From 3f0a6bfd2f200e88bae3d545065417e670b645a9 Mon Sep 17 00:00:00 2001
From: "phnx47[bot]" <78849906+phnx47-bot@users.noreply.github.com>
Date: Sun, 23 Nov 2025 15:52:57 +0000
Subject: [PATCH] Use Trusted Publishing on nuget.org

---
 .github/workflows/ci.yml | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 07d4c95..66aaadb 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -7,6 +7,11 @@ on:
     tags:
       - "v*"
 
+permissions:
+  id-token: write
+  contents: write
+  packages: write
+
 jobs:
   build:
     name: CI Build
@@ -88,8 +93,13 @@ jobs:
         uses: actions/download-artifact@v6
         with:
           name: packages
+      - name: NuGet Login
+        uses: NuGet/login@v1
+        id: login
+        with:
+          user: phnx47
       - name: Push to nuget.org
         run: |
           dotnet nuget push "*.nupkg" \
-            -k ${{ secrets.NUGET_DEPLOY_KEY }} \
+            -k ${{ steps.login.outputs.NUGET_API_KEY }} \
             -s https://api.nuget.org/v3/index.json