ci: Publish to pypi

[mfranczel]

Summary by CodeRabbit

• Chores
  • Build pipeline updated to target Python 3.10.
  • Release workflow permissions tightened for improved security.
  • Legacy publishing credentials removed from the release process.
  • Workflow configuration standardized for consistency.
  • Project homepage URL updated to the new repository location.
• Note
  • No user-facing changes.

[coderabbitai]

📝 Walkthrough

Walkthrough

• Standardizes string literals to double quotes in workflow env, matrix, and architecture fields
• Updates Python version matrix from ["3.8"] to ["3.10"]
• Adds permissions: id-token: write under jobs.build
• Quotes architecture value as "x64"
• Removes TWINE_USERNAME and TWINE_PASSWORD environment variables from the "Build and publish python-language-server" step
• Updates pyproject.toml project URL from https://github.com/python-lsp/python-lsp-server to https://github.com/deepnote/python-lsp-server

Sequence Diagram(s)

sequenceDiagram
  autonumber
  participant GH as GitHub Actions
  participant Repo as Repository
  participant Build as build job
  participant Registry as PyPI (publish)

  Note over GH,Repo: Push / PR triggers workflow
  Repo->>GH: push event
  GH->>Build: start jobs.build (with permissions: id-token: write)
  activate Build
  Build-->>GH: checkout, setup-python (matrix: "3.10")
  Build->>Build: run build & tests
  alt publish step present
    Note right of Build: publish step runs without TWINE_USERNAME/TWINE_PASSWORD env
    Build->>Registry: upload package (uses token via id-token/workflow mechanism)
    Registry-->>Build: publish response
  end
  deactivate Build
  GH-->>Repo: workflow complete

Loading

Pre-merge checks

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title Check	✅ Passed	The pull request’s main purpose is to update the CI workflow to enable publishing the package to PyPI, and the title “ci: Publish to pypi” directly reflects that intent with a clear and conventional prefix. It concisely captures the primary change without extraneous detail and lets reviewers immediately understand the focus on CI publishing. The title avoids generic phrasing and is sufficiently specific for a teammate scanning the history.
Docstring Coverage	✅ Passed	No functions found in the changes. Docstring coverage check skipped.

---

📜 Recent review details

Configuration used: CodeRabbit UI

Review profile: ASSERTIVE

Plan: Pro

Disabled knowledge base sources:

• Linear integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between fdc06d3 and 2e83b07.

📒 Files selected for processing (1)

• pyproject.toml (1 hunks)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (9)

• GitHub Check: Win Py3.10
• GitHub Check: Win Py3.9
• GitHub Check: Win Py3.8
• GitHub Check: Linux Py3.8
• GitHub Check: Linux Py3.10
• GitHub Check: Linux Py3.9
• GitHub Check: Mac Py3.9
• GitHub Check: Mac Py3.10
• GitHub Check: Mac Py3.8

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}