pypa/gh-action-pypi-publish@v1.8.10
         with:
           user: __token__
           password: "${{ secrets.PYPI_TOKEN }}"
 
       - name: Publish package on TestPyPI
         if: "! steps.check-version.outputs.tag"
-        uses: pypa/gh-action-pypi-publish@v1.8.8
+        uses: pypa/gh-action-pypi-publish@v1.8.10
         with:
           user: __token__
           password: "${{ secrets.TEST_PYPI_TOKEN }}"

template/{% if git_platform == 'github' %}.github{% endif %}/workflows/release.yml

@@ -68,14 +68,14 @@ jobs:
 
       - name: Publish package on PyPI
         if: steps.check-version.outputs.tag
-        uses: pypa/gh-action-pypi-publish@v1.8.5
+        uses: pypa/gh-action-pypi-publish@v1.8.10
         with:
           user: __token__
           password: "${{'{{'}} secrets.PYPI_TOKEN {{'}}'}}"
 
       - name: Publish package on TestPyPI
         if: "! steps.check-version.outputs.tag"
-        uses: pypa/gh-action-pypi-publish@v1.8.5
+        uses: pypa/gh-action-pypi-publish@v1.8.10
         with:
           user: __token__
           password: "${{'{{'}} secrets.TEST_PYPI_TOKEN {{'}}'}}"