🔧 chore: refine publish workflow for PyPI

🔧 chore: refine publish workflow for PyPI

✨ Features:
- Updated the workflow to upload a Python package to PyPI when a release is created.
- Replaced manual build steps with 'python -m build' for ease of use.

🔧 Configuration:
- Reduced permissions from write to read for contents.
- Added environment configuration for PyPI publishing.

🧹 Cleanup:
- Removed obsolete steps related to version verification and changelog extraction.

Refined the publish workflow for streamlined PyPI uploads and improved configuration.

.github/workflows/publish.yml

@@ -1,73 +1,36 @@
-name: Publish
+# This workflow will upload a Python Package to PyPI when a release is created
+# For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-python#publishing-to-package-registries
+
+# This workflow uses actions that are not certified by GitHub.
+# They are provided by a third-party and are governed by
+# separate terms of service, privacy policy, and support
+# documentation.
+
+name: Upload Python Package
 
 on:
   release:
     types: [published]
 
 permissions:
-  contents: write
-  id-token: write  # Required for trusted publishing
+  contents: read
 
 jobs:
   release-build:
-    name: Build Release
     runs-on: ubuntu-latest
-    outputs:
-      version: ${{ steps.version.outputs.version }}
-      changelog: ${{ steps.changelog.outputs.changelog }}
+
     steps:
       - uses: actions/checkout@v4
+
+      - uses: actions/setup-python@v5
         with:
-          fetch-depth: 0  # Fetch all history for changelog generation
-
-      - name: Set up Python
-        uses: actions/setup-python@v5
-        with:
-          python-version: "3.11"
-
-      - name: Install Poetry
-        uses: snok/install-poetry@v1
-        with:
-          version: 1.7.1
-          virtualenvs-create: true
-          virtualenvs-in-project: true
-
-      - name: Verify version matches tag
-        id: version
-        run: |
-          VERSION=$(poetry version -s)
-          TAG=${GITHUB_REF#refs/tags/v}
-          if [ "$VERSION" != "$TAG" ]; then
-            echo "Version mismatch: $VERSION != $TAG"
-            exit 1
-          fi
-          echo "version=$VERSION" >> $GITHUB_OUTPUT
-          
-      - name: Build package
-        run: poetry build
-
-      - name: Check dist contents
-        run: |
-          ls -l dist/
-          if [ ! -f "dist/commitloom-"*".tar.gz" ] || [ ! -f "dist/commitloom-"*".whl" ]; then
-            echo "Missing distribution files"
-            exit 1
-          fi
-          
-      - name: Extract changelog entry
-        id: changelog
+          python-version: "3.x"
+
+      - name: Build release distributions
         run: |
-          VERSION=$(poetry version -s)
-          CHANGELOG_ENTRY=$(awk -v ver="$VERSION" '
-            BEGIN { found=0; entry="" }
-            $0 ~ "^## \\[" ver "\\]" { found=1; next }
-            found && /^## / { exit }
-            found { entry = entry $0 "\n" }
-            END { print entry }
-          ' CHANGELOG.md)
-          echo "changelog<<EOF" >> $GITHUB_OUTPUT
-          echo "$CHANGELOG_ENTRY" >> $GITHUB_OUTPUT
-          echo "EOF" >> $GITHUB_OUTPUT
+          # NOTE: put your own distribution build steps here.
+          python -m pip install build
+          python -m build
 
       - name: Upload distributions
         uses: actions/upload-artifact@v4
@@ -76,9 +39,23 @@ jobs:
           path: dist/
 
   pypi-publish:
-    name: Publish to PyPI
-    needs: [release-build]
     runs-on: ubuntu-latest
+    needs:
+      - release-build
+    permissions:
+      # IMPORTANT: this permission is mandatory for trusted publishing
+      id-token: write
+
+    # Dedicated environments with protections for publishing are strongly recommended.
+    # For more information, see: https://docs.github.com/en/actions/deployment/targeting-different-environments/using-environments-for-deployment#deployment-protection-rules
+    environment:
+      name: pypi
+      # OPTIONAL: uncomment and update to include your PyPI project URL in the deployment status:
+      # url: https://pypi.org/p/YOURPROJECT
+      #
+      # ALTERNATIVE: if your GitHub Release name is the PyPI project version string
+      # ALTERNATIVE: exactly, uncomment the following line instead:
+      # url: https://pypi.org/project/YOURPROJECT/${{ github.event.release.name }}
 
     steps:
       - name: Retrieve release distributions
@@ -87,26 +64,7 @@ jobs:
           name: release-dists
           path: dist/
 
-      - name: Publish to PyPI
+      - name: Publish release distributions to PyPI
         uses: pypa/gh-action-pypi-publish@release/v1
         with:
-          packages-dir: dist/
-
-      - name: Update GitHub Release
-        uses: softprops/action-gh-release@v1
-        with:
-          files: |
-            dist/*.whl
-            dist/*.tar.gz
-          body: |
-            ${{ needs.release-build.outputs.changelog }}
-            
-            ## Installation
-            ```bash
-            pip install commitloom==${{ needs.release-build.outputs.version }}
-            ```
-            
-            ## Documentation
-            For full documentation, visit: https://github.com/Arakiss/commitloom
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          packages-dir: dist/