https://blog.pypi.org/posts/2023-04-20-introducing-trusted-publishers/

I think we can make use of this. It's not important, but it should also be fairly easy to set up.

It's easy to setup, but only pypi project admins can set up the pypi side of the config

Oh, do project maintainers not have that access? (...is there another level of access for a PyPI project higher than maintainer? I didn't even realize) Though @redtoad should have the highest access level available, I would think, since he's the originator of the project.

If this does require something like making a support request with the PyPI admin team then sure, maybe it's not worth the trouble 🤷 For now I just wanted to make a note of it so I don't forget.

no support request needed, just permissions needed