From f86a588205c92d4911eac8013fc0818fade1d299 Mon Sep 17 00:00:00 2001
From: Mattia Giuffrida <giuffrida.mattia@gmail.com>
Date: Sat, 20 Jan 2024 17:01:06 +0000
Subject: [PATCH] Use Rubygems Trusted Publishers to publish.

This doesn't need to store any token in GitHub.
For more details: https://guides.rubygems.org/trusted-publishing/
---
 .github/workflows/publish.yml | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml
index 324e25bf..dea02696 100644
--- a/.github/workflows/publish.yml
+++ b/.github/workflows/publish.yml
@@ -4,13 +4,15 @@ on:
   release:
     types: [published]
 
-permissions:
-  contents: read  # to checkout the code (actions/checkout)
 jobs:
   build:
     name: Publish to Rubygems
     runs-on: ubuntu-latest
 
+    permissions:
+      contents: write
+      id-token: write
+
     steps:
       - uses: actions/checkout@v4
 
@@ -20,6 +22,4 @@ jobs:
           ruby-version: 3
 
       - name: Publish to RubyGems
-        uses: dawidd6/action-publish-gem@v1
-        with:
-          api_key: ${{secrets.RUBYGEMS_AUTH_TOKEN}}
+        uses: rubygems/release-gem@v1