Trusted Publisher: Identity Crisis

As a PyPI package maintainer, you're excited to adopt the new Trusted Publishing method to secure your package releases. However, as you start using this new method, strange things begin to happen. You start receiving emails that you didn't send, and your packages are being released with unauthorized changes. It's up to you to investigate the source of these issues and restore the integrity of your packages.