PyPI Secure Publish

Take on the role of a PyPI package maintainer navigating the new 'trusted publishing' system. Use the OpenID Connect Identity Provider (IdP) to exchange short-lived identity tokens between a trusted third-party service and PyPI to publish your package. However, you must navigate through various security challenges and find the correct IdP to trust in order to ensure your package is securely published.