v0.0.16 #16

	on:
	release:
	types:
	- published

	name: release

	permissions: {} # All jobs define their needed permissions below.

	jobs:
	build:
	name: Build distributions
	runs-on: ubuntu-latest

	steps:
	- uses: actions/checkout@v4

	- uses: actions/setup-python@v5
	with:
	python-version-file: pyproject.toml

	- name: Install pypa/build
	run: python -m pip install -U build

	- name: Build distributions
	run: python -m build

	- name: Store distributions
	uses: actions/upload-artifact@v4
	with:
	name: python-package-distributions
	path: dist/

	sign-release:
	name: Sign and attach signatures to GitHub release
	needs:
	- build
	runs-on: ubuntu-latest
	permissions:
	id-token: write # Used to sign the release artifacts.
	contents: write # Used to attach signing artifacts to the release.

	steps:
	- name: Download distributions
	uses: actions/download-artifact@v4
	with:
	name: python-package-distributions
	path: dist/

	- name: sign
	uses: sigstore/gh-action-sigstore-python@v3.0.0
	with:
	inputs: ./dist/.tar.gz ./dist/.whl
	release-signing-artifacts: true

	publish:
	name: upload distributions to PyPI
	needs:
	- build
	runs-on: ubuntu-latest
	permissions:
	id-token: write # Used to authenticate to PyPI via OIDC.

	steps:
	- name: Download distributions
	uses: actions/download-artifact@v4
	with:
	name: python-package-distributions
	path: dist/

	- name: publish
	uses: pypa/gh-action-pypi-publish@release/v1

Provide feedback